www.wrtv.com Open in urlscan Pro
18.66.112.109 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://wrtv.com/
Effective URL:
https://www.wrtv.com/
Submission Tags: tranco_l324
Submission: On November 05 via api (November 5th 2021, 3:10:50 am UTC) from DE — Scanned from DE

Summary HTTP 367 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 92 IPs in 9 countries across 85 domains to perform 367 HTTP transactions. The main IP is 18.66.112.109, located in United States and belongs to AMAZON-02, US. The main domain is www.wrtv.com.
TLS certificate: Issued by Amazon on February 5th 2021. Valid for: a year.

This is the only time www.wrtv.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	52.222.214.97 52.222.214.97	16509 (AMAZON-02) (AMAZON-02)
6	18.66.112.109 18.66.112.109	16509 (AMAZON-02) (AMAZON-02)
19	18.66.112.23 18.66.112.23	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6810:9540	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba0a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2606:4700:303... 2606:4700:3031::ac43:d645	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	18.66.122.56 18.66.122.56	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
11	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
5	52.222.210.175 52.222.210.175	16509 (AMAZON-02) (AMAZON-02)
2	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
2 9	23.37.42.132 23.37.42.132	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2ae::19fd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	18.66.100.58 18.66.100.58	16509 (AMAZON-02) (AMAZON-02)
1 3	142.250.186.134 142.250.186.134	15169 (GOOGLE) (GOOGLE)
2	13.32.121.32 13.32.121.32	16509 (AMAZON-02) (AMAZON-02)
1 3	13.32.121.21 13.32.121.21	16509 (AMAZON-02) (AMAZON-02)
3 6	91.228.74.134 91.228.74.134	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
2	209.197.3.16 209.197.3.16	20446 (HIGHWINDS3) (HIGHWINDS3)
1 2	66.155.71.25 66.155.71.25	13768 (COGECO-PEER1) (COGECO-PEER1)
1	35.227.203.93 35.227.203.93	15169 (GOOGLE) (GOOGLE)
1	54.144.144.142 54.144.144.142	14618 (AMAZON-AES) (AMAZON-AES)
1	3.10.67.38 3.10.67.38	16509 (AMAZON-02) (AMAZON-02)
1	34.96.74.203 34.96.74.203	15169 (GOOGLE) (GOOGLE)
1	2600:9000:236... 2600:9000:236e:d400:10:618e:d880:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
7	142.250.102.156 142.250.102.156	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:224... 2600:9000:224a:5c00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 14	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
3	35.157.246.167 35.157.246.167	16509 (AMAZON-02) (AMAZON-02)
2	2602:803:c003... 2602:803:c003:200::21	26667 (RUBICONPR...) (RUBICONPROJECT)
3	34.149.20.76 34.149.20.76	15169 (GOOGLE) (GOOGLE)
2 15	134.209.131.220 134.209.131.220	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
4 11	185.33.221.89 185.33.221.89	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2a02:fa8:8806... 2a02:fa8:8806:12::1460	41041 (VCLK-EU-SE) (VCLK-EU-SE)
5	54.77.19.59 54.77.19.59	16509 (AMAZON-02) (AMAZON-02)
2	18.184.229.226 18.184.229.226	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
25	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:402... 2a00:1450:4025:402::84	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:402... 2a00:1450:4025:402::9b	15169 (GOOGLE) (GOOGLE)
4	18.159.21.129 18.159.21.129	16509 (AMAZON-02) (AMAZON-02)
1 2	52.51.10.244 52.51.10.244	16509 (AMAZON-02) (AMAZON-02)
15 36	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
4 6	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
30	2a00:1450:400... 2a00:1450:4001:810::2006	15169 (GOOGLE) (GOOGLE)
2	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2.18.233.67 2.18.233.67	16625 (AKAMAI-AS) (AKAMAI-AS)
4	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
2 2	3.127.92.82 3.127.92.82	16509 (AMAZON-02) (AMAZON-02)
7 7	185.29.134.248 185.29.134.248	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	34.96.105.8 34.96.105.8	15169 (GOOGLE) (GOOGLE)
2 6	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	2600:9000:223... 2600:9000:223f:b000:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
7 7	213.19.147.44 213.19.147.44	26120 (RHYTHMONE) (RHYTHMONE)
3	2600:9000:223... 2600:9000:223f:f800:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	148.251.84.39 148.251.84.39	24940 (HETZNER-AS) (HETZNER-AS)
1	88.198.52.202 88.198.52.202	24940 (HETZNER-AS) (HETZNER-AS)
6	178.63.107.139 178.63.107.139	24940 (HETZNER-AS) (HETZNER-AS)
5	52.44.124.140 52.44.124.140	14618 (AMAZON-AES) (AMAZON-AES)
3 3	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
4 5	2a05:d018:d29... 2a05:d018:d29:3605:92f1:d82:bf31:b250	16509 (AMAZON-02) (AMAZON-02)
2 3	198.47.127.19 198.47.127.19	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4 10	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
2 2	134.209.129.254 134.209.129.254	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	205.185.216.42 205.185.216.42	20446 (HIGHWINDS3) (HIGHWINDS3)
4 14	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
4	151.101.129.108 151.101.129.108	54113 (FASTLY) (FASTLY)
1	67.202.105.22 67.202.105.22	32748 (STEADFAST) (STEADFAST)
2 2	54.76.172.32 54.76.172.32	16509 (AMAZON-02) (AMAZON-02)
5 6	37.157.2.237 37.157.2.237	198622 (ADFORM) (ADFORM)
2	2620:119:50e1... 2620:119:50e1:101::6cae:b25	() ()
3 5	18.157.198.157 18.157.198.157	16509 (AMAZON-02) (AMAZON-02)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 4	209.54.176.128 209.54.176.128	16509 (AMAZON-02) (AMAZON-02)
2 2	64.74.236.63 64.74.236.63	() ()
3 3	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
3 3	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
3	2.18.233.180 2.18.233.180	() ()
2 2	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
4 4	54.93.133.131 54.93.133.131	16509 (AMAZON-02) (AMAZON-02)
3 3	3.126.56.137 3.126.56.137	() ()
4 4	63.251.14.14 63.251.14.14	() ()
2	178.162.133.149 178.162.133.149	() ()
2	104.18.102.194 104.18.102.194	() ()
1 3	185.33.223.38 185.33.223.38	() ()
1	69.173.151.100 69.173.151.100	() ()
2 2	213.155.156.184 213.155.156.184	() ()
17	185.64.190.80 185.64.190.80	() ()
1	178.250.2.151 178.250.2.151	() ()
1 1	85.114.159.118 85.114.159.118	() ()
3 3	52.215.67.80 52.215.67.80	() ()
1	185.86.137.133 185.86.137.133	() ()
1 1	162.55.6.212 162.55.6.212	() ()
1	2606:4700:20:... 2606:4700:20::681a:ad1	() ()
1	72.251.241.206 72.251.241.206	() ()
1	38.91.45.7 38.91.45.7	() ()
1 1	2a04:4e42:600... 2a04:4e42:600::300	() ()
1	151.101.65.44 151.101.65.44	() ()
1 2	2606:4700::68... 2606:4700::6812:c05	() ()
2	198.47.127.20 198.47.127.20	() ()
3 3	146.59.148.16 146.59.148.16	() ()
2 2	34.249.68.36 34.249.68.36	() ()
1 2	2606:4700:10:... 2606:4700:10::ac43:db6	() ()
1	169.50.137.182 169.50.137.182	() ()
2 2	18.198.220.83 18.198.220.83	() ()
1	2a02:fa8:8806... 2a02:fa8:8806:12::1400	() ()
1 1	178.62.202.251 178.62.202.251	() ()
1 1	34.98.107.212 34.98.107.212	() ()
367	92

2 52.222.214.97 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-97.fra56.r.cloudfront.net

wrtv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.66.112.109 (United States)

ASN16509 (AMAZON-02, US)

www.wrtv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 18.66.112.23 (United States)

ASN16509 (AMAZON-02, US)

ewscripps.brightspotcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:6c00::210:ba0a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3031::ac43:d645 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.122.56 (United States)

ASN16509 (AMAZON-02, US)

assets.scrippsdigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

sejs.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.222.210.175 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-210-175.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

hbx.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hblg.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 23.37.42.132 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com

ads.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2ae::19fd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.100.58 (United States)

ASN16509 (AMAZON-02, US)

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.134 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f6.1e100.net

4394967.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.121.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-32.fra60.r.cloudfront.net

api.ewscloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.121.21 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-21.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 91.228.74.134 (United Kingdom) 3 redirects

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.197.3.16 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: vip0x010.map2.ssl.hwcdn.net

cdn5.userzoom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.155.71.25 (Portsmouth, United Kingdom) 1 redirects

ASN13768 (COGECO-PEER1, CA)

pixel.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.203.93 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 93.203.227.35.bc.googleusercontent.com

pymx5.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.144.144.142 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-144-144-142.compute-1.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.10.67.38 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-10-67-38.eu-west-2.compute.amazonaws.com

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.74.203 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 203.74.96.34.bc.googleusercontent.com

api.pymx5.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:236e:d400:10:618e:d880:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.ewscloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.102.156 (United States)

ASN15169 (GOOGLE, US)
PTR: rb-in-f156.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:224a:5c00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 35.244.159.8 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

ewscripps-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.157.246.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2602:803:c003:200::21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com

ssc.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 134.209.131.220 (North Bergen, United States) 2 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

e.serverbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 185.33.221.89 (Amsterdam, Netherlands) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:fa8:8806:12::1460 (Singapore)

ASN41041 (VCLK-EU-SE, US)

web.hb.ad.cpe.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.77.19.59 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-19-59.eu-west-1.compute.amazonaws.com

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.184.229.226 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-229-226.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4025:402::84 (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4025:402::9b (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.159.21.129 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-21-129.eu-central-1.compute.amazonaws.com

prebid-a.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.51.10.244 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-10-244.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 142.250.184.194 (United States) 15 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2.18.234.21 (Frankfurt am Main, Germany) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a00:1450:4001:810::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.67 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-67.deploy.static.akamaitechnologies.com

s79.mxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.127.92.82 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-92-82.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.29.134.248 (United Kingdom) 7 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 69.173.144.139 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:b000:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 213.19.147.44 (United Kingdom) 7 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:223f:f800:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.251.84.39 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: h550.meetrics.de

stat.meetrics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.198.52.202 (Munich, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: h530.meetrics.de

s79.research.de.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 178.63.107.139 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: h294.meetrics.de

b100.s79.research.de.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.44.124.140 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-124-140.compute-1.amazonaws.com

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.194.49 (United States) 3 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a05:d018:d29:3605:92f1:d82:bf31:b250 (Dublin, Ireland) 4 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 198.47.127.19 (United States) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 52.223.40.198 (United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 134.209.129.254 (North Bergen, United States) 2 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

sync.serverbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 205.185.216.42 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net

serverbid-sync.nyc3.cdn.digitaloceanspaces.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 13.248.245.213 (United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.129.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.22 (United States)

ASN32748 (STEADFAST, US)
PTR: ip22.67-202-105.static.steadfastdns.net

ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.76.172.32 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-172-32.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.157.2.237 (Denmark) 5 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:119:50e1:101::6cae:b25 (None, )

ASN- ()

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.157.198.157 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-198-157.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 209.54.176.128 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.74.236.63 (None, ) 2 redirects

ASN- ()

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:678:cb4:bbbb::11 (United Kingdom) 3 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.165 (Frankfurt am Main, Germany) 3 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.18.233.180 (None, )

ASN- ()

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.252.103 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.93.133.131 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-133-131.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.126.56.137 (None, ) 3 redirects

ASN- ()

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 63.251.14.14 (None, ) 4 redirects

ASN- ()

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.162.133.149 (None, )

ASN- ()

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.102.194 (None, )

ASN- ()

p.adsymptotic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.223.38 (None, ) 1 redirects

ASN- ()

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.151.100 (None, )

ASN- ()

pixel-us-east.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.184 (None, ) 2 redirects

ASN- ()

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 185.64.190.80 (None, )

ASN- ()

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.151 (None, )

ASN- ()

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (None, ) 1 redirects

ASN- ()

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.215.67.80 (None, ) 3 redirects

ASN- ()

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.133 (None, )

ASN- ()

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.55.6.212 (None, ) 1 redirects

ASN- ()

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:ad1 (None, )

ASN- ()

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.241.206 (None, )

ASN- ()

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.91.45.7 (None, )

ASN- ()

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::300 (None, ) 1 redirects

ASN- ()

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.44 (None, )

ASN- ()

match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:c05 (None, ) 1 redirects

ASN- ()

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.20 (None, )

ASN- ()

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 146.59.148.16 (None, ) 3 redirects

ASN- ()

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.249.68.36 (None, ) 2 redirects

ASN- ()

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:db6 (None, ) 1 redirects

ASN- ()

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.50.137.182 (None, )

ASN- ()

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.198.220.83 (None, ) 2 redirects

ASN- ()

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:12::1400 (None, )

ASN- ()

pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.62.202.251 (None, ) 1 redirects

ASN- ()

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.107.212 (None, ) 1 redirects

ASN- ()

ads.playground.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
55	doubleclick.net 16 redirects 4394967.fls.doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net googleads4.g.doubleclick.net ad.doubleclick.net	247 KB
35	googlesyndication.com pagead2.googlesyndication.com d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com tpc.googlesyndication.com	218 KB
30	2mdn.net s0.2mdn.net	494 KB
25	pubmatic.com 2 redirects image6.pubmatic.com ads.pubmatic.com image2.pubmatic.com simage2.pubmatic.com image4.pubmatic.com	36 KB
25	rubiconproject.com 7 redirects ads.rubiconproject.com fastlane.rubiconproject.com prebid-a.rubiconproject.com pixel.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com secure-assets.rubiconproject.com pixel-us-east.rubiconproject.com	148 KB
19	brightspotcdn.com ewscripps.brightspotcdn.com	4 MB
18	adnxs.com 5 redirects ib.adnxs.com acdn.adnxs.com secure.adnxs.com	60 KB
17	serverbid.com 4 redirects e.serverbid.com sync.serverbid.com	2 KB
16	3lift.com 4 redirects tlx.3lift.com eb2.3lift.com	7 KB
16	openx.net 3 redirects ewscripps-d.openx.net us-u.openx.net eu-u.openx.net rtb.openx.net	4 KB
12	moatads.com sejs.moatads.com mb.moatads.com px.moatads.com z.moatads.com	183 KB
11	yahoo.com 7 redirects c2shb.ssp.yahoo.com pr-bh.ybp.yahoo.com ups.analytics.yahoo.com	6 KB
10	adsrvr.org 4 redirects match.adsrvr.org	3 KB
10	adsafeprotected.com 1 redirects pixel.adsafeprotected.com static.adsafeprotected.com dt.adsafeprotected.com	96 KB
9	amazon-adsystem.com 2 redirects c.amazon-adsystem.com s.amazon-adsystem.com	42 KB
8	wrtv.com 2 redirects wrtv.com www.wrtv.com	407 KB
7	de.com s79.research.de.com b100.s79.research.de.com	2 KB
7	mathtag.com 7 redirects sync.mathtag.com	4 KB
6	adform.net 5 redirects c1.adform.net	3 KB
6	casalemedia.com 4 redirects dsum-sec.casalemedia.com ssum-sec.casalemedia.com	6 KB
6	quantserve.com 3 redirects secure.quantserve.com pixel.quantserve.com cms.quantserve.com	12 KB
5	bidswitch.net 3 redirects x.bidswitch.net	2 KB
5	googletagservices.com www.googletagservices.com	132 KB
5	gumgum.com g2.gumgum.com rtb.gumgum.com	4 KB
5	google.com adservice.google.com www.google.com	2 KB
5	typekit.net use.typekit.net p.typekit.net	52 KB
4	lijit.com 4 redirects ap.lijit.com	2 KB
4	advertising.com 4 redirects pixel.advertising.com	1 KB
4	1rx.io 4 redirects sync.1rx.io	2 KB
4	33across.com ssc.33across.com ssc-cms.33across.com	603 B
4	google-analytics.com www.google-analytics.com	21 KB
4	facebook.net connect.facebook.net	191 KB
3	onaudience.com 3 redirects pixel.onaudience.com	1 KB
3	bidr.io 3 redirects match.prod.bidr.io	2 KB
3	turn.com 3 redirects ad.turn.com	1 KB
3	everesttech.net 3 redirects sync-tm.everesttech.net	854 B
3	unrulymedia.com 3 redirects sync.targeting.unrulymedia.com	2 KB
3	facebook.com www.facebook.com	659 B
3	dotomi.com web.hb.ad.cpe.dotomi.com pubmatic-match.dotomi.com	982 B
3	google.de adservice.google.de	1 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
3	ewscloud.com api.ewscloud.com static.ewscloud.com	7 KB
3	fontawesome.com use.fontawesome.com	132 KB
2	mfadsrvr.com 2 redirects rtb.mfadsrvr.com	1 KB
2	zeotap.com 1 redirects spl.zeotap.com mwzeom.zeotap.com	897 B
2	crwdcntrl.net 2 redirects sync.crwdcntrl.net	568 B
2	tribalfusion.com 1 redirects a.tribalfusion.com s.tribalfusion.com	1 KB
2	taboola.com 1 redirects trc.taboola.com match.taboola.com	655 B
2	de17a.com 2 redirects d5p.de17a.com	637 B
2	adsymptotic.com p.adsymptotic.com
2	sonobi.com sync.go.sonobi.com	952 B
2	zemanta.com 2 redirects b1sync.zemanta.com	602 B
2	bing.com c.bing.com	852 B
2	linkedin.com px.ads.linkedin.com	883 B
2	360yield.com 2 redirects ad.360yield.com	618 B
2	digitaloceanspaces.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com	10 KB
2	w55c.net 2 redirects pm.w55c.net	2 KB
2	teads.tv sync.teads.tv	344 B
2	pymx5.com pymx5.com api.pymx5.com	10 KB
2	sitescout.com 1 redirects pixel.sitescout.com pixel-sync.sitescout.com	528 B
2	userzoom.com cdn5.userzoom.com	13 KB
2	parsely.com cdn.parsely.com p1.parsely.com	24 KB
2	media.net hbx.media.net hblg.media.net	97 KB
2	scrippsdigital.com assets.scrippsdigital.com	4 KB
2	cookielaw.org cdn.cookielaw.org	7 KB
1	playground.xyz 1 redirects ads.playground.xyz	488 B
1	bidtheatre.com 1 redirects match.adsby.bidtheatre.com	550 B
1	simpli.fi um.simpli.fi	618 B
1	deepintent.com match.deepintent.com	44 B
1	adgrx.com cm.adgrx.com	408 B
1	ad4m.at ad4m.at	915 B
1	loopme.me 1 redirects csync.loopme.me	216 B
1	smartadserver.com rtb-csync.smartadserver.com	163 B
1	adition.com 1 redirects dsp.adfarm1.adition.com	501 B
1	criteo.com dis.criteo.com	334 B
1	rlcdn.com id.rlcdn.com
1	meetrics.net stat.meetrics.net	351 B
1	smaato.net 1 redirects s.ad.smaato.net	440 B
1	blismedia.com tr.blismedia.com	141 B
1	mxcdn.net s79.mxcdn.net	57 KB
1	quantcount.com rules.quantcount.com	1 KB
1	googletagmanager.com www.googletagmanager.com	49 KB
0	erne.co Failed green.erne.co Failed
0	id5-sync.com Failed id5-sync.com Failed
0	collective-media.net Failed b.collective-media.net Failed
367	85

	Domain	Requested by
36	cm.g.doubleclick.net	15 redirects googleads.g.doubleclick.net d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com eu-u.openx.net eb2.3lift.com
30	s0.2mdn.net	www.wrtv.com s0.2mdn.net d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com
19	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com googleads.g.doubleclick.net ad.doubleclick.net www.googletagservices.com
19	ewscripps.brightspotcdn.com	www.wrtv.com
15	e.serverbid.com	2 redirects ads.rubiconproject.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com ads.pubmatic.com
14	eb2.3lift.com	4 redirects ads.rubiconproject.com eb2.3lift.com
13	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com googleads.g.doubleclick.net
11	simage2.pubmatic.com	ads.pubmatic.com
11	ib.adnxs.com	4 redirects ads.rubiconproject.com googleads.g.doubleclick.net acdn.adnxs.com
10	match.adsrvr.org	4 redirects ads.rubiconproject.com eu-u.openx.net eb2.3lift.com
9	px.moatads.com
7	sync.mathtag.com	7 redirects
7	securepubads.g.doubleclick.net	www.wrtv.com securepubads.g.doubleclick.net www.googletagservices.com
6	image2.pubmatic.com	ads.pubmatic.com
6	c1.adform.net	5 redirects ads.pubmatic.com
6	eus.rubiconproject.com	ads.rubiconproject.com eus.rubiconproject.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com
6	eu-u.openx.net	ads.rubiconproject.com eu-u.openx.net
6	b100.s79.research.de.com	d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com
6	pixel.rubiconproject.com	2 redirects
6	us-u.openx.net	1 redirects googleads.g.doubleclick.net eu-u.openx.net
6	www.wrtv.com	www.wrtv.com ewscripps.brightspotcdn.com
5	x.bidswitch.net	3 redirects eb2.3lift.com
5	pr-bh.ybp.yahoo.com	4 redirects ads.pubmatic.com
5	dt.adsafeprotected.com	d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com
5	www.googletagservices.com	securepubads.g.doubleclick.net d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com www.googletagservices.com
5	c.amazon-adsystem.com	www.wrtv.com c.amazon-adsystem.com
4	ap.lijit.com	4 redirects
4	pixel.advertising.com	4 redirects
4	s.amazon-adsystem.com	2 redirects eb2.3lift.com
4	acdn.adnxs.com	ads.rubiconproject.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com
4	sync.1rx.io	4 redirects
4	googleads4.g.doubleclick.net	www.wrtv.com
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	googleads.g.doubleclick.net	d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com www.wrtv.com
4	prebid-a.rubiconproject.com	ads.rubiconproject.com
4	pixel.quantserve.com	3 redirects www.wrtv.com
4	www.google-analytics.com	www.wrtv.com www.google-analytics.com
4	connect.facebook.net	www.wrtv.com connect.facebook.net
4	use.typekit.net	www.wrtv.com use.typekit.net
3	pixel.onaudience.com	3 redirects
3	match.prod.bidr.io	3 redirects
3	secure.adnxs.com	1 redirects acdn.adnxs.com
3	ups.analytics.yahoo.com	3 redirects
3	ads.pubmatic.com	serverbid-sync.nyc3.cdn.digitaloceanspaces.com ads.pubmatic.com
3	token.rubiconproject.com	3 redirects
3	ad.turn.com	3 redirects
3	image6.pubmatic.com	2 redirects ads.pubmatic.com
3	sync-tm.everesttech.net	3 redirects
3	static.adsafeprotected.com	pixel.adsafeprotected.com d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com
3	sync.targeting.unrulymedia.com	3 redirects
3	d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	www.facebook.com	www.wrtv.com
3	g2.gumgum.com	ads.rubiconproject.com
3	ssc.33across.com	ads.rubiconproject.com
3	c2shb.ssp.yahoo.com	ads.rubiconproject.com
3	adservice.google.de	adservice.google.com securepubads.g.doubleclick.net
3	adservice.google.com	4394967.fls.doubleclick.net securepubads.g.doubleclick.net
3	sb.scorecardresearch.com	1 redirects www.wrtv.com
3	use.fontawesome.com	www.wrtv.com use.fontawesome.com
2	rtb.mfadsrvr.com	2 redirects
2	sync.crwdcntrl.net	2 redirects
2	image4.pubmatic.com	ads.pubmatic.com
2	d5p.de17a.com	2 redirects
2	p.adsymptotic.com	serverbid-sync.nyc3.cdn.digitaloceanspaces.com
2	sync.go.sonobi.com	serverbid-sync.nyc3.cdn.digitaloceanspaces.com
2	ssum-sec.casalemedia.com	2 redirects
2	rtb.openx.net	2 redirects
2	secure-assets.rubiconproject.com	2 redirects
2	b1sync.zemanta.com	2 redirects
2	c.bing.com	eb2.3lift.com
2	px.ads.linkedin.com	eb2.3lift.com
2	rtb.gumgum.com	ads.pubmatic.com
2	ad.360yield.com	2 redirects
2	serverbid-sync.nyc3.cdn.digitaloceanspaces.com	ads.rubiconproject.com
2	sync.serverbid.com	2 redirects
2	pm.w55c.net	2 redirects
2	sync.teads.tv	googleads.g.doubleclick.net
2	pixel.adsafeprotected.com	1 redirects d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com
2	www.google.com	tpc.googlesyndication.com d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com
2	tlx.3lift.com	ads.rubiconproject.com
2	web.hb.ad.cpe.dotomi.com	ads.rubiconproject.com
2	fastlane.rubiconproject.com	ads.rubiconproject.com
2	ewscripps-d.openx.net	ads.rubiconproject.com
2	cdn5.userzoom.com	www.wrtv.com cdn5.userzoom.com
2	api.ewscloud.com	ewscripps.brightspotcdn.com
2	4394967.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	assets.scrippsdigital.com	www.wrtv.com
2	cdn.cookielaw.org	www.wrtv.com cdn.cookielaw.org
2	wrtv.com	2 redirects
1	ads.playground.xyz	1 redirects
1	match.adsby.bidtheatre.com	1 redirects
1	pixel-sync.sitescout.com	1 redirects
1	pubmatic-match.dotomi.com	ads.pubmatic.com
1	um.simpli.fi	ads.pubmatic.com
1	mwzeom.zeotap.com	ads.pubmatic.com
1	spl.zeotap.com	1 redirects
1	s.tribalfusion.com	ads.pubmatic.com
1	a.tribalfusion.com	1 redirects
1	match.taboola.com	ads.pubmatic.com
1	trc.taboola.com	1 redirects
1	match.deepintent.com	ads.pubmatic.com
1	cm.adgrx.com	ads.pubmatic.com
1	ad4m.at	ads.pubmatic.com
1	csync.loopme.me	1 redirects
1	rtb-csync.smartadserver.com	ads.pubmatic.com
1	dsp.adfarm1.adition.com	1 redirects
1	dis.criteo.com	ads.pubmatic.com
1	pixel-us-east.rubiconproject.com	eus.rubiconproject.com
1	id.rlcdn.com
1	ssc-cms.33across.com	ads.rubiconproject.com
1	s79.research.de.com	s79.mxcdn.net
1	stat.meetrics.net	s79.mxcdn.net
1	s.ad.smaato.net	1 redirects
1	tr.blismedia.com	d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com
1	cms.quantserve.com	d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com
1	ad.doubleclick.net	www.googletagservices.com
1	s79.mxcdn.net	s0.2mdn.net
1	z.moatads.com	securepubads.g.doubleclick.net
1	rules.quantcount.com	secure.quantserve.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	static.ewscloud.com	www.wrtv.com
1	api.pymx5.com	pymx5.com
1	hblg.media.net	www.wrtv.com
1	mb.moatads.com	sejs.moatads.com
1	p1.parsely.com	www.wrtv.com
1	pymx5.com	www.googletagmanager.com
1	pixel.sitescout.com	www.wrtv.com
1	secure.quantserve.com	www.wrtv.com
1	cdn.parsely.com	www.wrtv.com
1	p.typekit.net	use.typekit.net
1	ads.rubiconproject.com	www.wrtv.com
1	hbx.media.net	www.wrtv.com
1	sejs.moatads.com	www.wrtv.com
1	www.googletagmanager.com	www.wrtv.com
0	green.erne.co Failed	ads.pubmatic.com
0	id5-sync.com Failed
0	b.collective-media.net Failed	www.wrtv.com
367	137

This site contains links to these domains. Also see Links.

Domain
www.thelisttv.com
www.picklerandben.com
reviews.theindychannel.com
www.youtube.com
support.theindychannel.com
scripps.wd5.myworkdayjobs.com
www.dontwasteyourmoney.com
support.wrtv.com
assets.scrippsdigital.com
scripps.com
publicfiles.fcc.gov
www.theindychannel.com
www.facebook.com
www.instagram.com
www.pinterest.com
twitter.com

Subject Issuer	Validity	Valid
*.scrippsnationalnews.com Amazon	`2021-02-05` - `2022-03-06`	a year	crt.sh
ewscripps.brightspotcdn.com Amazon	`2021-05-30` - `2022-06-28`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2021-06-01` - `2022-05-31`	a year	crt.sh
use.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2021-08-16` - `2022-08-16`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-07` - `2022-07-06`	a year	crt.sh
*.scrippsdigital.com Amazon	`2021-08-08` - `2022-09-06`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2021-04-12` - `2022-04-20`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-01` - `2022-04-04`	a year	crt.sh
*.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2021-07-16` - `2022-07-21`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-08-14` - `2021-11-12`	3 months	crt.sh
*.parsely.com Amazon	`2021-07-05` - `2022-08-03`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.ewscloud.com DigiCert TLS RSA SHA256 2020 CA1	`2021-08-19` - `2022-09-19`	a year	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
manager.userzoom.com DigiCert SHA2 Extended Validation Server CA	`2021-05-20` - `2022-06-20`	a year	crt.sh
*.sitescout.com RapidSSL RSA CA 2018	`2020-01-15` - `2022-02-02`	2 years	crt.sh
*.pymx5.com Go Daddy Secure Certificate Authority - G2	`2021-09-12` - `2022-09-10`	a year	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-25` - `2022-06-25`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-14` - `2022-04-06`	6 months	crt.sh
ssc.33across.com GTS CA 1D4	`2021-09-28` - `2021-12-27`	3 months	crt.sh
e.serverbid.com R3	`2021-10-22` - `2022-01-20`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
ad.cpe.dotomi.com GlobalSign RSA OV SSL CA 2018	`2021-07-13` - `2022-06-25`	a year	crt.sh
*.gumgum.com Amazon	`2021-06-05` - `2022-07-04`	a year	crt.sh
*.3lift.com Amazon	`2021-06-12` - `2022-07-11`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2021-08-11` - `2022-09-09`	a year	crt.sh
teads.tv R3	`2021-11-03` - `2022-02-01`	3 months	crt.sh
*.mxcdn.net DigiCert SHA2 Secure Server CA	`2021-10-16` - `2022-10-18`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2021-10-25` - `2022-01-23`	3 months	crt.sh
static.adsafeprotected.com Amazon	`2021-09-05` - `2022-10-04`	a year	crt.sh
meetrics.net R3	`2021-09-22` - `2021-12-21`	3 months	crt.sh
dt.adsafeprotected.com Amazon	`2021-04-22` - `2022-05-21`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.nyc3.cdn.digitaloceanspaces.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-30`	a year	crt.sh
cdn.adnxs.com GlobalSign Organization Validated CA - SHA256 - G4	`2021-05-10` - `2022-06-11`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-23` - `2022-09-30`	a year	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-09-16` - `2022-03-16`	6 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-09-30` - `2022-03-30`	6 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2020-12-06` - `2022-01-07`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-09` - `2021-12-07`	3 months	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-24` - `2022-03-26`	a year	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2020-04-09` - `2022-06-08`	2 years	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2019-09-18` - `2021-12-12`	2 years	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-08-24` - `2022-02-16`	6 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2021-08-10` - `2022-09-11`	a year	crt.sh

This page contains 53 frames:

Primary Page: https://www.wrtv.com/
Frame ID: 959B13A31CCE0EBBFD195FE814E27070
Requests: 120 HTTP requests in this frame

Frame: https://4394967.fls.doubleclick.net/activityi;dc_pre=COGWy-ifgPQCFeTMEQgd9PALaA;src=4394967;type=wrtvy0;cat=pc_tt0;ord=1294791758678;gtm=2wgb31;auiddc=226850752.1636081843;u1=Homepage;u2=Indianapolis%20News%20and%20Headlines%20%7C%20WRTV%20-%20TV%20%7C%20TheIndyChannel.com;~oref=https%3A%2F%2Fwww.wrtv.com%2F
Frame ID: 6EB412C599D6857C896EE137A3EF804B
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=COGWy-ifgPQCFeTMEQgd9PALaA;src=4394967;type=wrtvy0;cat=pc_tt0;ord=1294791758678;gtm=2wgb31;auiddc=226850752.1636081843;u1=Homepage;u2=Indianapolis%20News%20and%20Headlines%20%7C%20WRTV%20-%20TV%20%7C%20TheIndyChannel.com;~oref=https%3A%2F%2Fwww.wrtv.com%2F
Frame ID: 1E8BEFE538AA11035249A8C81DDFD0AE
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=COGWy-ifgPQCFeTMEQgd9PALaA;src=4394967;type=wrtvy0;cat=pc_tt0;ord=1294791758678;gtm=2wgb31;auiddc=226850752.1636081843;u1=Homepage;u2=Indianapolis%20News%20and%20Headlines%20%7C%20WRTV%20-%20TV%20%7C%20TheIndyChannel.com;~oref=https%3A%2F%2Fwww.wrtv.com%2F
Frame ID: 8C74995DAF0E4C6FB01D565DA1C41033
Requests: 1 HTTP requests in this frame

Frame: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 68E05E568A1883CCF71FA3D10F68095F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 033836C4BFC5748BE61B302DA737000A
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CFCE18F2736F126DF0479246DC35547D
Requests: 2 HTTP requests in this frame

Frame: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9BE762F77E96397C412449DD093EA979
Requests: 24 HTTP requests in this frame

Frame: https://z.moatads.com/ewscrippsdfp76939516016/moatad.js
Frame ID: B050704391E6E22A0C1F4681881A4468
Requests: 7 HTTP requests in this frame

Frame: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: CFA1CEBE27F07951395776017BD2F77A
Requests: 24 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: B2C8BB83C07A05321C0561F20FDD02CB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhiZkL-5ATAB&v=APEucNUOze7w6a0m8IrDCE3EdK2TIvyt7tYqMqAevY7sEtB8hHkSSuGXUFJlEh4A4jcpowrwbNsX2V3V1LMpCPXmX2pulXGtJYVVTGtDvCvvIKt2H6Ztcm3DNL56LH-h0W3AkeaR3iYsHBbgtLpJdyHf1C_QjX41F0IVm86rA23pwfeYCCIYrJU
Frame ID: FEAA2C48FE1B5FFEC8972D61DD0F2F05
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIPG4AIQmaDwAhi-vu5tMAE&v=APEucNWaKW44ceqmA1t8lb7GgI8Y-l7K_pTFn4eeORxN0wRrcN2tMNMQprDUZ73f7T4XfAU7IdxXKBpFx_06mqcfzGj6rjv77_lYKrH8Oi7_JzxjwIAIi4ZU6MiTLc8p3ZFUZlGJ26OkH92wQarfBZdoDKx-Z7HIo6YxxnQ_J3bWTqC2b9aNNGM
Frame ID: 51111DB9E6EE09F417BC68689A2FE373
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 153B89C0AD51693CF5FC01D95EBA2885
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6D4A2B2BB29EF27D0BB80747C7D8748C
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html
Frame ID: 34DBB4BCDE76C7773CBFFE5ECB8FDFCF
Requests: 18 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0A35C6E8545EC76641103AA7FD572CA5
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5C7E57DFDFB905CE179F9F0304EA7AFB
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 6F6249ABF50B7C87CB6D50129F4ACF00
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/16670014928280162921/index.html
Frame ID: 0B9004A24A3CD64C946C2C4A31B6219A
Requests: 10 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 9B51536FFC25433030C92CF26FDBB820
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Frame ID: 7FDB6276B6CA0834D46D20D879A26B5F
Requests: 1 HTTP requests in this frame

Frame: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Frame ID: 2A2CFD5E2A70978AAA55126192367016
Requests: 8 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=1
Frame ID: 3430B739664CE61834EECE3130AE08BE
Requests: 7 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: 06AAB4F84159E14DDAE390B29E3EDA4F
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 0D32D71FD822D1526D10ACF4F0F020CB
Requests: 3 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=1
Frame ID: F4BBA7606E87CA3D3D588E71BB6A3013
Requests: 7 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=bFmFVUByqr67OuaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 900BE49B3C716E0481910354C1BB9627
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 66FCB03ED5EFFA2A16F46C97DA88D55B
Requests: 10 HTTP requests in this frame

Frame: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Frame ID: 55AD5304B8E6AA58A284B1ED403E0078
Requests: 8 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: 2C1C55BCE6B84F340B289F088D5EB057
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: A2552B37AA81B4807473460876D00C47
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Frame ID: EFED60C11235228F633D695542A9DF32
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Frame ID: A4DBC446D2033B1A8B4ECB42A3AD4A2B
Requests: 22 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: DD444DEF4AF4940243AEF4A12D665ACF
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Frame ID: BFC5300D1D119611BFA5B919A1D6E593
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Frame ID: C574911B6A5E62E70D7E1F46F55B3B54
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 5B37258782B6BA1D8F81FA7E2CF41118
Requests: 2 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=0E2FB96E-A800-46A0-9396-441CD19A0B8D
Frame ID: 06DB2C6BF9312B2C794C7172491C12B5
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3539097901260284538
Frame ID: 543A44044263D51A61A5240AEAAF9DC0
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: C733A200C65F9BDAAB3316BD0B1389D8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7026918035043645590
Frame ID: 373AFC1128CC740EA4BE1735E16BEEED
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YYSgtQAAAmVOSQAz&gdpr=0&gdpr_consent=
Frame ID: E181D6F84C6B2E449EF96AD3F80BD835
Requests: 1 HTTP requests in this frame

Frame: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAGvDk7DCUEAABTvw4C0QQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID
Frame ID: 91FE9630F483EA49F9877A6209128EDC
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Frame ID: 5B7922FF74E666468250060F68921ECB
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-80ce4e99-9ca2-4a78-affd-99a12c42a1da-003
Frame ID: 0A4A56D1358FBB89EFD5AD9DEA1B382E
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: 866F60DBEA632F70E0C4C35EABA8319F
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: F2307C717693E8A78877E17FCCC30A5E
Requests: 1 HTTP requests in this frame

Frame: https://green.erne.co/pubmatic/cm
Frame ID: 06EB7EE69DD2D286D3002E20A5085788
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 9B6AC69E4C094B9CD79D0E59C5A41014
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=22908fd6-6ef7-4bb1-b23d-5c337aa03099-tuct87e2639&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 14F064722DC2DAB5DFEC9854CF5E6F04
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: A007433C052139FFF8D3B09EC13B3D2A
Requests: 1 HTTP requests in this frame

Frame: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=4&userId=0E2FB96E-A800-46A0-9396-441CD19A0B8D
Frame ID: 8522595EC4C7A6CBDDD39764D27A9E09
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Indianapolis News and Headlines | WRTV - TV | TheIndyChannel.com

Page URL History Show full URLs

http://wrtv.com/ HTTP 301
https://wrtv.com/ HTTP 301
https://www.wrtv.com/ Page URL

Page Statistics

367
Requests

78 %
HTTPS

28 %
IPv6

85
Domains

137
Subdomains

92
IPs

9
Countries

6926 kB
Transfer

11261 kB
Size

67
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: http://www.thelisttv.com/
Title: The List

Search URL Search Domain Scan URL

URL: https://www.picklerandben.com/
Title: Pickler and Ben Show

Search URL Search Domain Scan URL

URL: https://reviews.theindychannel.com/
Title: Buying Guide

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/wrtv6
Title: YouTube Channel

Search URL Search Domain Scan URL

URL: http://support.theindychannel.com/support/home?_ga=2.33167033.645926493.1539774147-114775374.1527621328
Title: Support

Search URL Search Domain Scan URL

URL: https://scripps.wd5.myworkdayjobs.com/Scripps_Careers
Title: Careers Search

Search URL Search Domain Scan URL

URL: https://www.dontwasteyourmoney.com/
Title: Don't Waste Your Money

Search URL Search Domain Scan URL

URL: http://support.wrtv.com/support/home
Title: Support

Search URL Search Domain Scan URL

URL: https://assets.scrippsdigital.com/docs/journalism-ethics-guidelines.pdf
Title: Journalism Ethics Guidelines

Search URL Search Domain Scan URL

URL: https://scripps.com/careers/find-a-job/
Title: Careers

Search URL Search Domain Scan URL

URL: https://publicfiles.fcc.gov/tv-profile/wrtv
Title: FCC Public Files

Search URL Search Domain Scan URL

URL: https://www.theindychannel.com/public-file-contact-us
Title: Public File Contact

Search URL Search Domain Scan URL

URL: https://www.facebook.com/WRTV6
Title: WRTV6

Search URL Search Domain Scan URL

URL: https://www.instagram.com/rtv6/
Title: rtv6

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/rtv6/
Title: rtv6/

Search URL Search Domain Scan URL

URL: https://twitter.com/wrtv
Title: wrtv

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCfLYcp8eh4VAC8_BBRsHhFg
Title: UCfLYcp8eh4VAC8_BBRsHhFg

Search URL Search Domain Scan URL

URL: https://scripps.com/our-brands/local-media/
Title: Scripps Local Media

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://wrtv.com/ HTTP 301
https://wrtv.com/ HTTP 301
https://www.wrtv.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42

https://4394967.fls.doubleclick.net/activityi;src=4394967;type=wrtvy0;cat=pc_tt0;ord=1294791758678;gtm=2wgb31;auiddc=226850752.1636081843;u1=Homepage;u2=Indianapolis%20News%20and%20Headlines%20%7C%20WRTV%20-%20TV%20%7C%20TheIndyChannel.com;~oref=https%3A%2F%2Fwww.wrtv.com%2F HTTP 302
https://4394967.fls.doubleclick.net/activityi;dc_pre=COGWy-ifgPQCFeTMEQgd9PALaA;src=4394967;type=wrtvy0;cat=pc_tt0;ord=1294791758678;gtm=2wgb31;auiddc=226850752.1636081843;u1=Homepage;u2=Indianapolis%20News%20and%20Headlines%20%7C%20WRTV%20-%20TV%20%7C%20TheIndyChannel.com;~oref=https%3A%2F%2Fwww.wrtv.com%2F

Request Chain 62

https://sb.scorecardresearch.com/b?c1=2&c2=6036471&ns__t=1636081843150&ns_c=UTF-8&cv=3.5&c8=Indianapolis%20News%20and%20Headlines%20%7C%20WRTV%20-%20TV%20%7C%20TheIndyChannel.com&c7=https%3A%2F%2Fwww.wrtv.com%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=6036471&ns__t=1636081843150&ns_c=UTF-8&cv=3.5&c8=Indianapolis%20News%20and%20Headlines%20%7C%20WRTV%20-%20TV%20%7C%20TheIndyChannel.com&c7=https%3A%2F%2Fwww.wrtv.com%2F&c9=

Request Chain 145

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED2vy7qyhruMPVwNumjvrSs&google_cver=1

Request Chain 146

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YYSgtDPFl2dHHW91wo.sdAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED2vy7qyhruMPVwNumjvrSs&google_cver=1&google_hm=2

Request Chain 147

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEJo0ZXQwWL9Nt8s_prgRiJE&google_cver=1

Request Chain 148

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjM4NzE1MDk1MTQ5NzU5NTYxOA%3D%3D

Request Chain 161

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFLVp5VIPr7DcefRiH2929c&google_cver=1

Request Chain 162

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MGQ2N2ZhNzMtZDcyYS02MGZmLTRmNzEtMDU0YjJiYWViOGI0

Request Chain 163

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEL47ZDUgM4wwZpMeJOPXXH0&google_cver=1

Request Chain 172

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPLpNwBa99MmLo5JHoqWS5A&google_cver=1&google_push=AYg5qPKcpQxUhIURnM4Wd3dUKpi7IKBmd_yI2mZNpIvOAOCJtNtCeD0u_ES2mI-62vDi9zqTrahQsNepRnHu1gLcDVeAL9QzRhY HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPLpNwBa99MmLo5JHoqWS5A&google_cver=1&google_push=AYg5qPKcpQxUhIURnM4Wd3dUKpi7IKBmd_yI2mZNpIvOAOCJtNtCeD0u_ES2mI-62vDi9zqTrahQsNepRnHu1gLcDVeAL9QzRhY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SWw5VmZRR0QxTUlQQ1E1&google_gid=CAESEPLpNwBa99MmLo5JHoqWS5A&google_cver=1&google_push=AYg5qPKcpQxUhIURnM4Wd3dUKpi7IKBmd_yI2mZNpIvOAOCJtNtCeD0u_ES2mI-62vDi9zqTrahQsNepRnHu1gLcDVeAL9QzRhY

Request Chain 173

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEIRb6tOjY2wFsJ6ToB4Wp3I&google_cver=1&google_push=AYg5qPKcVc--cpULV9CK_ODn4Y-rWDw_imPSgVM4xLdw2lellOTgfXW1qAXAnuf2iPGT0p5DwEYS-qx9rguj0c3wuOnrK4KiG78 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPKcVc--cpULV9CK_ODn4Y-rWDw_imPSgVM4xLdw2lellOTgfXW1qAXAnuf2iPGT0p5DwEYS-qx9rguj0c3wuOnrK4KiG78

Request Chain 175

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKzNhRdGCThFm1atfggBloY&google_cver=1&google_push=AYg5qPI4uUsHgvvYqxLaRZLjgkBl28QMMwrtcPzMmREG2qoGeQHqXQiBYQYSRZPTEGNu89U4w0DkJup7DDnUxEqLJrCmGmkaTQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZMU1ZYVUctWS0yOFcw&google_push=AYg5qPI4uUsHgvvYqxLaRZLjgkBl28QMMwrtcPzMmREG2qoGeQHqXQiBYQYSRZPTEGNu89U4w0DkJup7DDnUxEqLJrCmGmkaTQ

Request Chain 176

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEP8chfTA3nznM3pZ4OPiPOA&google_cver=1&google_push=AYg5qPIWVF5qEi8RHsJuMKVcShBPwKyD8rPjAtqYa_iWI3oEvYD2jRYbigLn7vFCHwjfuw7ioa-X8wig5SLbqf3YGHvIg9uIjg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPIWVF5qEi8RHsJuMKVcShBPwKyD8rPjAtqYa_iWI3oEvYD2jRYbigLn7vFCHwjfuw7ioa-X8wig5SLbqf3YGHvIg9uIjg

Request Chain 177

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEASTsLAoWWP7oDiTAQECo9o&google_cver=1&google_push=AYg5qPLFpR160deII8LXm6L4sI6jlPd-UFZ2y7LRXBA98PxlnK-UIBEZe8NrpcB3GKJt-tYIhG8wOE_UI6vFR1QzKJDp8B-HTw HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-80ce4e99-9ca2-4a78-affd-99a12c42a1da-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPLFpR160deII8LXm6L4sI6jlPd-UFZ2y7LRXBA98PxlnK-UIBEZe8NrpcB3GKJt-tYIhG8wOE_UI6vFR1QzKJDp8B-HTw%26google_hm%3DA4DOTpmcokp4r_2ZoSxCodo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPLFpR160deII8LXm6L4sI6jlPd-UFZ2y7LRXBA98PxlnK-UIBEZe8NrpcB3GKJt-tYIhG8wOE_UI6vFR1QzKJDp8B-HTw&google_hm=A4DOTpmcokp4r_2ZoSxCodo

Request Chain 211

https://pixel.adsafeprotected.com/rfw/st/415630/45225567/skeleton.js?adsafe_url=https%3A%2F%2Fwww.wrtv.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fd5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fd5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:f6cec119-e6f4-effc-decd-8f353b4330a3,c:t3HUbr,sl:na,em:true,fr:false,thd:1,mn:app08ie,rg:ie,pt:1-5-15,br:c,abv:na,an:n,oam:0,scm:publ1,nbld:0,mtim:244,fm:sNR6GG4+1111%7C12%7C13%7C141%7C142%7C143%7C144%7C145%7C15%7C16*.415630-45225567%7C161%7C1621%7C163%7C164%7C165,idMap:16*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,tt:rjss,et:262,oid:f7395ebe-3de5-11ec-aae4-025e58922a4e,v:19.8.263,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js

Request Chain 215

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEPfyxMSl8C28Cc7dUgoIW6w&google_cver=1&google_push=AYg5qPKRRb6M9WvLJ7yLVnEErUok6d11vs48J6tzmZVK3dvI-CBDUq9Lb8TVG_s_p-VfwKs9Q5pK3cetmDMxxF2D93VjAN-216wL HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=l-phhKC0QwCo3oODJgWaeQ&google_push=AYg5qPKRRb6M9WvLJ7yLVnEErUok6d11vs48J6tzmZVK3dvI-CBDUq9Lb8TVG_s_p-VfwKs9Q5pK3cetmDMxxF2D93VjAN-216wL

Request Chain 216

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEJRCSnZZXHcvzhmRb6xfIWM&google_cver=1&google_push=AYg5qPLPU_pA_niAMuATEpRrw9m3og8Gf3oQbWYCuHgWaA4HdWnDaUs6jEf5W7Emcn6lIG9t1dW1j6AelGh65VVx60Wj-b8pV-YI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJRCSnZZXHcvzhmRb6xfIWM&google_push=AYg5qPLPU_pA_niAMuATEpRrw9m3og8Gf3oQbWYCuHgWaA4HdWnDaUs6jEf5W7Emcn6lIG9t1dW1j6AelGh65VVx60Wj-b8pV-YI

Request Chain 217

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEAGsF-ZU3O2PgayUxsS3dH4&google_cver=1&google_push=AYg5qPJnD8fw1Vcon2KElsrlQbT2j_MrA128pH5hQo6hWv47mvLFkXM5Xo_uFg91zV3y15WZZ75ILkamQQ5J5HoPg8xOghW3XDU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJnD8fw1Vcon2KElsrlQbT2j_MrA128pH5hQo6hWv47mvLFkXM5Xo_uFg91zV3y15WZZ75ILkamQQ5J5HoPg8xOghW3XDU&google_hm=NjI1ODQxOTg0Njg3MzYzOTAwOA%3D%3D

Request Chain 218

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECSt72rMKMnq7KSjTv-m1bY&google_cver=1&google_push=AYg5qPLz3VbaRcI77fMtcMbxO1Py50ROIdOcZZDuu5Mhz0W_7qTJBk83tQ7O4G_j1XrxRrj2mY-HiXGhi-48WEfrTcSHOaTJuvc HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECSt72rMKMnq7KSjTv-m1bY&google_cver=1&google_push=AYg5qPLz3VbaRcI77fMtcMbxO1Py50ROIdOcZZDuu5Mhz0W_7qTJBk83tQ7O4G_j1XrxRrj2mY-HiXGhi-48WEfrTcSHOaTJuvc&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Di-5bqgARqCTlkQc0ZoLjQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLz3VbaRcI77fMtcMbxO1Py50ROIdOcZZDuu5Mhz0W_7qTJBk83tQ7O4G_j1XrxRrj2mY-HiXGhi-48WEfrTcSHOaTJuvc

Request Chain 219

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENkORWeq8j69cCD4fwpQP_4&google_cver=1&google_push=AYg5qPLceV1LJrZM_Hc-t5PdHyqMvqI-DB330gbIZdHPOSqtfY1bxlExZvEsYCXjqtqvpOZlTPwupxR1Nrm7XcR0SbiKMoYW9yhG HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZMU1ZYVUctWS0yOFcw&google_push=AYg5qPLceV1LJrZM_Hc-t5PdHyqMvqI-DB330gbIZdHPOSqtfY1bxlExZvEsYCXjqtqvpOZlTPwupxR1Nrm7XcR0SbiKMoYW9yhG

Request Chain 220

https://onetag-sys.com/sync/i,19/?google_gid=CAESEBL0XVyzB7ECQWuNDqOVPCo&google_cver=1&google_push=AYg5qPKjXWpVHJkLdP7psTVMtsIUkchAJbpEb1kYfbJmahLJBf1IfEcxFwZpzeL7Ppc1aFoSWuKVQKIhqqO9jWdmvLMFGLDQnxI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKjXWpVHJkLdP7psTVMtsIUkchAJbpEb1kYfbJmahLJBf1IfEcxFwZpzeL7Ppc1aFoSWuKVQKIhqqO9jWdmvLMFGLDQnxI&google_hm=cjR5YWMyY0ZzZDlhSEtiZkVvYVdYcnJtbUJtUnpKVFlfeWF1bGJnRndQWQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKjXWpVHJkLdP7psTVMtsIUkchAJbpEb1kYfbJmahLJBf1IfEcxFwZpzeL7Ppc1aFoSWuKVQKIhqqO9jWdmvLMFGLDQnxI&google_hm=cjR5YWMyY0ZzZDlhSEtiZkVvYVdYcnJtbUJtUnpKVFlfeWF1bGJnRndQWQ&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKjXWpVHJkLdP7psTVMtsIUkchAJbpEb1kYfbJmahLJBf1IfEcxFwZpzeL7Ppc1aFoSWuKVQKIhqqO9jWdmvLMFGLDQnxI&google_hm=cjR5YWMyY0ZzZDlhSEtiZkVvYVdYcnJtbUJtUnpKVFlfeWF1bGJnRndQWQ&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKjXWpVHJkLdP7psTVMtsIUkchAJbpEb1kYfbJmahLJBf1IfEcxFwZpzeL7Ppc1aFoSWuKVQKIhqqO9jWdmvLMFGLDQnxI&google_hm=cjR5YWMyY0ZzZDlhSEtiZkVvYVdYcnJtbUJtUnpKVFlfeWF1bGJnRndQWQ&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKjXWpVHJkLdP7psTVMtsIUkchAJbpEb1kYfbJmahLJBf1IfEcxFwZpzeL7Ppc1aFoSWuKVQKIhqqO9jWdmvLMFGLDQnxI&google_hm=cjR5YWMyY0ZzZDlhSEtiZkVvYVdYcnJtbUJtUnpKVFlfeWF1bGJnRndQWQ&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKjXWpVHJkLdP7psTVMtsIUkchAJbpEb1kYfbJmahLJBf1IfEcxFwZpzeL7Ppc1aFoSWuKVQKIhqqO9jWdmvLMFGLDQnxI&google_hm=cjR5YWMyY0ZzZDlhSEtiZkVvYVdYcnJtbUJtUnpKVFlfeWF1bGJnRndQWQ&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKjXWpVHJkLdP7psTVMtsIUkchAJbpEb1kYfbJmahLJBf1IfEcxFwZpzeL7Ppc1aFoSWuKVQKIhqqO9jWdmvLMFGLDQnxI&google_hm=cjR5YWMyY0ZzZDlhSEtiZkVvYVdYcnJtbUJtUnpKVFlfeWF1bGJnRndQWQ&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKjXWpVHJkLdP7psTVMtsIUkchAJbpEb1kYfbJmahLJBf1IfEcxFwZpzeL7Ppc1aFoSWuKVQKIhqqO9jWdmvLMFGLDQnxI&google_hm=cjR5YWMyY0ZzZDlhSEtiZkVvYVdYcnJtbUJtUnpKVFlfeWF1bGJnRndQWQ&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKjXWpVHJkLdP7psTVMtsIUkchAJbpEb1kYfbJmahLJBf1IfEcxFwZpzeL7Ppc1aFoSWuKVQKIhqqO9jWdmvLMFGLDQnxI&google_hm=cjR5YWMyY0ZzZDlhSEtiZkVvYVdYcnJtbUJtUnpKVFlfeWF1bGJnRndQWQ&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKjXWpVHJkLdP7psTVMtsIUkchAJbpEb1kYfbJmahLJBf1IfEcxFwZpzeL7Ppc1aFoSWuKVQKIhqqO9jWdmvLMFGLDQnxI&google_hm=cjR5YWMyY0ZzZDlhSEtiZkVvYVdYcnJtbUJtUnpKVFlfeWF1bGJnRndQWQ&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKjXWpVHJkLdP7psTVMtsIUkchAJbpEb1kYfbJmahLJBf1IfEcxFwZpzeL7Ppc1aFoSWuKVQKIhqqO9jWdmvLMFGLDQnxI&google_hm=cjR5YWMyY0ZzZDlhSEtiZkVvYVdYcnJtbUJtUnpKVFlfeWF1bGJnRndQWQ&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKjXWpVHJkLdP7psTVMtsIUkchAJbpEb1kYfbJmahLJBf1IfEcxFwZpzeL7Ppc1aFoSWuKVQKIhqqO9jWdmvLMFGLDQnxI&google_hm=cjR5YWMyY0ZzZDlhSEtiZkVvYVdYcnJtbUJtUnpKVFlfeWF1bGJnRndQWQ&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKjXWpVHJkLdP7psTVMtsIUkchAJbpEb1kYfbJmahLJBf1IfEcxFwZpzeL7Ppc1aFoSWuKVQKIhqqO9jWdmvLMFGLDQnxI&google_hm=cjR5YWMyY0ZzZDlhSEtiZkVvYVdYcnJtbUJtUnpKVFlfeWF1bGJnRndQWQ&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKjXWpVHJkLdP7psTVMtsIUkchAJbpEb1kYfbJmahLJBf1IfEcxFwZpzeL7Ppc1aFoSWuKVQKIhqqO9jWdmvLMFGLDQnxI&google_hm=cjR5YWMyY0ZzZDlhSEtiZkVvYVdYcnJtbUJtUnpKVFlfeWF1bGJnRndQWQ&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKjXWpVHJkLdP7psTVMtsIUkchAJbpEb1kYfbJmahLJBf1IfEcxFwZpzeL7Ppc1aFoSWuKVQKIhqqO9jWdmvLMFGLDQnxI&google_hm=cjR5YWMyY0ZzZDlhSEtiZkVvYVdYcnJtbUJtUnpKVFlfeWF1bGJnRndQWQ&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKjXWpVHJkLdP7psTVMtsIUkchAJbpEb1kYfbJmahLJBf1IfEcxFwZpzeL7Ppc1aFoSWuKVQKIhqqO9jWdmvLMFGLDQnxI&google_hm=cjR5YWMyY0ZzZDlhSEtiZkVvYVdYcnJtbUJtUnpKVFlfeWF1bGJnRndQWQ&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKjXWpVHJkLdP7psTVMtsIUkchAJbpEb1kYfbJmahLJBf1IfEcxFwZpzeL7Ppc1aFoSWuKVQKIhqqO9jWdmvLMFGLDQnxI&google_hm=cjR5YWMyY0ZzZDlhSEtiZkVvYVdYcnJtbUJtUnpKVFlfeWF1bGJnRndQWQ&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKjXWpVHJkLdP7psTVMtsIUkchAJbpEb1kYfbJmahLJBf1IfEcxFwZpzeL7Ppc1aFoSWuKVQKIhqqO9jWdmvLMFGLDQnxI&google_hm=cjR5YWMyY0ZzZDlhSEtiZkVvYVdYcnJtbUJtUnpKVFlfeWF1bGJnRndQWQ&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKjXWpVHJkLdP7psTVMtsIUkchAJbpEb1kYfbJmahLJBf1IfEcxFwZpzeL7Ppc1aFoSWuKVQKIhqqO9jWdmvLMFGLDQnxI&google_hm=cjR5YWMyY0ZzZDlhSEtiZkVvYVdYcnJtbUJtUnpKVFlfeWF1bGJnRndQWQ&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKjXWpVHJkLdP7psTVMtsIUkchAJbpEb1kYfbJmahLJBf1IfEcxFwZpzeL7Ppc1aFoSWuKVQKIhqqO9jWdmvLMFGLDQnxI&google_hm=cjR5YWMyY0ZzZDlhSEtiZkVvYVdYcnJtbUJtUnpKVFlfeWF1bGJnRndQWQ&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3

Request Chain 221

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEOeUzghlYMciBfq5bZjpG9U&google_cver=1&google_push=AYg5qPIpsQvdpWufj0Zo_FY9o5b7b8kLUFzJeV8Wgy-3750FL7pcvXsDQvAZCc5ailiw2mlk-UYyzCzMMZEbFiqifJm2LNftfWQ9 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-80ce4e99-9ca2-4a78-affd-99a12c42a1da-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPIpsQvdpWufj0Zo_FY9o5b7b8kLUFzJeV8Wgy-3750FL7pcvXsDQvAZCc5ailiw2mlk-UYyzCzMMZEbFiqifJm2LNftfWQ9%26google_hm%3DA4DOTpmcokp4r_2ZoSxCodo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPIpsQvdpWufj0Zo_FY9o5b7b8kLUFzJeV8Wgy-3750FL7pcvXsDQvAZCc5ailiw2mlk-UYyzCzMMZEbFiqifJm2LNftfWQ9&google_hm=A4DOTpmcokp4r_2ZoSxCodo

Request Chain 247

https://sync.serverbid.com/ss/2000248.html HTTP 302
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html

Request Chain 249

https://eb2.3lift.com/sync HTTP 302
https://eb2.3lift.com/sync?&ld=1

Request Chain 254

https://sync.serverbid.com/ss/2000248.html HTTP 302
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html

Request Chain 255

https://eb2.3lift.com/sync HTTP 302
https://eb2.3lift.com/sync?&ld=1

Request Chain 257

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
https://rtb.gumgum.com/usersync?b=idi&i=c4646e2e-1663-4bf9-866e-7621af67c874

Request Chain 258

https://id5-sync.com/s/441/9.gif?puid=&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/441/441/9/1.gif?puid=0&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMOFXSrW3ceimlZZx-U_pe_I5JE1do-t2vimdD6Fg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F916%2F8%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMOFXSrW3ceimlZZx-U_pe_I5JE1do-t2vimdD6Fg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F916%2F8%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/cq/441/916/8/2.gif?puid=96310b6f-ccec-4bb2-8745-ddb576156aa4&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOFXSrW3ceimlZZx-U_pe_I5JE1do-t2vimdD6Fg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F7%2F3.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/cq/441/124/7/3.gif?puid=96310b6f-ccec-4bb2-8745-ddb576156aa4&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
https://ads.avocet.io/getuid?url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 307
https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 307
https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/441/146/6/4.gif?puid=8a8cb146-efd1-42aa-9299-8ea49a963497&gdpr=1&gdpr_consent= HTTP 302
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY HTTP 303
https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&domid=1033 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESEPfHXVKDdV9zVE1c58C838Y&google_cver=1 HTTP 303
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEPfHXVKDdV9zVE1c58C838Y&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 302
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=2387150951497595618&opid=apx&ops=&utidl=tech:goo:CAESEPfHXVKDdV9zVE1c58C838Y&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 303
https://id5-sync.com/qp/18.gif?puid=vec%3A22246664957&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY HTTP 302
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/4/6.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/4/6.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/441/19/4/6.gif?puid=f4c959eff063f7e52f462011b36c20bb&gdpr=1&gdpr_consent=

Request Chain 260

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=97ea6184-a0b4-4300-a8de-838326059a79

Request Chain 261

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=Glg8n01ZZpgBX2HIHggpz0heMc0BXmCbT1ypNooF

Request Chain 262

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=9105954489318236834

Request Chain 265

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFLVp5VIPr7DcefRiH2929c&google_cver=1

Request Chain 266

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=97ea6184-a0b4-4300-a8de-838326059a79

Request Chain 267

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=Glg8n01ZZpgBX2HIHggpz0heMc0BXmCbT1ypNooF

Request Chain 268

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7453374732976846464

Request Chain 271

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFLVp5VIPr7DcefRiH2929c&google_cver=1

Request Chain 273

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEDHfGOahjLr_LHXYeLng5Jg&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1

Request Chain 274

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTUwOTQ1ODg0Njg0MDU1MDQ0MDI%3D

Request Chain 276

https://pr-bh.ybp.yahoo.com/sync/triplelift/15094588468405504402?gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2662&xuid=y-q7Rf6TVE2oSKXWrIjDHitrp.Vpen9o9u7RJwMG7BFg--~A&dongle=0883

Request Chain 279

https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=15094588468405504402 HTTP 302
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=15094588468405504402&dcc=t

Request Chain 280

https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1

Request Chain 281

https://ad.turn.com/r/cs?pid=49&gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=4771&xuid=3894433036581876719&dongle=d407

Request Chain 283

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEDHfGOahjLr_LHXYeLng5Jg&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1

Request Chain 284

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTUwOTQ1ODg0Njg0MDU1MDQ0MDI%3D

Request Chain 286

https://pr-bh.ybp.yahoo.com/sync/triplelift/15094588468405504402?gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2662&xuid=y-q7Rf6TVE2oSKXWrIjDHitrp.Vpen9o9u7RJwMG7BFg--~A&dongle=0883

Request Chain 289

https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=15094588468405504402 HTTP 302
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=15094588468405504402&dcc=t

Request Chain 290

https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1

Request Chain 291

https://ad.turn.com/r/cs?pid=49&gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=4771&xuid=3966490630619804655&dongle=d407

Request Chain 295

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=97ea6184-a0b4-4300-a8de-838326059a79&expires=28

Request Chain 296

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/Jr5NWdY_doQzv4D9iNgblQ?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6258419846873639008

Request Chain 297

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZMU1ZYVUctWS0yOFcw

Request Chain 298

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=M2U0NGIxOGU2YTExZTE3OTUyYjE4YWRjZGZjNWNjZTQ2OTYzZDFlYw

Request Chain 301

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YYSgtQAAAmVOSQAz

Request Chain 302

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEM_05ostvLIlRmwT5-naVLI&google_cver=1

Request Chain 303

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17632&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east

Request Chain 306

https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D%24%7BUID%7D HTTP 302
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=19&userId=18d6a676-a7c2-0db2-311d-9fe76017b459

Request Chain 307

https://ib.adnxs.com/getuid?https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D28%26userId%3D%24UID HTTP 302
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=2387150951497595618

Request Chain 308

https://pixel.advertising.com/ups/56621/occ HTTP 302
https://pixel.advertising.com/ups/56621/occ?verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/56621/occ?apid=UPf9f54b07-3de5-11ec-a5a4-066c1c3f3b86 HTTP 302
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UPf9f54b07-3de5-11ec-a5a4-066c1c3f3b86

Request Chain 309

https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D HTTP 302
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YYSgtDPFl2dHHW91wo.sdAAA%261144

Request Chain 310

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID&sovrn_retry=true HTTP 307
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=283ab5d093028b1f1476b7dc

Request Chain 312

https://e.serverbid.com/udb/9969/match?redir=https://p.adsymptotic.com/d/px/?_pid=15964%26_rand=0.39016335598050667%26_psign=7af0e337a8b79b30c2c8126809252942%26_puuid= HTTP 302
https://p.adsymptotic.com/d/px/ue1-sb1-c549adaf-1b21-4536-9708-cbda488d9288

Request Chain 313

https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D%24%7BUID%7D HTTP 302
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=19&userId=18d6a676-a7c2-0db2-311d-9fe76017b459

Request Chain 314

https://ib.adnxs.com/getuid?https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D28%26userId%3D%24UID HTTP 302
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=2387150951497595618

Request Chain 315

https://pixel.advertising.com/ups/56621/occ HTTP 302
https://pixel.advertising.com/ups/56621/occ?verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/56621/occ?apid=UPf9f54b07-3de5-11ec-a5a4-066c1c3f3b86 HTTP 302
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UPf9f54b07-3de5-11ec-a5a4-066c1c3f3b86

Request Chain 316

https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D HTTP 302
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YYSgtDPFl2dHHW91wo.sdAAA%261144

Request Chain 317

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID&sovrn_retry=true HTTP 307
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=b88dceccf540e50fabec5cba

Request Chain 319

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17632&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east

Request Chain 322

https://e.serverbid.com/udb/9969/match?redir=https://p.adsymptotic.com/d/px/?_pid=15964%26_rand=0.9032885969389142%26_psign=7af0e337a8b79b30c2c8126809252942%26_puuid= HTTP 302
https://p.adsymptotic.com/d/px/ue1-sb1-c549adaf-1b21-4536-9708-cbda488d9288

Request Chain 330

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3539097901260284538

Request Chain 332

https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7026918035043645590

Request Chain 333

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YYSgtQAAAmVOSQAz&gdpr=0&gdpr_consent=

Request Chain 334

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFHdkRrN0RDVUVBQUJUdnc0QzBRUQ&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAGvDk7DCUEAABTvw4C0QQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID

Request Chain 335

https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent= HTTP 307
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0

Request Chain 336

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7264695576 HTTP 302
https://sync.1rx.io/usersync/tradedesk/5f06a4a5-a2ef-44da-b26e-a8a6d7046f8c HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-80ce4e99-9ca2-4a78-affd-99a12c42a1da-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-80ce4e99-9ca2-4a78-affd-99a12c42a1da-003 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-80ce4e99-9ca2-4a78-affd-99a12c42a1da-003

Request Chain 341

https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=22908fd6-6ef7-4bb1-b23d-5c337aa03099-tuct87e2639&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0

Request Chain 342

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Request Chain 344

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Di-5bqgARqCTlkQc0ZoLjQ%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 345

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=97ea6184-a0b4-4300-a8de-838326059a79

Request Chain 346

https://pixel.onaudience.com/?partner=214&mapped=0E2FB96E-A800-46A0-9396-441CD19A0B8D HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=f4c959eff063f7e52f462011b36c20bb HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
https://pixel.onaudience.com/?partner=147&mapped=5f06a4a5-a2ef-44da-b26e-a8a6d7046f8c&icm HTTP 302
https://spl.zeotap.com/?zdid=1332&zcluid=2a80b3a5394d9976 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=da4e5cb6-93fd-4651-5f66-c0baea23f702&reqId=3f247cdd-4d12-49ca-4863-76ae27169992&zcluid=2a80b3a5394d9976&zdid=1332 HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESEKnZAtkOpyRZduOxTcp81jw&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=da4e5cb6-93fd-4651-5f66-c0baea23f702&reqId=3f247cdd-4d12-49ca-4863-76ae27169992&zcluid=2a80b3a5394d9976&zdid=1332

Request Chain 347

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MEUyRkI5NkUtQTgwMC00NkEwLTkzOTYtNDQxQ0QxOUEwQjhE&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 348

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEJRZDcr1WWLCjy0OOFp9g0&google_cver=1

Request Chain 350

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:97ea6184-a0b4-4300-a8de-838326059a79&gdpr=0&gdpr_consent=

Request Chain 351

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=5f06a4a5-a2ef-44da-b26e-a8a6d7046f8c

Request Chain 352

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=9105954489318236834

Request Chain 353

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2387150951497595618&gdpr=0&gdpr_consent=

Request Chain 354

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=35Ofh4iSxYDElMLQ28OK142VktXElcODipftnh-D

Request Chain 355

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=0E2FB96E-A800-46A0-9396-441CD19A0B8D&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-1.jVIzxE2uUqv7jqWCgnHLArIkhkiWU-~A&gdpr=0&gdpr_consent=

Request Chain 357

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=4bc927f8-e822-4db8-a24f-e8aeffe1865a HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=4bc927f8-e822-4db8-a24f-e8aeffe1865a HTTP 302
https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=ae13abf7-4784-4405-8aab-590cbd18837a&ssp=pubmatic HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=4bc927f8-e822-4db8-a24f-e8aeffe1865a&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 359

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3894433036581876719&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 360

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=

Request Chain 361

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:cd67ef16-2df2-4101-b7e9-29069d857701&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

Request Chain 362

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2387150951497595618

367 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.wrtv.com/
Redirect Chain

http://wrtv.com/
https://wrtv.com/
https://www.wrtv.com/

286 KB
69 KB

443ms
392ms

Document
text/html

18.66.112.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wrtv.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache Tomcat / Brightspot
Resource Hash: 715a4e5174940eb741273856be9cd6da8ffa530842d10b6713c4f54fa76cbb86

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=240
Content-Encoding: gzip
Date: Fri, 05 Nov 2021 03:10:42 GMT
Server: Apache Tomcat
X-Powered-By: Brightspot
Vary: Accept-Encoding
X-Cache: Miss from cloudfront
Via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P5
X-Amz-Cf-Id: illIYz8woCKy4zfu34ywxjZoCyWqmO0GupLFPXuh_Oi89x8Lu5Eivw==

Redirect headers

Content-Length: 0
Connection: keep-alive
Cache-Control: max-age=240
Date: Fri, 05 Nov 2021 03:10:40 GMT
Location: https://www.wrtv.com/
Server: Apache Tomcat
X-Cache: Miss from cloudfront
Via: 1.1 e94c77a12a65a84cbcef7856ed7e0fb9.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P3
X-Amz-Cf-Id: 6v5_EWski--xpMl9ld9EtZdjUBS4Epike7HvmaO2d0xf2z7gCA_A8A==

GET
H/1.1 200
OK All.min.721da039e12531468b3ac05943138423.gz.css
ewscripps.brightspotcdn.com/resource/0000017c-c7d2-dd00-a17d-d7fab2c90000/styleguide/ 115 KB
21 KB 45ms
7ms Stylesheet
text/css 18.66.112.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ewscripps.brightspotcdn.com/resource/0000017c-c7d2-dd00-a17d-d7fab2c90000/styleguide/All.min.721da039e12531468b3ac05943138423.gz.css
Requested by: Host: www.wrtv.com
URL: https://www.wrtv.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 24d1eca2cdf9523d574152e4ebc006c6e2aefde295e42c09ec07304881af354c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 28 Oct 2021 16:54:10 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Thu, 28 Oct 2021 16:54:09 GMT
Server: AmazonS3
Age: 641793
ETag: "1f30e1262dea997fcecf32f1f39137c5"
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 5c14dc328191a14142654d833f772c6d.cloudfront.net (CloudFront)
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: FRA56-P5
Accept-Ranges: bytes
Content-Length: 21476
X-Amz-Cf-Id: WYBtEEb7bxRGw_Nn9rRef8_vrgwm6gkPk2Zw4pckxdDqfaLaqql6yA==

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 19 KB
7 KB 73ms
28ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.wrtv.com
URL: https://www.wrtv.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11b947e74a7ba8f1d433b84ab7a719799ec0662a9035a8b4a2ab4d7d1eb2d681

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 05 Nov 2021 03:10:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: OPcq+YIYFFKAyM1Ar0weOg==
age: 1479920
vary: Accept-Encoding
content-length: 6350
x-ms-lease-status: unlocked
last-modified: Thu, 14 Oct 2021 05:25:41 GMT
server: cloudflare
etag: 0x8D98ED3103C1468
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 75937fa8-e01e-0075-326c-c45f5d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6a92e3fbadf45a0d-MXP
expires: Sat, 13 Nov 2021 03:10:42 GMT

GET
H2 200 tsu4adm.css
use.typekit.net/ 21 KB
2 KB 39ms
18ms Stylesheet
text/css 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/tsu4adm.css

Requested by

Host: www.wrtv.com
URL: https://www.wrtv.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

7cf89686a83932b96590f942f131f107965fde7ad08b3c7fdbba6c9af641bc22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Fri, 05 Nov 2021 03:10:42 GMT
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1725

GET
H2 200 all.css
use.fontawesome.com/releases/v5.1.0/css/ 45 KB
11 KB 65ms
25ms Stylesheet
text/css 2606:4700:3031::ac43:d645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.1.0/css/all.css
Requested by: Host: www.wrtv.com
URL: https://www.wrtv.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce91e2144ea27f82292ef2c87c5d9e1d0b9994df63836130293865aca18fc550

Request headers

Referer: https://www.wrtv.com/
Origin: https://www.wrtv.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 03:10:42 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2406137
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: HJVKJQ2R24H6XZMZ
x-amz-id-2: EdBuwAdxrZBTq/ec4w99dnwaYBuIN/ded7lHSw395GWi+PV4/Xno9fj1w8blO1BTn6DS2093gPA=
last-modified: Wed, 30 Jun 2021 15:30:31 GMT
server: cloudflare
etag: W/"826c57385f3d35cfed5478ba7b1f5c03"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FSZTvaoMEj8bDJ83Njjr2B1qQGvmyMhXATyHtLVDodCjFKxWEEjR6dE52cYZ8jG8GzQNSFeeAxpfRS0Egys8u2%2Bw34i1ESDgDP4tZ6RqN6mON5pPGE4fKQXRGdxNPC2VabZMygAKEqcGtDuyOAlwC7An"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 6a92e3fb9ace375c-MXP

GET
H/1.1 403
Forbidden square--144.png
assets.scrippsdigital.com/cms/images/color_schemes/wrtv/ 0
0 463ms
422ms Image
application/xml 18.66.122.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.scrippsdigital.com/cms/images/color_schemes/wrtv/square--144.png
Requested by: Host: www.wrtv.com
URL: https://www.wrtv.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H/1.1 200
OK /
ewscripps.brightspotcdn.com/dims4/default/d53fb77/2147483647/strip/true/crop/350x133+0+0/resize/350x133!/quality/90/ 13 KB
13 KB 8ms
7ms Image
image/png 18.66.112.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewscripps.brightspotcdn.com/dims4/default/d53fb77/2147483647/strip/true/crop/350x133+0+0/resize/350x133!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2Fa5%2Fa5%2Fe6102e0348e397347bbc24cb6d60%2Fwrtv-main-logo.png
Requested by: Host: www.wrtv.com
URL: https://www.wrtv.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 8b08a1ea47e0d95f87f369c64fae7bc49765ddcbd2836200757aefd5572b7e64

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 06:00:02 GMT
Via: 1.1 5c14dc328191a14142654d833f772c6d.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache
Age: 5692240
ETag: a9819cce06c37ca11fea496eaf7fe2e6
X-Cache: Hit from cloudfront
Content-Type: image/png
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
X-Amz-Cf-Pop: FRA56-P5
X-Robots-Tag: nofollow
Content-Length: 12889
X-Amz-Cf-Id: fwhrn-aeDYyrCXV4uDFkdouC86Qkj2Lbyn5SVG0exf4q3po8XDlhKw==
Expires: Wed, 31 Aug 2022 06:00:02 GMT

GET
H/1.1 200
OK Blank.gif
www.wrtv.com/styleguide/assets/ 57 B
475 B 14ms
14ms Image
image/gif 18.66.112.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wrtv.com/styleguide/assets/Blank.gif
Requested by: Host: www.wrtv.com
URL: https://www.wrtv.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: e4447831baf6690d632168390edfd95679cb7b5a09aec2c54d47b0a2343e54aa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 07 Feb 2021 07:48:41 GMT
Via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache-Coyote/1.1
Age: 23397720
X-Cache: Hit from cloudfront
Content-Type: image/gif;charset=UTF-8
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: FRA56-P5
Content-Length: 57
X-Amz-Cf-Id: z0dw6fminfWsZxkyQqCi8qxblpLuHJDlOIL6iFe9o2cxshyPkQdAMg==

GET
H/1.1 200
OK logo-scripps.png
assets.scrippsdigital.com/cms/images/ 3 KB
4 KB 43ms
9ms Image
image/png 18.66.122.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.scrippsdigital.com/cms/images/logo-scripps.png
Requested by: Host: www.wrtv.com
URL: https://www.wrtv.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d66c157e60a88623fc6bb87393d303096b3a2db235ad33c1cdb80ed71ee38c42

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: 8lNexGmb6tKD4SPVOeXslwnzBtFWYJoV
Via: 1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
Last-Modified: Mon, 23 Oct 2017 14:04:11 GMT
Server: AmazonS3
Age: 82975
ETag: "f46791d665054bf21da09492d448e1d2"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
Date: Thu, 04 Nov 2021 04:07:48 GMT
x-amz-replication-status: COMPLETED
X-Amz-Cf-Pop: FRA60-P2
Accept-Ranges: bytes
Content-Length: 3532
X-Amz-Cf-Id: cyXEC9XXA50CqZWFcP-PI3__s-9T49g0abi9AKsXHhN-f18qOfS5Zg==

GET
H/1.1 200
OK All.min.9656e89e5a03da06d3ee6f4b6fbf717b.gz.js Show response
ewscripps.brightspotcdn.com/resource/0000017c-c7d2-dd00-a17d-d7fab2c90000/styleguide/ 427 KB
99 KB 14ms
12ms Script
text/javascript 18.66.112.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ewscripps.brightspotcdn.com/resource/0000017c-c7d2-dd00-a17d-d7fab2c90000/styleguide/All.min.9656e89e5a03da06d3ee6f4b6fbf717b.gz.js
Requested by: Host: www.wrtv.com
URL: https://www.wrtv.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: da4a85b624e7a71b4aa3827935dae699f7e8769e172ce18dc1ec395967863fbd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 28 Oct 2021 16:54:10 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Thu, 28 Oct 2021 16:54:10 GMT
Server: AmazonS3
Age: 641793
ETag: "e9115ed9ae76a1acab3581c3c5fe8c6a"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 5c14dc328191a14142654d833f772c6d.cloudfront.net (CloudFront)
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: FRA56-P5
Accept-Ranges: bytes
Content-Length: 101117
X-Amz-Cf-Id: 2PuzxTIomPh_WSYaIY77WC5jKJ3CKvTYSCyx8Uh42BUYp7_PKehyQQ==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 145 KB
49 KB 67ms
29ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-6TGJ

Requested by

Host: www.wrtv.com
URL: https://www.wrtv.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2bbe7f809fcc3e63c130ae2b3df37a41fc3f97b960a51ef590d1f2090491b122

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 03:10:42 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49791
x-xss-protection: 0
expires: Fri, 05 Nov 2021 03:10:42 GMT

GET
H2 404 000000.json Show response
cdn.cookielaw.org/consent/000000/ 215 B
652 B 209ms
163ms XHR
application/xml 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/000000/000000.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cdb63d55a5fe9574b557864313b4926d91691568773d39d44c537d2988930faa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 03:10:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: EXPIRED
vary: Accept-Encoding
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/xml
access-control-allow-origin: *
x-ms-request-id: 07deffc6-e01e-017a-64f2-d1f4fe000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
cf-ray: 6a92e3fc29d959dd-MXP
expires: Fri, 05 Nov 2021 07:10:42 GMT

GET
H/1.1 200
OK yi.js Show response
sejs.moatads.com/crackedscrippsdfpprebidheader262014341684/ 212 KB
75 KB 103ms
33ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sejs.moatads.com/crackedscrippsdfpprebidheader262014341684/yi.js
Requested by: Host: www.wrtv.com
URL: https://www.wrtv.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 8e730ee16a0db99b8f0575bea2e3ef0471019b00e2037fb0d367fbfbb5833248

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 05 Nov 2021 03:10:42 GMT
Content-Encoding: gzip
Server: AmazonS3
x-amz-request-id: VMZ43N564KYFNGBW
ETag: "7853c8ebe7f9da77fcaa62deaa61a427"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31816
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
x-amz-id-2: SVUwRf0611+pyM6V6mRbAHemzh8RKQ6CBQ++Zt2jJbbMS1BlYuxfCRX4ZGoskBLjHAZc1ZSdRWQ=

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 133 KB
36 KB 55ms
7ms Script
application/javascript 52.222.210.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.wrtv.com
URL: https://www.wrtv.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.210.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-210-175.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 973fe12f5130be123a73261e3956030b8a1c380f8cd8234e319b51bda6892898

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 03:04:27 GMT
content-encoding: gzip
age: 374
x-cache: Hit from cloudfront
timing-allow-origin: *
server: Server
x-amz-rid: 1S20M1P30F9BE85BF1CE
etag: fc2e1be4d234471752ea2ebee7e63d1e
vary: Accept-Encoding
x-amz-version-id: Z0IamK7Uj8Cug.ddab3Iex9UsiUM6RCO
via: 1.1 626c544a24a86c6cd608360f520b6d8d.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: WKymYDLlml_2RDDWMUgJzplKgZ4EnOx7jGlOyNpbRJWz_HKloK3F8Q==

GET
H2 200 bidexchange.js Show response
hbx.media.net/ 374 KB
96 KB 139ms
69ms Script
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hbx.media.net/bidexchange.js?cid=8CU6Q6626&version=5.1&dn=www.wrtv.com

Requested by

Host: www.wrtv.com
URL: https://www.wrtv.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

5b155fb0f2cb0838d33f68171d2cc0561eaf3ed61e74b35a15e553720bed092a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
date: Fri, 05 Nov 2021 03:10:42 GMT
vary: Accept-Encoding
x-mnet-h: E
content-type: text/javascript; charset=utf-8
cache-control: max-age=1800
timing-allow-origin: *
expires: Fri, 05 Nov 2021 03:40:42 GMT

GET
H/1.1 200
OK 5776_Scripps_Local_Stations.js Show response
ads.rubiconproject.com/prebid/ 570 KB
110 KB 47ms
9ms Script
text/javascript 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Requested by: Host: www.wrtv.com
URL: https://www.wrtv.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 9e20eb6cc267880b06f424fbf419634df65e2507e5257747c8d3642e539f8282

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 05 Nov 2021 03:10:42 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Nov 2021 20:11:24 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=8968
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 112023
Expires: Fri, 05 Nov 2021 05:40:10 GMT

GET
H2 200 p.css
p.typekit.net/ 5 B
162 B 61ms
13ms Stylesheet
text/css 2a02:26f0:6c00:2ae::19fd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=tsu4adm&ht=tk&f=137.138.139.140.169.170.171.172.175.176.141.142.143.144.147.148.151.152.153.154.155.156.157.160.161.162.165.166.167.168&a=15199297&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/tsu4adm.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2ae::19fd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 03:10:42 GMT
last-modified: Thu, 05 Nov 2020 13:49:42 GMT
server: nginx
etag: "5fa402f6-5"
content-type: text/css
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 44ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.wrtv.com
URL: https://www.wrtv.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

80ae1976faf61789462b630ab8e5f7f3ec62dda4929579788b7c54129bdf892b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 7yhG4tzbgutOutd5qK1+1A==
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1684
x-fb-rlafr: 0
x-fb-debug: PNcz7+pwuHXNExah5vDAU3pFXpmNESXa5wM0RKXI/wnaS9CHSwRdjSMdPZFJbBN8eFxr/GLoK2iWZByn7Z/LYg==
x-fb-trip-id: 686109401
x-fb-content-md5: 1b9cbb63e06ef92801f4e1d7c68715b4
x-frame-options: DENY
date: Fri, 05 Nov 2021 03:10:42 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "0b61838a487d4ca69b98a09972db5db1"
timing-allow-origin: *
priority: u=3,i
expires: Fri, 05 Nov 2021 03:12:46 GMT

GET
H2 200 p.js Show response
cdn.parsely.com/keys/wrtv.com/ 66 KB
23 KB 64ms
11ms Script
application/javascript 18.66.100.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/wrtv.com/p.js
Requested by: Host: www.wrtv.com
URL: https://www.wrtv.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.100.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: f465e6c5fafce95c55ae16e9323349b0e064e612a479cd34a3446229f695b694

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: public
date: Thu, 04 Nov 2021 03:37:30 GMT
content-encoding: gzip
last-modified: Thu, 18 Feb 2021 19:25:04 GMT
server: nginx
age: 84792
etag: W/"602ebf10-1070d"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 9015971351bc982a04ee209a022bb1f9.cloudfront.net (CloudFront)
cache-control: max-age=86400, public
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: tvjM8fU76CYCBK7RSZbovkbZFbm_Pk9vdjramrszgMpftgeVyTgyMw==
expires: Fri, 05 Nov 2021 03:37:30 GMT

GET
H/1.1 200
OK /
ewscripps.brightspotcdn.com/dims4/default/d304a37/2147483647/strip/true/crop/1600x900+0+0/resize/320x180!/quality/90/ 124 KB
124 KB 14ms
9ms Image
image/png 18.66.112.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewscripps.brightspotcdn.com/dims4/default/d304a37/2147483647/strip/true/crop/1600x900+0+0/resize/320x180!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2Fa7%2F8c%2F9b4fafe44e949f54f79cf1853f3f%2Fcopy-of-pete-chasten-buttigieg-welcome-daughter-son.png
Requested by: Host: www.wrtv.com
URL: https://www.wrtv.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 8ff003adee31acb3f7990c0e589466bf05d4f7570bd747b2380163173b7d7f92

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 08 Sep 2021 19:18:33 GMT
Via: 1.1 5c14dc328191a14142654d833f772c6d.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache
Age: 4953129
ETag: 584725902a9ca60e364b35ff13cd18c8
X-Cache: Hit from cloudfront
Content-Type: image/png
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
X-Amz-Cf-Pop: FRA56-P5
X-Robots-Tag: nofollow
Content-Length: 126920
X-Amz-Cf-Id: htJWDinPC0gVQR4DkIpL2JgYayaiFg3pZ3VT0Em4YII8ybvukPYjSA==
Expires: Thu, 08 Sep 2022 19:18:33 GMT

GET
H/1.1 200
OK /
ewscripps.brightspotcdn.com/dims4/default/953f931/2147483647/strip/true/crop/1895x1066+12+0/resize/320x180!/quality/90/ 84 KB
85 KB 15ms
7ms Image
image/png 18.66.112.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewscripps.brightspotcdn.com/dims4/default/953f931/2147483647/strip/true/crop/1895x1066+12+0/resize/320x180!/quality/90/?url=https%3A%2F%2Fewscripps.brightspotcdn.com%2F39%2F9a%2F4bb06b4b452e8f77c8b383027ed3%2Fkids.png
Requested by: Host: www.wrtv.com
URL: https://www.wrtv.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 3daa5a737b17aaad97db57eb208a1abe30c08fff56ca279cd8bf4c390d8c7b21

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 28 Jul 2021 21:20:50 GMT
Via: 1.1 5c14dc328191a14142654d833f772c6d.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache
Age: 8574592
ETag: 96227388b8c0c7e7a090752be91c3c2a
X-Cache: Hit from cloudfront
Content-Type: image/png
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
X-Amz-Cf-Pop: FRA56-P5
X-Robots-Tag: nofollow
Content-Length: 86504
X-Amz-Cf-Id: 9VURNN6Zzecy0aDr33CQv1rLLLPTYwQvPMPGSuvjrBvwdZu8tnsZJA==
Expires: Thu, 28 Jul 2022 21:20:50 GMT

GET
H/1.1 200
OK /
ewscripps.brightspotcdn.com/dims4/default/50b99db/2147483647/strip/true/crop/1920x1080+0+0/resize/320x180!/quality/90/ 49 KB
49 KB 29ms
7ms Image
image/png 18.66.112.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewscripps.brightspotcdn.com/dims4/default/50b99db/2147483647/strip/true/crop/1920x1080+0+0/resize/320x180!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2F81%2Fb6%2Fd2a4884444a483f3c2f07e04a2ef%2Fblue-coronavirus-generic.png
Requested by: Host: www.wrtv.com
URL: https://www.wrtv.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: bf7f02da77004df544f9bca4a08409d1406f981cd7e96718f1cc4bf004fc6069

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 24 Aug 2021 16:54:24 GMT
Via: 1.1 5c14dc328191a14142654d833f772c6d.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache
Age: 6257778
ETag: a2ac4605d8b680c4dc4209832da77362
X-Cache: Hit from cloudfront
Content-Type: image/png
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
X-Amz-Cf-Pop: FRA56-P5
X-Robots-Tag: nofollow
Content-Length: 49889
X-Amz-Cf-Id: qVcB2IgI9VqYaRcN1Ji0dB2Bk5RfwGPh54Et27xAjgONFK1i7l3BTg==
Expires: Wed, 24 Aug 2022 16:54:24 GMT

GET
H/1.1 200
OK /
ewscripps.brightspotcdn.com/dims4/default/7e7e543/2147483647/strip/true/crop/0x0+0+0/resize/320x180!/quality/90/ 19 KB
20 KB 25ms
9ms Image
image/jpeg 18.66.112.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewscripps.brightspotcdn.com/dims4/default/7e7e543/2147483647/strip/true/crop/0x0+0+0/resize/320x180!/quality/90/?url=https%3A%2F%2Fwww.simplemost.com%2Fwp-content%2Fuploads%2F2019%2F09%2FCrime-Scene-Home-Generic-Adobe-500x333.jpeg
Requested by: Host: www.wrtv.com
URL: https://www.wrtv.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 791a3a7449870a956ba48d6bb19007c2eabb90cd7e55f6e93d97eca2b7e27919

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 17:52:12 GMT
Via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache
Age: 6686310
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
X-Amz-Cf-Pop: FRA56-P5
X-Robots-Tag: nofollow
Content-Length: 19851
X-Amz-Cf-Id: e_kB3XaMkkCl3Kr0SOTFFxG2USo86YyIeU8p0tXgJ--f9nJgiSKJbg==
Expires: Fri, 19 Aug 2022 17:52:12 GMT

GET
H/1.1 200
OK /
ewscripps.brightspotcdn.com/dims4/default/76f957e/2147483647/strip/true/crop/1050x591+0+1/resize/1280x720!/quality/90/ 1 MB
1 MB 25ms
13ms Image
image/png 18.66.112.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewscripps.brightspotcdn.com/dims4/default/76f957e/2147483647/strip/true/crop/1050x591+0+1/resize/1280x720!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2F66%2F96%2F046f15674e1bae558fb137ceab1c%2Fscreen-shot-2021-05-26-at-6.20.08%20PM.png
Requested by: Host: www.wrtv.com
URL: https://www.wrtv.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 27b9425e1ef516be0b86ff8a57898d9c36ffb195f8b09d0a99a9ef87b18432c5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 04 Nov 2021 19:51:21 GMT
Via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache
Age: 26360
ETag: 6ae6aa6bc688711f034f89f07d741751
X-Cache: Hit from cloudfront
Content-Type: image/png
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
X-Amz-Cf-Pop: FRA56-P5
X-Robots-Tag: nofollow
Content-Length: 1201448
X-Amz-Cf-Id: vteD7EUIeTt6VDWy15WlpnYOY1nLUo5a-rggY2dPbk_Rgos0m85New==
Expires: Fri, 04 Nov 2022 19:51:22 GMT

GET
H/1.1 200
OK /
ewscripps.brightspotcdn.com/dims4/default/2a0768f/2147483647/strip/true/crop/1920x1080+0+0/resize/1280x720!/quality/90/ 617 KB
618 KB 27ms
22ms Image
image/png 18.66.112.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewscripps.brightspotcdn.com/dims4/default/2a0768f/2147483647/strip/true/crop/1920x1080+0+0/resize/1280x720!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2F52%2F09%2F5e216a43462298887cb089f29b37%2Fkm2.png
Requested by: Host: www.wrtv.com
URL: https://www.wrtv.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 4d791ed98864710ccf18afff9e36d5c2df43568f479a476c3ec534be302ff459

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 04 Nov 2021 20:30:48 GMT
Via: 1.1 0341da327f4c4c49034aa07ebeeab1f1.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache
Age: 23993
ETag: 368fdc51147c8e3f69fc2f8c76ff31ba
X-Cache: Hit from cloudfront
Content-Type: image/png
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
X-Amz-Cf-Pop: FRA56-P5
X-Robots-Tag: nofollow
Content-Length: 632048
X-Amz-Cf-Id: _QGN4rT4yTb4UjuPLlqyg4n4zbfoEKRwWTLMlgC-Mfzjvg9Kmqa-gA==
Expires: Fri, 04 Nov 2022 20:30:48 GMT

GET
H/1.1 200
OK /
ewscripps.brightspotcdn.com/dims4/default/b5589ff/2147483647/strip/true/crop/4032x2268+0+378/resize/1280x720!/quality/90/ 174 KB
174 KB 9ms
8ms Image
image/jpeg 18.66.112.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewscripps.brightspotcdn.com/dims4/default/b5589ff/2147483647/strip/true/crop/4032x2268+0+378/resize/1280x720!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2Fc6%2F86%2Fdb661a1d43a48e5fef1170e69404%2Fsaintanne.jpg
Requested by: Host: www.wrtv.com
URL: https://www.wrtv.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: cb7d2c1252cba35c68a89362b1cf9a6242bbfa93cbd87b403fb49f57feb08ab1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 04 Nov 2021 23:22:36 GMT
Via: 1.1 5c14dc328191a14142654d833f772c6d.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache
Age: 13686
ETag: 4b33d34d0ec45a1522fe85d644f28056
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
X-Amz-Cf-Pop: FRA56-P5
X-Robots-Tag: nofollow
Content-Length: 177739
X-Amz-Cf-Id: KLTqTv439deysqT6oGgHQjtXLYWGKlwvhkOHyQ4FSLCstjaclwJYNg==
Expires: Fri, 04 Nov 2022 23:22:36 GMT

GET
H/1.1 200
OK /
ewscripps.brightspotcdn.com/dims4/default/e20da14/2147483647/strip/true/crop/1152x648+0+29/resize/1280x720!/quality/90/ 85 KB
86 KB 15ms
9ms Image
image/jpeg 18.66.112.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewscripps.brightspotcdn.com/dims4/default/e20da14/2147483647/strip/true/crop/1152x648+0+29/resize/1280x720!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2Fc0%2F86%2F3ee629fe419da2f34a1b880e5089%2Fholcomb-covid19.JPG
Requested by: Host: www.wrtv.com
URL: https://www.wrtv.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 1bc57e606d6ad5fd88d325ffe6d59e983dfdb5c9a3c16937c0e2f679501e6277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 30 Oct 2021 18:42:15 GMT
Via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache
Age: 462507
ETag: cae137f3b0fdf1690a8c5d2105f55330
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
X-Amz-Cf-Pop: FRA56-P5
X-Robots-Tag: nofollow
Content-Length: 87144
X-Amz-Cf-Id: lPyrFVg2x9w4PrHdtel1dP-zr9LTf8EzlWgKZKfKIcXVJKhnVWge5w==
Expires: Sun, 30 Oct 2022 18:42:15 GMT

GET
H/1.1 200
OK /
ewscripps.brightspotcdn.com/dims4/default/c9d1280/2147483647/strip/true/crop/1049x590+85+0/resize/1280x720!/quality/90/ 101 KB
101 KB 26ms
10ms Image
image/jpeg 18.66.112.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewscripps.brightspotcdn.com/dims4/default/c9d1280/2147483647/strip/true/crop/1049x590+85+0/resize/1280x720!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2F9a%2F4d%2F3207828a4fee80cd62e0c0393033%2Fholcomb1.jpg
Requested by: Host: www.wrtv.com
URL: https://www.wrtv.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 2498b81bdfc16322af8b741ec7cc0e807b2106352c5aed05e9f9cec217587407

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 04 Nov 2021 17:16:31 GMT
Via: 1.1 5c14dc328191a14142654d833f772c6d.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache
Age: 35651
ETag: 12e09e120c9c24fb788aeda0219bee8b
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
X-Amz-Cf-Pop: FRA56-P5
X-Robots-Tag: nofollow
Content-Length: 103224
X-Amz-Cf-Id: Epebh9wMYlJz1bJGbgPIziLl4Y1mv7wBcft_657cYETyXcexeoq2Xg==
Expires: Fri, 04 Nov 2022 17:16:31 GMT

GET
H/1.1 200
OK /
ewscripps.brightspotcdn.com/dims4/default/6532dc0/2147483647/strip/true/crop/1280x720+0+0/resize/1280x720!/quality/90/ 1 MB
1 MB 9ms
9ms Image
image/png 18.66.112.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewscripps.brightspotcdn.com/dims4/default/6532dc0/2147483647/strip/true/crop/1280x720+0+0/resize/1280x720!/quality/90/?url=https%3A%2F%2Fewscripps.brightspotcdn.com%2F45%2Ffd%2F0a48aa624d01b1701bcf6a7b2481%2Fstores.png
Requested by: Host: www.wrtv.com
URL: https://www.wrtv.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 92b1898dfaca91774710b1b658a19ed5db304cdf8f029cccfbfcac7b65b654bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 04 Nov 2021 20:22:35 GMT
Via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache
Age: 24487
ETag: c49991115bc05e52dde7bfac15b1f18f
X-Cache: Hit from cloudfront
Content-Type: image/png
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
X-Amz-Cf-Pop: FRA56-P5
X-Robots-Tag: nofollow
Content-Length: 1177565
X-Amz-Cf-Id: XIS7XTLLwRzwT1wBofP_SH22aBJV4d2kMLZeWKE1zwiq0sRgIFCZKA==
Expires: Fri, 04 Nov 2022 20:22:35 GMT

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.1.0/webfonts/ 58 KB
59 KB 28ms
23ms Font
font/woff2 2606:4700:3031::ac43:d645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.1.0/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.1.0/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a83079124373d924ad1402fbc08d2e24d0043234d4c26565f1c368745f55f5d9

Request headers

Referer: https://use.fontawesome.com/releases/v5.1.0/css/all.css
Origin: https://www.wrtv.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 03:10:42 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 272936
cf-ray: 6a92e3fc7b64375c-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 59572
x-amz-id-2: rb9GY6zS2MZZRS+HYB6ZnI7s9yyqi2G/96Eb6FWTAdwNZTWy4k+QYS9W6D/ySAIjLMHGoXEOVrg=
last-modified: Wed, 30 Jun 2021 15:30:49 GMT
server: cloudflare
etag: "18d2347ab2a9f40ca2247cdb03303d84"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gLnUi4oybiHjqQ%2Bralk7ZWSY%2Brkfbi%2Bz%2F0D2sXD89G1sdOio2brIdZMjP0XStwzwevQ6HFRYGTOsyd2d7kTHj1nZ%2B2KSZdyAfL9xO97Ba8GIxDckv3wdCwxubleIgWdEp5u8P%2FpL9shql%2FIjFwkaGS0B"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: TXZA7MJS946ZS9B9
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
content-type: font/woff2

GET
H2 200 l
use.typekit.net/af/efe4a5/00000000000000007735e609/30/ 16 KB
16 KB 75ms
24ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/efe4a5/00000000000000007735e609/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/tsu4adm.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 6134c69a4499afd5f1c8aa273268c18604922248782917819d91e9cdfdf22995

Request headers

Referer: https://use.typekit.net/tsu4adm.css
Origin: https://www.wrtv.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 03:10:42 GMT
server: nginx
etag: "ef52ad3657e4d4a42c21db6c00d5c7ccc649bc94"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 16564

GET
H2 200 l
use.typekit.net/af/8738d8/00000000000000007735e611/30/ 16 KB
17 KB 74ms
23ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/8738d8/00000000000000007735e611/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n8&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/tsu4adm.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: d63fa770adfd344ffffd30e315719e539d341a6f71d0d6ad6a5c312a85e95fed

Request headers

Referer: https://use.typekit.net/tsu4adm.css
Origin: https://www.wrtv.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 03:10:42 GMT
server: nginx
etag: "a5565f97e4389f39e94f7880b2c8088023e4d88a"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 16884

GET
H2 200 l
use.typekit.net/af/2555e1/00000000000000007735e603/30/ 16 KB
17 KB 76ms
25ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/2555e1/00000000000000007735e603/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/tsu4adm.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: cb2f89e554453cd1e53c403748945f0fc04314a5395c72160f06367d49cb9d26

Request headers

Referer: https://use.typekit.net/tsu4adm.css
Origin: https://www.wrtv.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 03:10:42 GMT
server: nginx
etag: "96c7595dad6bb306bf9cc4c7a3b3d28654c7d636"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 16832

GET
H2 200 fa-brands-400.woff2
use.fontawesome.com/releases/v5.1.0/webfonts/ 62 KB
62 KB 445ms
442ms Font
font/woff2 2606:4700:3031::ac43:d645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.1.0/webfonts/fa-brands-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.1.0/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62b5e7ae9e2ed60dcd7cb2e0823dd0884575f2176aff629f2df1e912dfae20e1

Request headers

Referer: https://use.fontawesome.com/releases/v5.1.0/css/all.css
Origin: https://www.wrtv.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 03:10:43 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: QE9ZPXTAE8FM402T
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 63376
x-amz-id-2: jSYWh6vdgJawsJdEmTZq9iGLB2qdVYv7Okn1n/Tsukl7NXwHwvU7SjQ8ZXpDXG/i/Vp93U61BnU=
last-modified: Wed, 30 Jun 2021 15:30:49 GMT
server: cloudflare
etag: "f319eac1c755f9929fd856720ce1695e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BUoqs4Jv%2FzxQCMJb0a4w9tu5Bd%2BmZ9VkW6xrzCl%2Bbt84XHFQE9LYApQzd78uZZ0zf4It%2BIRtt5vjCgjDRKEk8oOvpcRYIgzgNLkDwXtYZkIGkSfbncFZa4Hl1Pq9Yp%2FYnzZy6UmXIqXpyTSLTHeqBmiI"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 6a92e3fc7b66375c-MXP

GET
H/1.1 200
OK /
ewscripps.brightspotcdn.com/dims4/default/99fdbb9/2147483647/strip/true/crop/2539x1428+6+0/resize/320x180!/quality/90/ 128 KB
128 KB 372ms
371ms Image
image/png 18.66.112.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewscripps.brightspotcdn.com/dims4/default/99fdbb9/2147483647/strip/true/crop/2539x1428+6+0/resize/320x180!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2F9a%2F34%2F13816988460d9d5b6202882dcf5b%2Fcultural-trail.png
Requested by: Host: www.wrtv.com
URL: https://www.wrtv.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: fe873ea96b8b3ad704c4d5cf4a6fc3422ba3664b58a993aa9ff33c05a61c3f91

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 05 Nov 2021 03:10:42 GMT
Via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
Server: Apache
X-Amz-Cf-Pop: FRA56-P5
ETag: e3e8d6f14b3f274696f503fd6cca8df7
X-Cache: Miss from cloudfront
Content-Type: image/png
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
Connection: keep-alive
X-Robots-Tag: nofollow
Content-Length: 130681
X-Amz-Cf-Id: UC9nq1aeeHq7GHjz-44TM_Ul0oaC3KrQakVsTvpemv2JcAq1Nz19oA==
Expires: Sat, 05 Nov 2022 03:10:43 GMT

GET
H/1.1 200
OK /
ewscripps.brightspotcdn.com/dims4/default/8f0798a/2147483647/strip/true/crop/1280x720+0+0/resize/320x180!/quality/90/ 12 KB
12 KB 12ms
12ms Image
image/jpeg 18.66.112.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewscripps.brightspotcdn.com/dims4/default/8f0798a/2147483647/strip/true/crop/1280x720+0+0/resize/320x180!/quality/90/?url=https%3A%2F%2Fx-default-stgec.uplynk.com%2Fausw%2Fslices%2F3eb%2F53c3dfd52290407986694c1471cfa82a%2F3ebe929e0f584969845efd344daac01d%2Fposter_4da11235a86941f196ea7c4271732263.jpg
Requested by: Host: www.wrtv.com
URL: https://www.wrtv.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 44f435231f187f4ac97e0eee3a86356c8dec9b3481d6c5596bf66789e1b86d86

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 05 Nov 2021 01:57:11 GMT
Via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache
Age: 4411
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
X-Amz-Cf-Pop: FRA56-P5
X-Robots-Tag: nofollow
Content-Length: 11844
X-Amz-Cf-Id: FdGNiidlswr1EM7IDYXgKgZOKf7b7W4uoJjCMUoYSoFiE5GtU-yOZQ==
Expires: Sat, 05 Nov 2022 01:57:11 GMT

GET
H/1.1 200
OK /
ewscripps.brightspotcdn.com/dims4/default/5c1852c/2147483647/strip/true/crop/1278x719+1+0/resize/320x180!/quality/90/ 12 KB
12 KB 11ms
9ms Image
image/jpeg 18.66.112.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewscripps.brightspotcdn.com/dims4/default/5c1852c/2147483647/strip/true/crop/1278x719+1+0/resize/320x180!/quality/90/?url=https%3A%2F%2Fewscripps.brightspotcdn.com%2F4d%2F44%2Fcff1c12c440ba2ccc38aaf119528%2Fthumbnail-image.jpg
Requested by: Host: www.wrtv.com
URL: https://www.wrtv.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 238de8c6c1e688d3104efffdd6544be85d7e4848462573f6c2e4d8f3aa6e7405

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 21:49:20 GMT
Via: 1.1 5c14dc328191a14142654d833f772c6d.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache
Age: 7708882
ETag: b3e967c2fdc4d818c1f8c4b88e65e00f
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
X-Amz-Cf-Pop: FRA56-P5
X-Robots-Tag: nofollow
Content-Length: 12257
X-Amz-Cf-Id: MSMyjR2TalmBNI9zV0dJZF3uuQqTuPlXjgm99URB_JQ3jxS5nmgsXQ==
Expires: Sun, 07 Aug 2022 21:49:20 GMT

GET
H/1.1 200
OK /
ewscripps.brightspotcdn.com/dims4/default/39179a9/2147483647/strip/true/crop/1280x720+0+0/resize/320x180!/quality/90/ 12 KB
13 KB 358ms
357ms Image
image/jpeg 18.66.112.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewscripps.brightspotcdn.com/dims4/default/39179a9/2147483647/strip/true/crop/1280x720+0+0/resize/320x180!/quality/90/?url=https%3A%2F%2Fx-default-stgec.uplynk.com%2Fausw%2Fslices%2Ff97%2F53c3dfd52290407986694c1471cfa82a%2Ff97dfbfa9c144a30b7d7054219acb4a0%2Fposter_ea0249ab599b42159b20e8f0bbdf273e.jpg
Requested by: Host: www.wrtv.com
URL: https://www.wrtv.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 65b04a24d55f9d8d3c632ad9420616ea4932bb3a3ebf20a6829adfbe66a7abd5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 05 Nov 2021 03:10:42 GMT
Via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
Server: Apache
X-Amz-Cf-Pop: FRA56-P5
X-Cache: Miss from cloudfront
Content-Type: image/jpeg
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
Connection: keep-alive
X-Robots-Tag: nofollow
Content-Length: 12701
X-Amz-Cf-Id: LN61PZ2ikxKzk9e8k_3SQXJrYD49aJQj7fy2x7217ehE64I9IdEl0w==
Expires: Sat, 05 Nov 2022 03:10:43 GMT

GET
H/1.1 200
OK /
ewscripps.brightspotcdn.com/dims4/default/e26c84e/2147483647/strip/true/crop/1280x720+0+0/resize/320x180!/quality/90/ 10 KB
10 KB 345ms
344ms Image
image/jpeg 18.66.112.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewscripps.brightspotcdn.com/dims4/default/e26c84e/2147483647/strip/true/crop/1280x720+0+0/resize/320x180!/quality/90/?url=https%3A%2F%2Fx-default-stgec.uplynk.com%2Fausw%2Fslices%2Ff4b%2F53c3dfd52290407986694c1471cfa82a%2Ff4b3d14bbea14ecba62512104ad4b219%2Fposter_74350f6502e143a184d257d8c203d5c6.jpg
Requested by: Host: www.wrtv.com
URL: https://www.wrtv.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 5ba51c9b5c00b171e74d1ddffbff8c203722cd9f3e5e9f9be281b2ac147d9ec1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 05 Nov 2021 03:10:42 GMT
Via: 1.1 5c14dc328191a14142654d833f772c6d.cloudfront.net (CloudFront)
Server: Apache
X-Amz-Cf-Pop: FRA56-P5
X-Cache: Miss from cloudfront
Content-Type: image/jpeg
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
Connection: keep-alive
X-Robots-Tag: nofollow
Content-Length: 10027
X-Amz-Cf-Id: A5dVZ1ZbBx625RwYVU_Mbqa93bLds9BbU64PNFi03ogFZOGB8SEBDw==
Expires: Sat, 05 Nov 2022 03:10:43 GMT

GET
H/1.1 200
OK /
ewscripps.brightspotcdn.com/dims4/default/04f7187/2147483647/strip/true/crop/2001x1501+0+0/resize/480x360!/quality/90/ 261 KB
262 KB 14ms
14ms Image
image/png 18.66.112.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewscripps.brightspotcdn.com/dims4/default/04f7187/2147483647/strip/true/crop/2001x1501+0+0/resize/480x360!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2Fc3%2F94%2F20a9e5ef4546a0e201a49a9be81b%2Fwrtv-ott-web-ads-02.png
Requested by: Host: www.wrtv.com
URL: https://www.wrtv.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 550f761ba0cb70dcdc070ac4882b07938ff28b5c929b6fa9398adad8dbb481a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 30 Jul 2021 14:31:50 GMT
Via: 1.1 0341da327f4c4c49034aa07ebeeab1f1.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache
Age: 8426331
ETag: 30af07059b6be07c45983a59a57d34eb
X-Cache: Hit from cloudfront
Content-Type: image/png
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
X-Amz-Cf-Pop: FRA56-P5
X-Robots-Tag: nofollow
Content-Length: 267297
X-Amz-Cf-Id: 1JYy2n1HCDBkKOH-9wiqluQIHRa_KIDDMXV7bQIPjSlWj30awf8IxQ==
Expires: Sat, 30 Jul 2022 14:31:51 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 271 KB
76 KB 28ms
9ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=88a7ca8bdde31661aaa1865171cdd8f6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e73f2f89081c70fd95c04342942dc33140323644a575ccc8ceb290f1aaf885a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.wrtv.com/
Origin: https://www.wrtv.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: /rMKUHnIMEodJJAeaMZbgQ==
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 78045
x-fb-rlafr: 0
x-fb-debug: 8pcfTeVHyn8SmTHYADk26Tipv+14Mh89ZODnFW/A2FbDt/RB1RyHgCWHaR1pF3lqQ2HtpOxRGvvdkiq3h55eRg==
x-fb-content-md5: 0d832232ce9c87115057dda1faa132cb
x-frame-options: DENY
date: Fri, 05 Nov 2021 03:10:42 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "283fab56eb3be69094dcc7195f60acec"
timing-allow-origin: *
priority: u=3,i
expires: Fri, 04 Nov 2022 20:55:48 GMT

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
302 B 374ms
372ms XHR
text/plain 52.222.210.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3295&u=https%3A%2F%2Fwww.wrtv.com%2F
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.210.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-210-175.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 03:10:42 GMT
via: 1.1 626c544a24a86c6cd608360f520b6d8d.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P3
x-cache: Miss from cloudfront
access-control-allow-origin: https://www.wrtv.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: FNsYvf9FdyP4YdlTpbrUI3uJE4klOf3w2LYRQOMgogZCKgSJqhqCDw==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 24ms
7ms XHR
application/javascript 52.222.210.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.210.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-210-175.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: c91ZTIbLZrDqT0mloV_AD7.LNsTlhW69
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 7104
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Thu, 07 Oct 2021 01:02:33 GMT
server: AmazonS3
date: Fri, 05 Nov 2021 02:48:20 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 4360596ad590d8363ce70eb7bf282e43.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: T4x1qQor1ldi9fb5CTf2yuDmzWJfVeLrhT9DusNuwrN034ybAb8e-Q==

GET
H3

200

activityi;dc_pre=COGWy-ifgPQCFeTMEQgd9PALaA;src=4394967;type=wrtvy0;cat=pc_tt0;ord=1294791758678;gtm=2wgb31;auiddc=226850752.1636081843;u1=Homepage;u2=Indianapolis%20News%20and%20Headlines%20%7C%20... Show response
4394967.fls.doubleclick.net/ Frame 6EB4
Redirect Chain

https://4394967.fls.doubleclick.net/activityi;src=4394967;type=wrtvy0;cat=pc_tt0;ord=1294791758678;gtm=2wgb31;auiddc=226850752.1636081843;u1=Homepage;u2=Indianapolis%20News%20and%20Headlines%20%7C%...
https://4394967.fls.doubleclick.net/activityi;dc_pre=COGWy-ifgPQCFeTMEQgd9PALaA;src=4394967;type=wrtvy0;cat=pc_tt0;ord=1294791758678;gtm=2wgb31;auiddc=226850752.1636081843;u1=Homepage;u2=Indianapol...

578 B
467 B

34ms
18ms

Document
text/html

142.250.186.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4394967.fls.doubleclick.net/activityi;dc_pre=COGWy-ifgPQCFeTMEQgd9PALaA;src=4394967;type=wrtvy0;cat=pc_tt0;ord=1294791758678;gtm=2wgb31;auiddc=226850752.1636081843;u1=Homepage;u2=Indianapolis%20News%20and%20Headlines%20%7C%20WRTV%20-%20TV%20%7C%20TheIndyChannel.com;~oref=https%3A%2F%2Fwww.wrtv.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-6TGJ

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f6.1e100.net

Software

cafe /

Resource Hash

1c6170bba9d955d449e579b8bd5389307e4e80c7483c89220b3e809fdd72575e

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 05 Nov 2021 03:10:43 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 442
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 05 Nov 2021 03:10:42 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://4394967.fls.doubleclick.net/activityi;dc_pre=COGWy-ifgPQCFeTMEQgd9PALaA;src=4394967;type=wrtvy0;cat=pc_tt0;ord=1294791758678;gtm=2wgb31;auiddc=226850752.1636081843;u1=Homepage;u2=Indianapolis%20News%20and%20Headlines%20%7C%20WRTV%20-%20TV%20%7C%20TheIndyChannel.com;~oref=https%3A%2F%2Fwww.wrtv.com%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

OPTIONS
H2 200 /
api.ewscloud.com/prod/scheduler/v1/com.theindychannel/schedules/current/ Frame 0
0 139ms
99ms Preflight
application/json 13.32.121.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ewscloud.com/prod/scheduler/v1/com.theindychannel/schedules/current/?type=web
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-32.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Origin: https://www.wrtv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
date: Fri, 05 Nov 2021 03:10:43 GMT
x-amzn-requestid: 1c2680af-d505-4439-bb1f-65c09bf46369
access-control-allow-origin: *
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id: IT4MAFVcoAMF5Fg=
access-control-allow-methods: GET,OPTIONS
x-amzn-trace-id: Root=1-6184a0b3-49942bb2236344782367f518
x-cache: Miss from cloudfront
via: 1.1 142ded88048f806cc40a5a225130cc8a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: Nw1jSwXI8opPceE_BNgYEJl7wb2uvegtioDvjq8BYRZcKcbSoDUrCg==

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 27ms
8ms Script
application/javascript 13.32.121.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.wrtv.com
URL: https://www.wrtv.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-21.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 02:25:32 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 2712
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: hh4LwL1kTa33fbIsi_VtGvgg66rln57_86TRfNjrmOGv7uOLfl590g==

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
10 KB 359ms
19ms Script
application/javascript 91.228.74.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.wrtv.com
URL: https://www.wrtv.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.228.74.134 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 53d91fb2b51a3daa0645f78f71b29e695f42b0ac6db0d29f7fc7e5e38c3ffb7a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 03:10:43 GMT
content-encoding: gzip
etag: "4zy+3zXYb8Q7og5Af8HrBg=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Fri, 12 Nov 2021 03:10:43 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 58ms
15ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.wrtv.com
URL: https://www.wrtv.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 26 Oct 2021 23:24:02 GMT
server: Golfe2
age: 4176
date: Fri, 05 Nov 2021 02:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Fri, 05 Nov 2021 04:01:06 GMT

GET
H/1.1 200
OK uz_til_us.js Show response
cdn5.userzoom.com/trueintent/js/ 48 KB
12 KB 585ms
10ms Script
application/x-javascript 209.197.3.16
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn5.userzoom.com/trueintent/js/uz_til_us.js?cuid=D42D89CC6BCDE41180C90050569444FB

Requested by

Host: www.wrtv.com
URL: https://www.wrtv.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.197.3.16 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

vip0x010.map2.ssl.hwcdn.net

Software

Resource Hash

0ff30c727916819b4af43b6496baea6d056c41930de5e4d845df18e74fcdec07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 05 Nov 2021 03:10:43 GMT
Content-Encoding: gzip
Last-Modified: Thu, 04 Nov 2021 12:20:14 GMT
ETag: "1636028414"
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-HW: 1636081842.dop243.fr8.t,1636081843.cds165.fr8.shn,1636081843.dop243.fr8.t,1636081843.cds242.fr8.c
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=10
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 12158

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
25 KB 18ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.wrtv.com
URL: https://www.wrtv.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: aWNkBC2ymbn1NP3UFTFR7Hti3GQAf3EOPNylA7EeUNYl1l/9Q6sPe+MVBX2GgSSJYHP+iret+P9JeJdqd33BWg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 05 Nov 2021 03:10:42 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK weather Show response
www.wrtv.com/ 98 KB
99 KB 12ms
12ms Fetch
application/json 18.66.112.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wrtv.com/weather?_renderer=json
Requested by: Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/0000017c-c7d2-dd00-a17d-d7fab2c90000/styleguide/All.min.9656e89e5a03da06d3ee6f4b6fbf717b.gz.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache Tomcat / Brightspot
Resource Hash: a262609407cbb70bd44a89eda0853d7ba07d3f98880841fccd71c30238d2d255

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 05 Nov 2021 03:07:23 GMT
Via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache Tomcat
Age: 199
X-Powered-By: Brightspot
X-Cache: Hit from cloudfront
Content-Type: application/json;charset=UTF-8
Cache-Control: max-age=240
X-Amz-Cf-Pop: FRA56-P5
X-Robots-Tag: nofollow
Content-Length: 100843
X-Amz-Cf-Id: -BZNARj2OXpmtVmlpvthn14ypHWbUzWoqYi4taXBFyJ0--0LnmaZrQ==

GET
H/1.1 200
OK breaking-news-alerts Show response
www.wrtv.com/ 75 KB
75 KB 27ms
10ms Fetch
application/json 18.66.112.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wrtv.com/breaking-news-alerts?_renderer=json
Requested by: Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/0000017c-c7d2-dd00-a17d-d7fab2c90000/styleguide/All.min.9656e89e5a03da06d3ee6f4b6fbf717b.gz.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache Tomcat / Brightspot
Resource Hash: 3de434e6eb6771d323cfb65d49fc87b31956ac1875514cc73847c148738cfff5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 05 Nov 2021 03:07:23 GMT
Via: 1.1 604f8ac78ed3ba5235c1a14794f2ac65.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache Tomcat
Age: 199
X-Powered-By: Brightspot
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: application/json;charset=UTF-8
Cache-Control: max-age=240
X-Amz-Cf-Pop: FRA56-P5
X-Robots-Tag: nofollow
X-Amz-Cf-Id: cAwBXCuLyKi5FaNV9lEzC3AGIn4LjP6P0dn7dJb7W7gS9qIdggVSig==

GET
H/1.1 200
OK alerts Show response
www.wrtv.com/weather/ 80 KB
81 KB 26ms
10ms Fetch
application/json 18.66.112.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wrtv.com/weather/alerts?_renderer=json
Requested by: Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/0000017c-c7d2-dd00-a17d-d7fab2c90000/styleguide/All.min.9656e89e5a03da06d3ee6f4b6fbf717b.gz.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache Tomcat / Brightspot
Resource Hash: 503cb5822ad9aff8296f27f9b4581beb083dd3fc1e3f7718e769da60cc2b3d31

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 05 Nov 2021 03:07:23 GMT
Via: 1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache Tomcat
Age: 198
X-Powered-By: Brightspot
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: application/json;charset=UTF-8
Cache-Control: max-age=240
X-Amz-Cf-Pop: FRA56-P5
X-Robots-Tag: nofollow
X-Amz-Cf-Id: w5fyn687N_FOu-l77Y1nZL4NtuM9TqZJdvQXp-9g67n1KHmPmBBa1Q==

GET
H/1.1 200
OK school-closings-delays Show response
www.wrtv.com/weather/ 81 KB
81 KB 25ms
8ms Fetch
application/json 18.66.112.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wrtv.com/weather/school-closings-delays?_renderer=json
Requested by: Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/0000017c-c7d2-dd00-a17d-d7fab2c90000/styleguide/All.min.9656e89e5a03da06d3ee6f4b6fbf717b.gz.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache Tomcat / Brightspot
Resource Hash: ed4df6238ca64b99aa06ef11cab960ba98cc5e85185836408c375dcde34380ff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 05 Nov 2021 03:07:23 GMT
Via: 1.1 0a624670dff351af866d2f19bde4a313.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache Tomcat
Age: 199
X-Powered-By: Brightspot
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: application/json;charset=UTF-8
Cache-Control: max-age=240
X-Amz-Cf-Pop: FRA56-P5
X-Robots-Tag: nofollow
X-Amz-Cf-Id: 4WTLLFZ3HiJPhIiEMlhmE6NjMKjkn8I2twVsML7KVSJVeSixaUsNWA==

GET
H2 200 / Show response
api.ewscloud.com/prod/scheduler/v1/com.theindychannel/schedules/current/ 4 KB
4 KB 1873ms
1871ms Fetch
application/json 13.32.121.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ewscloud.com/prod/scheduler/v1/com.theindychannel/schedules/current/?type=web
Requested by: Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/0000017c-c7d2-dd00-a17d-d7fab2c90000/styleguide/All.min.9656e89e5a03da06d3ee6f4b6fbf717b.gz.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-32.fra60.r.cloudfront.net
Software: /
Resource Hash: 2418c3c8e840534e1195fcad78b65a278a76696d2c745c387126d9a9acdf8759

Request headers

Authorization: Token bc22df1e0efb4dcb53f2438a4b71da118f05788c
Referer: https://www.wrtv.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 03:10:44 GMT
via: 1.1 142ded88048f806cc40a5a225130cc8a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amzn-requestid: 2ac0447c-080d-45ef-83d4-4b76c9492716
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-6184a0b3-60bedbac69c130e04e2930a6
x-amz-apigw-id: IT4MCHYeIAMFrUw=
content-length: 4022
x-amz-cf-id: uxJVBxuDQIcLejd2cGP4wM6K23ac7bW7sNzM5z708P9u0BMl8-8j9A==

GET o4vr
b.collective-media.net/seg/cm/ 0
0

GET
H2 204 88f2a0fd9298a35d
pixel.sitescout.com/iap/ 0
191 B 76ms
24ms Image
text/plain 66.155.71.25
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sitescout.com/iap/88f2a0fd9298a35d
Requested by: Host: www.wrtv.com
URL: https://www.wrtv.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:42 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 200 load_tags.js Show response
pymx5.com/scripts/ 9 KB
9 KB 48ms
7ms Script
application/javascript 35.227.203.93
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pymx5.com/scripts/load_tags.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-6TGJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.203.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 93.203.227.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 492f490d3a8cae053f8ab9f525210cfcd792987a02d65783aa81ce4edf926fa2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 02:38:55 GMT
age: 1907
x-guploader-uploadid: ADPycdv0gasoPaIrhghQNFut-dyeM0t_eILKRRt-1lfs_waO2PVM09uJk4asCMQ-lHlCarslcn96eHnWcmd28MkVlbI
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 8946
last-modified: Tue, 12 Oct 2021 11:44:47 GMT
server: UploadServer
etag: "f6b06694767e707999eecbe9538b403a"
x-goog-hash: crc32c=xz4nKQ==, md5=9rBmlHZ+cHmZ7svpU4tAOg==
x-goog-generation: 1632835430711886
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 8946
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 05 Nov 2021 03:38:55 GMT

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
257 B 419ms
98ms Image
image/gif 54.144.144.142
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1636081842951&plid=34160518&idsite=wrtv.com&url=https%3A%2F%2Fwww.wrtv.com%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.wrtv.com%2F&sref=&sts=1636081842941&slts=0&title=Indianapolis+News+and+Headlines+%7C+WRTV+-+TV+%7C+TheIndyChannel.com&date=Fri+Nov+05+2021+03%3A10%3A42+GMT%2B0000+(GMT)&action=pageview&pvid=42114357&u=pid%3D7aad4a2448cb098579ee9f598b9f8817
Requested by: Host: www.wrtv.com
URL: https://www.wrtv.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.144.144.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-144-144-142.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 05 Nov 2021 03:10:43 GMT
Cache-Control: no-cache
Last-Modified: Friday, 05-Nov-2021 03:10:43 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 v2 Show response
mb.moatads.com/yi/ 1 KB
1 KB 101ms
35ms Script
text/html 3.10.67.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B*EjrG%3DH%3CA.a%24%7D9H%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-au92djWwZ10QbMk%2BqjMratT%2F8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-WC5uNxErYklCYg%3D%3D&sc=1&os=1-Lg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.wrtv.com%2F&pcode=crackedscrippsdfpprebidheader262014341684&rx=999788427589&callback=MoatNadoAllJsonpRequest_48735420
Requested by: Host: sejs.moatads.com
URL: https://sejs.moatads.com/crackedscrippsdfpprebidheader262014341684/yi.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.10.67.38 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-10-67-38.eu-west-2.compute.amazonaws.com
Software: TornadoServer/4.5.3 /
Resource Hash: 6250e7e7c6d6d72adbe9ab8b688ac1250d83f0796a131e76afbedae83616775b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 03:10:43 GMT
cache-control: max-age=900
server: TornadoServer/4.5.3
timing-allow-origin: *
etag: "a8832b107eb6e2e65b35511d4c636153c2fd53e0"
content-length: 1331
content-type: text/html; charset=UTF-8

GET
H2 200 log
hblg.media.net/ 35 B
194 B 27ms
18ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hblg.media.net/log?logid=kfk&evtid=flog&itype=HB&adt=desktop&cid=8CU6Q6626&ct=FRANKFURT&cc=DE&ugd=4&app=0&pht=1200&pid=8PRL4E7N3&dn=wrtv.com&servname=ssp-serving-6585669d88-stxm6&svr=110212_302_110212_270_ssp&sc=HE&version=4&vh=1200&vw=1600&vsid=&vid=00001636081843085032397757441720&sspAbBucket=CONTROL&lw=1&dapp=green&itypeid=1&sd=1&adbd=0&npa=0&gdpr_enf=1&csex=0&gdfstr=Y-N&gdpr=1&csstr=&tcf_cmp=&tcf_status=&tcf_prp=&suc=0&usp_enf=1&usp_status=0&usp_ldf=&usp_string=&ufca=-1&coppa_status=&coppa_applied=&id_details=&abte=SSP_CLIENT&rtype=&lbr=0&mnkv=&pabte=&pc=&ccat=&floc_id=&floc_ver=&gfundl=700&gtd=&inid=&ngfundl=1000&rdl=700&a=0&r=209&lper=1&requrl=https%3A%2F%2Fwww.wrtv.com%2F&kwrf=
Requested by: Host: www.wrtv.com
URL: https://www.wrtv.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-93.deploy.static.akamaitechnologies.com
Software: Jetty(9.4.35.v20201120) /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:43 GMT
server: Jetty(9.4.35.v20201120)
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Fri, 05 Nov 2021 03:10:43 GMT

GET
H2 200 load_optional_tags Show response
api.pymx5.com/v1/sites/ 0
711 B 155ms
122ms Script
text/html 34.96.74.203
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pymx5.com/v1/sites/load_optional_tags

Requested by

Host: pymx5.com
URL: https://pymx5.com/scripts/load_tags.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.96.74.203 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

203.74.96.34.bc.googleusercontent.com

Software

nginx/1.13.7 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 03:10:43 GMT
via: 1.1 google
server: nginx/1.13.7
x-frame-options: SAMEORIGIN
allow: GET, HEAD, OPTIONS
content-type: text/html; charset=utf-8
alt-svc: clear
content-length: 0

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
884 B 22ms
7ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 02:41:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1739
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 05 Nov 2021 03:41:44 GMT

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=6036471&ns__t=1636081843150&ns_c=UTF-8&cv=3.5&c8=Indianapolis%20News%20and%20Headlines%20%7C%20WRTV%20-%20TV%20%7C%20TheIndyChannel.com&c7=https%3A%2F%2Fw...
https://sb.scorecardresearch.com/b2?c1=2&c2=6036471&ns__t=1636081843150&ns_c=UTF-8&cv=3.5&c8=Indianapolis%20News%20and%20Headlines%20%7C%20WRTV%20-%20TV%20%7C%20TheIndyChannel.com&c7=https%3A%2F%2F...

64 B
331 B

9ms
9ms

Image
image/gif

13.32.121.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=6036471&ns__t=1636081843150&ns_c=UTF-8&cv=3.5&c8=Indianapolis%20News%20and%20Headlines%20%7C%20WRTV%20-%20TV%20%7C%20TheIndyChannel.com&c7=https%3A%2F%2Fwww.wrtv.com%2F&c9=
Requested by: Host: www.wrtv.com
URL: https://www.wrtv.com/
Protocol: H2
Server: 13.32.121.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-21.fra60.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 03:10:43 GMT
via: 1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: NhB1ewpA2zK34hg5WWCL5dSmdpwkskZhH-DUr874NUX-IIZBybZoLA==

Redirect headers

date: Fri, 05 Nov 2021 03:10:43 GMT
via: 1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=6036471&ns__t=1636081843150&ns_c=UTF-8&cv=3.5&c8=Indianapolis%20News%20and%20Headlines%20%7C%20WRTV%20-%20TV%20%7C%20TheIndyChannel.com&c7=https%3A%2F%2Fwww.wrtv.com%2F&c9=
content-length: 238
x-amz-cf-id: ceQaMHS9D08BvlV6V1QmSEj9XVZY5BCvxd4OrWwP30W64WHCF5MQEw==

GET
H3 200 292820581178899 Show response
connect.facebook.net/signals/config/ 306 KB
87 KB 448ms
448ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/292820581178899?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

329aa836249733720be7e19c5bb2157567a4d552095ab6add694b5386aab89ff

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: 1M5avG7rwmEfmGhS7cAA0bEUyBUTN43um0kuK74zqWp4JjqAAjcyJpXdDZiO3E2ePwb3EKkJdPc+wsRRCRQHHg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 05 Nov 2021 03:10:43 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 clear.png
static.ewscloud.com/weathercenter/prod/static/weathericons/nighttime/ 2 KB
3 KB 50ms
8ms Image
image/png 2600:9000:236e:d400:10:618e:d880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ewscloud.com/weathercenter/prod/static/weathericons/nighttime/clear.png
Requested by: Host: www.wrtv.com
URL: https://www.wrtv.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:d400:10:618e:d880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2878c06eaa36809d2bf556a97ac803fa0870241e075817b5310e9b0410cc66d4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: EqVxYzNBkMLoIheTLGnVsHoesYc_VCFl
via: 1.1 df3b3b9f4fa0f79195c56a91cf242364.cloudfront.net (CloudFront)
last-modified: Thu, 28 Oct 2021 15:57:11 GMT
server: AmazonS3
age: 234
etag: "fc75b0aa31f555c7c7e2145d8789524c"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=86400
date: Fri, 05 Nov 2021 03:07:33 GMT
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
content-length: 2382
x-amz-cf-id: mnkHDM6G6jNvz2hxj3pFSKtswAdo-QUQL0-qDy0_vtBr_Y1g8z3J1g==

GET
H2 200 dc_pre=COGWy-ifgPQCFeTMEQgd9PALaA;src=4394967;type=wrtvy0;cat=pc_tt0;ord=1294791758678;gtm=2wgb31;auiddc=226850752.1636081843;u1=Homepage;u2=Indianapolis%20News%20and%20Headlines%20%7C%20WRTV%20-%2... Show response
adservice.google.com/ddm/fls/i/ Frame 1E8B 577 B
911 B 89ms
50ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=COGWy-ifgPQCFeTMEQgd9PALaA;src=4394967;type=wrtvy0;cat=pc_tt0;ord=1294791758678;gtm=2wgb31;auiddc=226850752.1636081843;u1=Homepage;u2=Indianapolis%20News%20and%20Headlines%20%7C%20WRTV%20-%20TV%20%7C%20TheIndyChannel.com;~oref=https%3A%2F%2Fwww.wrtv.com%2F

Requested by

Host: 4394967.fls.doubleclick.net
URL: https://4394967.fls.doubleclick.net/activityi;dc_pre=COGWy-ifgPQCFeTMEQgd9PALaA;src=4394967;type=wrtvy0;cat=pc_tt0;ord=1294791758678;gtm=2wgb31;auiddc=226850752.1636081843;u1=Homepage;u2=Indianapolis%20News%20and%20Headlines%20%7C%20WRTV%20-%20TV%20%7C%20TheIndyChannel.com;~oref=https%3A%2F%2Fwww.wrtv.com%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

063fcf2d3504e33bf708d234b7b5cc5144ca74761645f9e3a2b3671be11b4c52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://4394967.fls.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 05 Nov 2021 03:10:43 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 442
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
27 KB 51ms
19ms Script
text/javascript 142.250.102.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.wrtv.com
URL: https://www.wrtv.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.102.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

rb-in-f156.1e100.net

Software

sffe /

Resource Hash

97c74d78f4f2ebb9045bd495787fcaa9ae9fd6d0d755b1a689a4e7874875e4e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 03:10:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1034 / 707 of 1000 / last-modified: 1636063715"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27086
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 05 Nov 2021 03:10:43 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
437 B 67ms
21ms XHR
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-40542550-1&cid=601809553.1636081843&jid=1078201912&gjid=230675027&_gid=1970992711.1636081843&_u=aGBAiEAjBAAAAE~&z=968622568

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wrtv.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 05 Nov 2021 03:10:43 GMT
content-type: text/plain
access-control-allow-origin: https://www.wrtv.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 15ms
14ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=878812101&t=pageview&_s=1&dl=https%3A%2F%2Fwww.wrtv.com%2F&ul=en-us&de=UTF-8&dt=Indianapolis%20News%20and%20Headlines%20%7C%20WRTV%20-%20TV%20%7C%20TheIndyChannel.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEAjBAAAAG~&jid=986257398&gjid=1626652740&cid=601809553.1636081843&tid=UA-40066851-1&_gid=1970992711.1636081843&_r=1&cd20=&cd21=&cd22=&cd23=Homepage&cd24=&cd25=false&cd26=&cd31=false&cd33=false&gtm=2wgb316TGJ&cd34=false&z=1442742807

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wrtv.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.wrtv.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
8ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=878812101&t=pageview&_s=1&dl=https%3A%2F%2Fwww.wrtv.com%2F&ul=en-us&de=UTF-8&dt=Indianapolis%20News%20and%20Headlines%20%7C%20WRTV%20-%20TV%20%7C%20TheIndyChannel.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAiEAjB~&jid=1078201912&gjid=230675027&cid=601809553.1636081843&tid=UA-40542550-1&_gid=1970992711.1636081843&cd20=&cd21=&cd22=&cd23=Homepage&cd24=&cd25=false&cd26=&cd31=false&z=1620717100

Requested by

Host: www.wrtv.com
URL: https://www.wrtv.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Nov 2021 11:49:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 55280
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubads_impl_2021110201.js Show response
securepubads.g.doubleclick.net/gpt/ 346 KB
116 KB 35ms
20ms Script
text/javascript 142.250.102.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.102.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

rb-in-f156.1e100.net

Software

sffe /

Resource Hash

50ad3a273dd7803066fae0fb2e4eec57cdfb969f449d86309527578d7e08d249

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 03:10:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118932
x-xss-protection: 0
last-modified: Tue, 02 Nov 2021 08:34:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 05 Nov 2021 03:10:43 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 75 B
100 B 38ms
22ms XHR
application/json 142.250.102.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.wrtv.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.102.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

rb-in-f156.1e100.net

Software

cafe /

Resource Hash

9e54df99fb4bf0d574f14d9b099f37aaa02823b1767f09505877fbae29f86daf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 05 Nov 2021 03:10:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 75
x-xss-protection: 0
expires: Fri, 05 Nov 2021 03:10:43 GMT

GET
H2 200 dc_pre=COGWy-ifgPQCFeTMEQgd9PALaA;src=4394967;type=wrtvy0;cat=pc_tt0;ord=1294791758678;gtm=2wgb31;auiddc=226850752.1636081843;u1=Homepage;u2=Indianapolis%20News%20and%20Headlines%20%7C%20WRTV%20-%2... Show response
adservice.google.de/ddm/fls/i/ Frame 8C74 194 B
870 B 89ms
51ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=COGWy-ifgPQCFeTMEQgd9PALaA;src=4394967;type=wrtvy0;cat=pc_tt0;ord=1294791758678;gtm=2wgb31;auiddc=226850752.1636081843;u1=Homepage;u2=Indianapolis%20News%20and%20Headlines%20%7C%20WRTV%20-%20TV%20%7C%20TheIndyChannel.com;~oref=https%3A%2F%2Fwww.wrtv.com%2F

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=COGWy-ifgPQCFeTMEQgd9PALaA;src=4394967;type=wrtvy0;cat=pc_tt0;ord=1294791758678;gtm=2wgb31;auiddc=226850752.1636081843;u1=Homepage;u2=Indianapolis%20News%20and%20Headlines%20%7C%20WRTV%20-%20TV%20%7C%20TheIndyChannel.com;~oref=https%3A%2F%2Fwww.wrtv.com%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://adservice.google.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 05 Nov 2021 03:10:43 GMT
expires: Fri, 05 Nov 2021 03:10:43 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 177
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 rules-p-cfh7-Kj7hw4Cs.js Show response
rules.quantcount.com/ 1 KB
1 KB 46ms
14ms Script
application/javascript 2600:9000:224a:5c00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-cfh7-Kj7hw4Cs.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:5c00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f2dcd9cd8327f9a74903074baf5a2af793df8d8a706c220e2ab4516e775596eb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 02:31:29 GMT
content-encoding: gzip
age: 2450
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
last-modified: Wed, 30 Aug 2017 16:19:22 GMT
server: AmazonS3
etag: W/"021b7e04f30cea21812673c831b1b679"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 c114c55bb579a01518cf64c447d45272.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: KelP6n5xZrEr4Ppoa5qgPgQ0jOilxknkgVs6Cr0uPljS2l-T3RG0og==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 64 B
532 B 50ms
50ms XHR
text/javascript 52.222.210.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=3295&u=https%3A%2F%2Fwww.wrtv.com%2F&pid=pEWjelCIRGoAH&cb=0&ws=1600x1200&v=7.70.0&t=1500&slots=%5B%7B%22sd%22%3A%22MAD_INVIEW%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%2C%7B%22sd%22%3A%22MAD_RIGHT_RAIL%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.210.175 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-210-175.fra56.r.cloudfront.net

Software

Server /

Resource Hash

d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 03:10:43 GMT
via: 1.1 626c544a24a86c6cd608360f520b6d8d.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P3
x-amz-rid: V9F5SJFJXM5EZ67C0K7R
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.wrtv.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 64
x-amz-cf-id: x0z9OasZml35j6tHuxZyRukTUJeoLGt9ZguqMUltjNPk5LVcWIXA7Q==

GET
H2 200 arj Show response
ewscripps-d.openx.net/w/1.0/ 172 B
557 B 52ms
22ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ewscripps-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.wrtv.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=713bedb6-79e7-4645-a275-5f6d9d07fc28%2C8d6b5819-d2f4-448b-9d5d-aa99e18340c8&nocache=1636081843386&aus=728x90%7C300x600%2C300x250&divids=MAD_INVIEW%2CMAD_RIGHT_RAIL&aucs=%252F6088%252Fssp.wrtv%252Finview-bottom%2C%252F6088%252Fssp.wrtv%252Fhome%252Flanding&auid=544041483%2C544041480
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 38b8be128d6bec260bf46332765126b601fcf1bcacd040a534c205904a845389

Request headers

Referer: https://www.wrtv.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:43 GMT
content-encoding: gzip
server: OXGW/16.218.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.wrtv.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 163
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
290 B 121ms
69ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691c501797961dc1a62878e7b003a&pos=8a969c0301797961d75b62917fa1006f&cmd=bid&secure=1
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: ff0ea6ee4e4ee277f03a0df99cc1308500aaf0df8d9f3883ecb99f3d8944115e

Request headers

Referer: https://www.wrtv.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 05 Nov 2021 03:10:43 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.wrtv.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 136ms
84ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691c501797961dc1a62878e7b003a&pos=8a9691c501797961dc1a62917ea20066&cmd=bid&secure=1
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 2c485823563af366324daa7545d7eb9907eb4621a6adce9ad40e1023a5afeeb1

Request headers

Referer: https://www.wrtv.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 05 Nov 2021 03:10:43 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.wrtv.com
access-control-allow-credentials: true
content-length: 62

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 482 B
2 KB 432ms
356ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=5776&site_id=361740&zone_id=1953980%3B1953978&size_id=2%3B15&alt_size_ids=%3B10&rf=https%3A%2F%2Fwww.wrtv.com%2F&tg_i.aupname=%2F6088%2Fssp.wrtv%26mad_inview%3B%2F6088%2Fssp.wrtv%26mad_right_rail&tg_i.dfp_ad_unit_code=6088%2Fssp.wrtv%2Finview-bottom%3B6088%2Fssp.wrtv%2Fhome%2Flanding&tg_i.pbadslot=6088%2Fssp.wrtv%2Finview-bottom%3B6088%2Fssp.wrtv%2Fhome%2Flanding&tk_flint=dmpbjs_v5.11.0&x_source.tid=713bedb6-79e7-4645-a275-5f6d9d07fc28%3B8d6b5819-d2f4-448b-9d5d-aa99e18340c8&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=2&rand=0.38505382401108856
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 760a8b00e4f3370e3cfd72aa7c2bc34b67ad4ab2f3cabfaae940d280a5a76399

Request headers

Referer: https://www.wrtv.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 05 Nov 2021 03:10:43 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.wrtv.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 482
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 66 B
149 B 148ms
100ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=bzlhpCByqr67OuaKj0P0Le
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: b24914259251d062eddc8f6e9e4c01ca30fad06e709d049c8dfcf119636d9357

Request headers

Referer: https://www.wrtv.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 05 Nov 2021 03:10:43 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.wrtv.com
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 66 B
296 B 145ms
98ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=bwGav8Byqr67OuaKj0P0Le
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: 33f9695dbc249bb9dbc3592edac7e629eaa2317ec8e46579ce19513f1860a6dc

Request headers

Referer: https://www.wrtv.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 05 Nov 2021 03:10:43 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.wrtv.com
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

POST
H2 200 v2 Show response
e.serverbid.com/api/ 711 B
982 B 315ms
110ms XHR
application/json 134.209.131.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://e.serverbid.com/api/v2
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 1385a4f55db1166435032cd0c1d542629ccc77f520fb0d3702e1d2da2f514a24

Request headers

Referer: https://www.wrtv.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.wrtv.com
date: Fri, 05 Nov 2021 03:10:43 GMT
access-control-allow-credentials: true
content-length: 711
vary: Origin
content-type: application/json

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 15 KB
8 KB 138ms
94ms XHR
application/json 185.33.221.89
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

d9317eccc74c9de7348ee6a5b965f04a6e1c4ea60d8f9edb79a0c33997bbf346

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.wrtv.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 05 Nov 2021 03:10:43 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 193.27.14.10; 193.27.14.10; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: ec302aeb-86b8-4d6c-ad25-fcde771d2254
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.wrtv.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 25 Show response
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 300 B
483 B 84ms
13ms XHR
application/json 2a02:fa8:8806:12::1460
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:12::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: 8460a62315008ce0bdf05518585bcb432c037c67fb53b28b8542c8670aaeddfc

Request headers

Referer: https://www.wrtv.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:43 GMT
server: nginx
content-type: application/json
access-control-allow-origin: https://www.wrtv.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 300
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 969 B
1 KB 124ms
49ms XHR
application/json 54.77.19.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?t=c8lj8tzz&pi=3&maxw=728&maxh=90&si=112989&bf=728x90&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.wrtv.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%225.11.0%22%7D&ogu=https%3A%2F%2Fwww.wrtv.com%2F&ns=9421&gpid=%2F6088%2Fssp.wrtv%2Finview-bottom
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-19-59.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 71cddfddb060a8f5e31dc12a421140d8c51f5bc2aaee694db88ec9f43d29b74d

Request headers

Referer: https://www.wrtv.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:43 GMT
content-encoding: gzip
server: nginx
timing-allow-origin: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.wrtv.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 1 KB
1 KB 124ms
49ms XHR
application/json 54.77.19.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?t=c8lj8tzz&pi=3&maxw=300&maxh=600&si=112988&bf=300x600%2C300x250&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.wrtv.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%225.11.0%22%7D&ogu=https%3A%2F%2Fwww.wrtv.com%2F&ns=9421&gpid=%2F6088%2Fssp.wrtv%2Fhome%2Flanding
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-19-59.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 60776a7bb86055bba4957444d1485789c9c1253a97bf739262fd1f7fc37faed2

Request headers

Referer: https://www.wrtv.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:43 GMT
content-encoding: gzip
server: nginx
timing-allow-origin: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.wrtv.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
expires: 0

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
261 B 125ms
84ms XHR
application/json 18.184.229.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=5.11.0&referrer=https%3A%2F%2Fwww.wrtv.com%2F&tmax=2000

Requested by

Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.184.229.226 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-184-229-226.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.wrtv.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:43 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.wrtv.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 64 B
531 B 50ms
49ms XHR
text/javascript 52.222.210.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=3295&u=https%3A%2F%2Fwww.wrtv.com%2F&pid=pEWjelCIRGoAH&cb=1&ws=1600x1200&v=7.70.0&t=1500&slots=%5B%7B%22sd%22%3A%22MAD_HOMEPAGE_SHOWCASE%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%5D%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.210.175 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-210-175.fra56.r.cloudfront.net

Software

Server /

Resource Hash

8db22950b3f47f686f4bad6b6d21386f03a4b0b24320c6715436424e41dcda09

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 03:10:43 GMT
via: 1.1 626c544a24a86c6cd608360f520b6d8d.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P3
x-amz-rid: X1NGTXRM6EGPNKERA9W3
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.wrtv.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 64
x-amz-cf-id: 564TV2Tf0tS1UBtc1azAvvh7kKQILhLXFVdOEQRWQewyzaINQlPM5Q==

POST
H2 200 v2 Show response
e.serverbid.com/api/ 16 B
166 B 277ms
98ms XHR
application/json 134.209.131.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://e.serverbid.com/api/v2
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer: https://www.wrtv.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.wrtv.com
date: Fri, 05 Nov 2021 03:10:43 GMT
access-control-allow-credentials: true
content-length: 16
vary: Origin
content-type: application/json

POST
H2 200 auction Show response
tlx.3lift.com/header/ 2 KB
1 KB 71ms
57ms XHR
application/json 18.184.229.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=5.11.0&referrer=https%3A%2F%2Fwww.wrtv.com%2F&tmax=2000

Requested by

Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.184.229.226 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-184-229-226.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e0d9d93e3f8e572c6a1d8dbb0a11e5ab04df9363747d42929bf3dd17babc81a1

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.wrtv.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:43 GMT
content-encoding: gzip
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.wrtv.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 1119
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 1 KB
1 KB 92ms
48ms XHR
application/json 54.77.19.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?t=c8lj8tzz&pi=3&maxw=970&maxh=250&si=112991&bf=970x250%2C728x90&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.wrtv.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%225.11.0%22%7D&ogu=https%3A%2F%2Fwww.wrtv.com%2F&ns=9421&gpid=%2F6088%2Fssp.wrtv%2Fhome%2Flanding
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-19-59.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cfcf3066f6f44ee446d0ecf54cc497c774b8c37d6827d7af4d0da77ee5ab31d1

Request headers

Referer: https://www.wrtv.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:43 GMT
content-encoding: gzip
server: nginx
timing-allow-origin: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.wrtv.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
expires: 0

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 381 B
1 KB 330ms
266ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=5776&site_id=361740&zone_id=1953984&size_id=2&alt_size_ids=57&rf=https%3A%2F%2Fwww.wrtv.com%2F&tg_i.aupname=%2F6088%2Fssp.wrtv&tg_i.dfp_ad_unit_code=6088%2Fssp.wrtv%2Fhome%2Flanding&tg_i.pbadslot=6088%2Fssp.wrtv%2Fhome%2Flanding&tk_flint=dmpbjs_v5.11.0&x_source.tid=f39f2bcf-d993-4da5-a413-506942bf780f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3149717333954061
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 61e9dfd37f26ea074697ea04a94b7ab89e6a8f369fcbc566819d4829487d63ee

Request headers

Referer: https://www.wrtv.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 05 Nov 2021 03:10:43 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.wrtv.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 381
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 11 KB
6 KB 111ms
77ms XHR
application/json 185.33.221.89
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

adfb421fb669d0bc6f5fda9035563b5b83c7e6d650a6c1e24282bd47c2b26fe8

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.wrtv.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 05 Nov 2021 03:10:43 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 193.27.14.10; 193.27.14.10; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: d25c8f5d-5cc2-49ab-8192-c347342f4172
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.wrtv.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 66 B
158 B 106ms
103ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=bFmFVUByqr67OuaKj0P0Le
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: 76cda8d31567864a9d065b134f3b6bb7a6566897e502c1a6d0fb4375f967ff25

Request headers

Referer: https://www.wrtv.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 05 Nov 2021 03:10:43 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.wrtv.com
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

POST
H2 200 25 Show response
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 213 B
395 B 42ms
14ms XHR
application/json 2a02:fa8:8806:12::1460
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:12::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: 37e9921f5adef76c836337480f19a92a0db12b090db1426cfa1460df71477e72

Request headers

Referer: https://www.wrtv.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:43 GMT
server: nginx
content-type: application/json
access-control-allow-origin: https://www.wrtv.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 213
expires: 0

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 72ms
71ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691c501797961dc1a62878e7b003a&pos=8a96941601797961e0d762917da70071&cmd=bid&secure=1
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 3e72f6c9463b9472abed90e6ce582f906042ee5777cead3c13100f8bb29ede4f

Request headers

Referer: https://www.wrtv.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 05 Nov 2021 03:10:43 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.wrtv.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 arj Show response
ewscripps-d.openx.net/w/1.0/ 172 B
355 B 25ms
24ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ewscripps-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.wrtv.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=f39f2bcf-d993-4da5-a413-506942bf780f&nocache=1636081843435&aus=970x250%2C728x90&divids=MAD_HOMEPAGE_SHOWCASE&aucs=%252F6088%252Fssp.wrtv%252Fhome%252Flanding&auid=544041489
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 8ce0ab5a804abbab5e0e15fa77967b6561c556f37ec9dedd590b1100e9fc0a24

Request headers

Referer: https://www.wrtv.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:43 GMT
content-encoding: gzip
server: OXGW/16.218.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.wrtv.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 163
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 pixel;r=78676418;labels=Cracked.Article%20Title.Homepage;rf=0;a=p-cfh7-Kj7hw4Cs;url=https%3A%2F%2Fwww.wrtv.com%2F;uht=2;fpan=1;fpa=P0-360651563-1636081843444;pbc=;ns=0;ce=1;qjs=1;qv=11b7ea70-202111...
pixel.quantserve.com/ 35 B
371 B 24ms
23ms Image
image/gif 91.228.74.134
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=78676418;labels=Cracked.Article%20Title.Homepage;rf=0;a=p-cfh7-Kj7hw4Cs;url=https%3A%2F%2Fwww.wrtv.com%2F;uht=2;fpan=1;fpa=P0-360651563-1636081843444;pbc=;ns=0;ce=1;qjs=1;qv=11b7ea70-20211103205804;cm=;gdpr=0;ref=;d=wrtv.com;je=0;sr=1600x1200x24;dst=0;et=1636081843444;tzo=0;ogl=title.Homepage%2Curl.https%3A%2F%2Fwww%252Ewrtv%252Ecom%2F%2Cimage.https%3A%2F%2Fewscripps%252Ebrightspotcdn%252Ecom%2Fdims4%2Fdefault%2Fdf37feb%2F2147483647%2Fstrip%2Ftrue%2F%2Cimage%3Aurl.https%3A%2F%2Fewscripps%252Ebrightspotcdn%252Ecom%2Fdims4%2Fdefault%2Fdf37feb%2F2147483647%2Fstrip%2Ftrue%2F%2Cimage%3Asecure_url.https%3A%2F%2Fewscripps%252Ebrightspotcdn%252Ecom%2Fdims4%2Fdefault%2Fdf37feb%2F2147483647%2Fstrip%2Ftrue%2F%2Cimage%3Awidth.1200%2Cimage%3Aheight.630%2Cimage%3Atype.image%2Fpng%2Csite_name.WRTV%2Ctype.website%2Cdescription.

Requested by

Host: www.wrtv.com
URL: https://www.wrtv.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.134 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:43 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200
OK voc.js Show response
cdn5.userzoom.com/voc/files/3D9698FA3649E61180CC0050569444FB/ 8 B
500 B 9ms
8ms Script
application/x-javascript 209.197.3.16
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn5.userzoom.com/voc/files/3D9698FA3649E61180CC0050569444FB/voc.js

Requested by

Host: cdn5.userzoom.com
URL: https://cdn5.userzoom.com/trueintent/js/uz_til_us.js?cuid=D42D89CC6BCDE41180C90050569444FB

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.197.3.16 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

vip0x010.map2.ssl.hwcdn.net

Software

Resource Hash

88e071a02a5adf92b172da587c1d4469a2984108aa6d90ab042f2887859d053e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 05 Nov 2021 03:10:43 GMT
Content-Encoding: gzip
Last-Modified: Thu, 21 Oct 2021 01:29:29 GMT
ETag: "1634779769"
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-HW: 1636081842.dop243.fr8.t,1636081843.cds165.fr8.shn,1636081843.dop243.fr8.t,1636081843.cds248.fr8.c
Content-Type: application/x-javascript; charset=utf-16
Cache-Control: public, max-age=10
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 28

GET
H2 200 /
www.facebook.com/tr/ 44 B
426 B 22ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=292820581178899&ev=PageView&dl=https%3A%2F%2Fwww.wrtv.com%2F&rl=&if=false&ts=1636081843633&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1636081843632.1974280706&it=1636081843156&coo=false&rqm=GET

Requested by

Host: www.wrtv.com
URL: https://www.wrtv.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 03:10:43 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 05 Nov 2021 03:10:43 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
215 B 22ms
8ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=292820581178899&ev=ViewContent&dl=https%3A%2F%2Fwww.wrtv.com%2F&rl=&if=false&ts=1636081843636&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1636081843632.1974280706&it=1636081843156&coo=false&rqm=GET

Requested by

Host: www.wrtv.com
URL: https://www.wrtv.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 03:10:43 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 05 Nov 2021 03:10:43 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 47ms
24ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.wrtv.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 05 Nov 2021 03:10:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 44ms
23ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.wrtv.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 05 Nov 2021 03:10:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 18 KB
10 KB 362ms
360ms XHR
text/plain 142.250.102.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3010810008861259&correlator=342061730923143&output=ldjh&impl=fifs&eid=31063406&vrg=2021110201&ptt=17&sc=1&sfv=1-0-38&ecs=20211105&iu_parts=6088%2Cssp.wrtv%2Chome%2Clanding&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=970x250%7C728x90&prev_scp=categories%3Dhomepage%26pt%3Dlanding%252Cfalse%26fname%3Dhome%26site%3Dprod%26device%3Ddesktop%26pos%3Dabove%252C7%26au%3Dhome%252Flanding%26refresh%3D0%26temp%3D30-39%26weather%3Dclear%26m_gv%3D70%2C60%2C50%2C40%2C30%2C20%2C10%26m_mv%3D70%2C60%2C50%2C40%2C30%2C20%2C10%26amznbid%3D2%26amznp%3D2%26hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D970x250%26hb_pb_appnexus%3D0.00%26hb_adid_appnexus%3D48b58972d7fe883%26hb_bidder_appnexus%3Dappnexus%26hb_format_triplelift%3Dbanner%26hb_size_triplelift%3D970x250%26hb_pb_triplelift%3D0.02%26hb_adid_triplelift%3D46a1d834cc43a58%26hb_bidder_triplelift%3Dtriplelift%26hb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D0.02%26hb_adid%3D46a1d834cc43a58%26hb_bidder%3Dtriplelift&eri=1&cust_params=m_data%3D1%26m_safety%3Dunsafe%26m_categories%3Dmoat_unsafe%252Cgv_death_injury%252Cgv_arms%252Cgv_crime%26m_mv%3DdataAvailable%26m_gv%3DdataAvailable&cookie_enabled=1&bc=31&abxe=1&lmt=1636081843&dt=1636081843782&dlt=1636081842433&idt=911&frm=20&biw=1600&bih=1200&oid=2&adxs=70&adys=1524&adks=1554682103&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.wrtv.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1460x30&msz=1460x30&ga_vid=601809553.1636081843&ga_sid=1636081844&ga_hid=878812101&ga_fc=true&fws=4&ohw=1500&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.102.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

rb-in-f156.1e100.net

Software

cafe /

Resource Hash

7befcf8b8028debcdbeeed86c17c52b284d3530a35e08ce6845fbcff0bec5f5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 03:10:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10136
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.wrtv.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
9 KB 63ms
26ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021110201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5a90e8bf01ccadf59f8078428407bc084c98f22f0918f7d7c3483287083a775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 05 Nov 2021 03:10:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9164
x-xss-protection: 0

GET
H2 200 container.html Show response
d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 68E0 6 KB
4 KB 51ms
15ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 05 Nov 2021 03:10:43 GMT
expires: Sat, 05 Nov 2022 03:10:43 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 23ms
23ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.wrtv.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 05 Nov 2021 03:10:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 23ms
22ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.wrtv.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 05 Nov 2021 03:10:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 64 KB
18 KB 259ms
258ms XHR
text/plain 142.250.102.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3010810008861259&correlator=843749158711760&output=ldjh&impl=fifs&eid=31063406&vrg=2021110201&ptt=17&sc=1&sfv=1-0-38&ecs=20211105&iu_parts=6088%2Cssp.wrtv%2Cinview-bottom%2Chome%2Clanding&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2F4%2C%2F0%2F1%2F3%2F4&prev_iu_szs=728x90%2C994x30%7C10x1%2C300x600%7C300x250&prev_scp=categories%3Dhomepage%26pt%3Dlanding%252Cfalse%26fname%3Dhome%26site%3Dprod%26device%3Ddesktop%26pos%3Dabove%252C6%26au%3Dhome%252Flanding%26refresh%3D0%26temp%3D30-39%26weather%3Dclear%26m_gv%3D80%2C70%2C60%2C50%2C40%2C30%2C20%2C10%26m_mv%3D80%2C70%2C60%2C50%2C40%2C30%2C20%2C10%26amznbid%3D2%26amznp%3D2%7Ccategories%3Dhomepage%26pt%3Dlanding%252Cfalse%26fname%3Dhome%26site%3Dprod%26device%3Ddesktop%26pos%3Dabove%252C1%26au%3Dhome%252Flanding%26refresh%3D0%26temp%3D30-39%26weather%3Dclear%7Ccategories%3Dhomepage%26pt%3Dlanding%252Cfalse%26fname%3Dhome%26site%3Dprod%26device%3Ddesktop%26pos%3Dabove%252C1%26au%3Dhome%252Flanding%26refresh%3D0%26temp%3D30-39%26weather%3Dclear%26m_gv%3D40%2C30%2C20%2C10%26m_mv%3D50%2C40%2C30%2C20%2C10%26amznbid%3D2%26amznp%3D2%26hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D300x600%26hb_pb_appnexus%3D0.00%26hb_adid_appnexus%3D470f7fb4e1abc7c%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.00%26hb_adid%3D470f7fb4e1abc7c%26hb_bidder%3Dappnexus&eri=1&cust_params=m_data%3D1%26m_safety%3Dunsafe%26m_categories%3Dmoat_unsafe%252Cgv_death_injury%252Cgv_arms%252Cgv_crime%26m_mv%3DdataAvailable%26m_gv%3DdataAvailable&cookie_enabled=1&bc=31&abxe=1&lmt=1636081843&dt=1636081843835&dlt=1636081842433&idt=911&frm=20&biw=1600&bih=1200&oid=2&adxs=-12245933%2C-12245933%2C1050&adys=-12245933%2C-12245933%2C1887&adks=2443142646%2C1059146773%2C3666386226&ucis=2%7C3%7C4&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.wrtv.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x0%7C1500x0%7C300x30&msz=1600x-1%7C994x0%7C300x30&ga_vid=601809553.1636081843&ga_sid=1636081844&ga_hid=878812101&ga_fc=true&fws=644%2C132%2C4&ohw=1600%2C1600%2C1500&btvi=-1%7C-1%7C2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.102.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

rb-in-f156.1e100.net

Software

cafe /

Resource Hash

69e58276a19e2d43470338491e1e7763a6b4a86ad7903eadb60118b6e86a3f41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 03:10:44 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18590
x-xss-protection: 0
google-lineitem-id: -1,-2,5823586228
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-2,138370164817
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.wrtv.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 67ms
23ms Script
text/javascript 2a00:1450:4025:402::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:402::84 Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 03:10:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Fri, 05 Nov 2021 03:10:43 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 0338 12 KB
5 KB 45ms
21ms Document
text/html 2a00:1450:4025:402::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4025:402::84 Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Thu, 04 Nov 2021 15:53:25 GMT
expires: Fri, 04 Nov 2022 15:53:25 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 40639
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame CFCE 783 B
1 KB 80ms
56ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5bfeaba7747db79e42e95f4a2d6ec1fe8f7469853e3f02ccec7da2411dc3cafc

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-JZBGnBkNe1OyLXgBaml7cA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Fri, 05 Nov 2021 03:10:44 GMT
date: Fri, 05 Nov 2021 03:10:44 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-JZBGnBkNe1OyLXgBaml7cA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9BE7 6 KB
3 KB 36ms
14ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 05 Nov 2021 03:10:43 GMT
expires: Sat, 05 Nov 2022 03:10:43 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 340ms
18ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CRACKED_SCRIPPS_DFP_PREBID_HEADER1&hp=1&zMoatAdUnit1=ssp.wrtv&zMoatAdUnit2=inview-bottom&wf=1&ra=3&pxm=3&sgs=3&vb=11&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1636081842968&de=741499513057&rx=999788427589&m=0&ar=553ffc12ef5-clean&iw=aa17278&q=1&cb=0&cu=1636081842968&ll=2&lm=0&ln=0&em=0&en=0&d=16839141%3A237842901%3A5250393788%3A138298488418&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.wrtv.com%2F&id=1&ii=4&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=crackedscrippsdfpprebidheader262014341684&fd=1&ac=1&it=500&zMoatpage=-&zMoatpos=above%2C6&zMoatpt=landing%2Cfalse&pe=1%3A908%3A908%3A1854%3A780&fs=195402&na=2122028795&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:44 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 05 Nov 2021 03:10:44 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/ewscrippsdfp76939516016/ Frame B050 307 KB
104 KB 329ms
24ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/ewscrippsdfp76939516016/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 586648b9de49457eab52c5a10a04d5c2c08732570b2839e7b9971b89b3656efc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 03:10:44 GMT
content-encoding: gzip
last-modified: Tue, 02 Nov 2021 14:31:33 GMT
server: AmazonS3
x-amz-request-id: HBSRKACNB226AK30
etag: "520ba4c1d6e406200959c6dc671ba273"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31768
accept-ranges: bytes
content-length: 106376
x-amz-id-2: FLvWi1TeqlktjZ83Wxsr1a+yp0JZfXNlpJV4VEGeAEPXIKq59hp1m22m4Pdw9nodCrO++uiHfV0=

GET
H3 200 12302297551051790059
tpc.googlesyndication.com/simgad/ Frame B050 37 KB
37 KB 22ms
21ms Image
image/jpeg 2a00:1450:4025:402::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12302297551051790059

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4025:402::84 Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54e634cdff978668d798a6f1e133be37e7c164d62f3a5ad4cf00617de6199d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 23:05:40 GMT
x-content-type-options: nosniff
age: 14704
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37974
x-xss-protection: 0
last-modified: Mon, 01 Nov 2021 18:13:47 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 04 Nov 2022 23:05:40 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame B050 3 KB
1 KB 21ms
20ms Script
text/javascript 2a00:1450:4025:402::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4025:402::84 Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 21:17:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21219
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Nov 2021 21:17:05 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B050 120 KB
37 KB 328ms
23ms Script
text/javascript 2a00:1450:4025:402::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:402::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 03:10:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37686
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635939303405469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 05 Nov 2021 03:10:44 GMT

POST
H2 202 event Show response
prebid-a.rubiconproject.com/ 61 B
236 B 7ms
7ms XHR
application/json 18.159.21.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-a.rubiconproject.com/event
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.159.21.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-21-129.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c

Request headers

Referer: https://www.wrtv.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Fri, 05 Nov 2021 03:10:44 GMT
content-length: 61
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/json;charset=UTF-8

GET
H3 200 container.html Show response
d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CFA1 6 KB
3 KB 13ms
13ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 05 Nov 2021 03:10:43 GMT
expires: Sat, 05 Nov 2022 03:10:43 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 202 event Show response
prebid-a.rubiconproject.com/ 61 B
236 B 7ms
7ms XHR
application/json 18.159.21.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-a.rubiconproject.com/event
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.159.21.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-21-129.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c

Request headers

Referer: https://www.wrtv.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Fri, 05 Nov 2021 03:10:44 GMT
content-length: 61
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/json;charset=UTF-8

POST
H3 200 / Show response
www.facebook.com/tr/ Frame B2C8 0
18 B 16ms
7ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.wrtv.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.wrtv.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
date: Fri, 05 Nov 2021 03:10:44 GMT

GET
H3 200 cr6w3YeOZbdvzGsTB8jc1jWyQH2Tx0ZUK6FFw6rgKog.js Show response
pagead2.googlesyndication.com/bg/ Frame 0338 35 KB
13 KB 34ms
14ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/cr6w3YeOZbdvzGsTB8jc1jWyQH2Tx0ZUK6FFw6rgKog.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72beb0dd878e65b76fcc6b1307c8dcd635b2407d93c746542ba145c3aae02a88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 01:49:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4887
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13296
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 13:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 05 Nov 2022 01:49:17 GMT

OPTIONS
H2 200 event
prebid-a.rubiconproject.com/ Frame 0
0 306ms
7ms Preflight 18.159.21.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-a.rubiconproject.com/event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.159.21.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-21-129.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.wrtv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 05 Nov 2021 03:10:44 GMT
content-length: 0
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
access-control-allow-origin: *
access-control-allow-methods: POST
access-control-allow-headers: content-type
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH

OPTIONS
H2 200 event
prebid-a.rubiconproject.com/ Frame 0
0 275ms
8ms Preflight 18.159.21.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-a.rubiconproject.com/event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.159.21.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-21-129.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.wrtv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 05 Nov 2021 03:10:44 GMT
content-length: 0
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
access-control-allow-origin: *
access-control-allow-methods: POST
access-control-allow-headers: content-type
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame FEAA 624 B
733 B 61ms
24ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhiZkL-5ATAB&v=APEucNUOze7w6a0m8IrDCE3EdK2TIvyt7tYqMqAevY7sEtB8hHkSSuGXUFJlEh4A4jcpowrwbNsX2V3V1LMpCPXmX2pulXGtJYVVTGtDvCvvIKt2H6Ztcm3DNL56LH-h0W3AkeaR3iYsHBbgtLpJdyHf1C_QjX41F0IVm86rA23pwfeYCCIYrJU

Requested by

Host: d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com
URL: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 05 Nov 2021 03:10:44 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 9BE7 75 KB
30 KB 91ms
55ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D2GxXs9dcMYBKMX-v6vcDpbjDu64GEIOTuOyo585gJK06yH4WnTE9bmfmcLjmL0UI84FQT17_3lrqFPErFzf7UvzY5as_ZqM30y2UmeVv5mMtbxHvOQBQRVDPKGMkPEckR7LHeMRcsPQW6gyqO_6jbSfaCdw&dbm_d=AKAmf-AEygzIm5sLIhd9ske5YH79gUbdX6c9HMx9kOXht883WRsbIBKtqMmgsubdB2vOjDoZlf7H7q4fGZshKX7DtFMe5CQZVECi1UiO8kHPH_jYWDWrumciKRI_BRszV0GTZYMNScFyGR9yml3UqShsgPXGavSEs3sNtwt5Bs5lIw8gRO5sCkfGsACD8EomI4IKctMUuCMhVEFW-hTnXQjAuY5gveyCtY4YcQFKqdJ6rPr4NYoR9xiNQri3nPkWQwmWhoI0nA2_7EUQBKODDlWrPMHUpbI9CIQMFr63Zv6PBwEBay-ZT2MwP09G5OnFrGli5qDJNDOXwb1RS8-qSD_2R_3LV72PkgQXRfufVA_MYdNTWefPk8GLfWRN8LygkoDzdYHz5Ff9po4g4UoVIuhtV73YllcX8djmj1kugCLzOuhBOLThEtPqSkZLxTQ8WJm-XRzy4zu40sfhYH17l-4ILKNv3NFAHO8YkR-5b55AuRu9xKNevVeatFpnfg33o40fZGbIiAGSyem5kEgKQd837hjNM1AZ00tMIef-YSth3EmjgX1e38KwcSSV4WIpQpVv826ftflNfRuqLBep-1LJyBhdrWInCK-dz7ppFHGn6uoO2bpjDNgJlL-7LKAPHPg4JZMl_0oveqGT9cD81hMEx2Dp3S5Q6AzBkQ_OSCPcP0A6WBF_JIsAmZ4005r696xkT_mLRGIrjG6Cf9bMNMv7mdmtuO8QleIkkzldU-G6lqE6T-8TxEvFst26AhwhcWSlxPfpFt8Rd9mu59inDzrpQLKfdbKlx-6FkekTFaK65mbkaLP8sSned1_G2rr6IzZuUnwWnxkCs4OgC4MDqEtdO3Su1_ZoZ-47t_-flfC8sbSaJ3dQL1e6gE1cjB0e5TPuf8_o7mPG-RtDIqPxEvv-PLHP0SyJthFf3hwCp2GR0fTL6XvmwAX1RyWvFxCHF8723tZRKp_zB0Ae6cm1lFRymmk4_ICcy6Vfod9tYcUKhESRQNTvaNNVEMYO7VgPz_rjmRLBy4kIbP6TbKfu15H69v5-t7gmhXgN2SmADCMeCcYt16XINyjhNlTnc97N0CS4PLw1RVkb2GSA02wAcCoaT7OI6wKcOTrUTbnwiVum9StwvcPuCZFU2i-pWUpzOYaGtyre7zfBARhDQmED6GzJpuw6_2oHN4t7mzy8WM0hJrLqpJLgz7bo56DercGl8MO3_HnWQSwx735Gb_k7JQrcSGotq9tNx5QOWPeEfWYYhU31rD8Yg0n-T6dOcMlFxEpONaVLld71YVsxn88j1QSraavpT1B3EYTE-03R4R--Nq6MnINvFzoenoEBf_3HrXsmdE71UHWVMubYQOABJ5VjFX4ZPN1geELVnwma6umQ58_6lmoEWOuv0Fg1eTHYRLB_yrzS33dboDt_KXPWHmy-D-hnaoMfjjIUzonMQyEwQ4stlo5NDzAQ1UoheWQZ_lnUApYWQkVM3GYgyOJsVMXXKdY3NAyxQpb2o_pEU6BDa_QViPU75nfFC8UZ3h5azCwUjtMH_1dKj8fwHI1QE5dj6vI-UdY_Ez9MUiMmxODQbVfQGt161PexaQFp8HmdDAPFrKuKTCb-qElBf1GXS0Klzf8WTs6Q9aTG1oDHOHu9KYQ2biz463twf2tsAIDI_FPC1gyFTVBVEQkaHJftKTUNmgAX4d5Ah_GGrdmyHTq0uE0NEBmjP6aG3y6jNjOm5o-nO0oraXcz34iuODddIJTPOReyfi17u0JG5kWKSbPSUxGRlaS8guZ2Q1FXIVYH6VX8l8yd-aCOwZDP33aL4AYpIY66QLnul4pZ_HPc21EyxMB5G3V7qojnTfzEE3JSLIb3pqXiYLO0Hx7iBvcHKSn_z52YZWvorkIQCxK12ezGprwmV-lD3C6oH2lAx6YnegBL4BoskXyniIuUARQMzm8dY5dpEnZ5Ka0eLLgO8RLaKberNM2yr1L5oyXBkEjNhtHNDAmVpxlLoli5NDKRCkKyD7558LTMVQD8uh-5DNNhe6rGUi2PBGbyWN3Gj7q4SaLxSQda6Rcmx-rcWdiF-frMGlv-meHthvvY6qkdwIJUNeJvyrpoQE2tzB_pxa9oK0YAP9F_PKtdqIw5yxGsHe37WjaSKctm5QIxJ0iLjSEA_76UDoHtSG10pvsVkys-TKICYKXFJnAvx-Itel4GRqSL5tBcmusSKGmzFikceZ06T_MREr2Eq0fu0XbktoszHChG36zntqSHAqZohhtnfWqDBaOVuKSFDRe7cf0cbpy1IWY1c1yOuD_kLpN6m9hXxuvuN4vM2VG_QTSVOZgFkBY_q48CYy0RWvd8QdQejTh6EnnjGjTJpCMNZzy4GWlxR18qdnRgYMtApzo70b-IiRNonGTAgLb70NskCDG_RkAvcAfHq6C2UgeBpbttUbIgKeX7MMRvB515l-UsF8PIGa9LfeIoLR0m3snrTwiyfBHMHx_nf39K8B6Ls6aisPgdGuwc2Ie_tEUSw4Ci8dLYIphLmMfwPytdU_sshlpGlFxNA36Amyx8DykkGXgHGTpj7JFtSokLnR7fuzZOU62xaAdnHb1H0RxElTxY4U48YkyX51N5-zbhDr9SnMhL0R3N01BOtpj3ahmcBrazhh_ymuewHR-xKaLK7sVosD-MYiQOMmeESlZ2-hEvDEf1kiUbAK8CSGzX3K5TzhwVwp0fi_AMh8rt2GWql6DSJItX5lSbftYN-vvM1xsSgRP9GYpeqkXwLAAJKJKyT-Y06KzgWyzWfheiphbL6eNQaUlU4bmToO55VIpgucHcGP9g5s2MpwUek7BlRas6m0ExvlDtamYv61J5qSOyCkXTAIPZ89hEbBIzVQ0vIjwenm6l0WAtixGSEPKZdAY9jSl58jsvrlFOhUEKAFAjRHYCqLIDJxckDcv_aNNEAQeYFx_sBqjitqxnx0eLUkZmB3Oq5WHAJqoJasnPKX4XA2tkYgaPSvmm3sqMUWeqM6bXVY1XrAlCY-b1MhJr7n5W&cid=CAASEuRonuZcwrVFMajmaDpvjO7yuw&rfl=1%2Chttps%253A%252F%252Fwww.wrtv.com%252F%240

Requested by

Host: www.wrtv.com
URL: https://www.wrtv.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b892a4f1538b1d989eeb5cf2e84c9dbbf191c6b2e2fa0db012c68c6b52f7166b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30047
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9BE7 42 B
63 B 50ms
49ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ABIcxL3mRN3kOtR3__aM3iaJVf4sUAufulAqLrgekeAmj4msc-NqNyHny53Mk3KFGn8-GOyTwlBdMyTVK0yP0958EgBVldRBCWV03-EtOIaVI1wKw

Requested by

Host: d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com
URL: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 9BE7 3 KB
1 KB 21ms
21ms Script
text/javascript 2a00:1450:4025:402::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js

Requested by

Host: d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com
URL: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4025:402::84 Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 21:17:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21219
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Nov 2021 21:17:05 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9BE7 120 KB
37 KB 49ms
28ms Script
text/javascript 2a00:1450:4025:402::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com
URL: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4025:402::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 03:10:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37686
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635939303405469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 05 Nov 2021 03:10:44 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 9BE7 15 KB
6 KB 21ms
21ms Script
text/javascript 2a00:1450:4025:402::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com
URL: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4025:402::84 Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 00:08:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10927
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6619
x-xss-protection: 0
server: cafe
etag: 4215814365075848680
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 19 Nov 2021 00:08:37 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 9BE7 0
0 33ms
15ms Image
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRUzqigFPbpsRX4pU6-vz0udeCWKVHq9tEMlL3QBcxtfKk2lFB0qJct1YfJux1E1JHNvvKokPyssu_pdUiZ07CZK9UqEw
Requested by: Host: d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com
URL: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame CFCE 0
0 26ms
26ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021110201&jk=3010810008861259&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 26ms
25ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CRACKED_SCRIPPS_DFP_PREBID_HEADER1&hp=1&zMoatAdUnit1=ssp.wrtv&zMoatAdUnit2=home&zMoatAdUnit3=landing&wf=1&ra=3&pxm=3&sgs=3&vb=11&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1636081842968&de=314310033065&rx=999788427589&m=0&ar=553ffc12ef5-clean&iw=aa17278&q=2&cb=0&cu=1636081842968&ll=2&lm=0&ln=0&em=0&en=0&d=16839141%3A237842901%3A2053316181%3A115768603221&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.wrtv.com%2F&id=1&ii=4&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=crackedscrippsdfpprebidheader262014341684&fd=1&ac=1&it=500&zMoatpage=-&zMoatpos=above%2C7&zMoatpt=landing%2Cfalse&pe=1%3A908%3A908%3A1854%3A780&fs=195402&na=130482363&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:44 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 05 Nov 2021 03:10:44 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 5111 640 B
363 B 42ms
42ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CIPG4AIQmaDwAhi-vu5tMAE&v=APEucNWaKW44ceqmA1t8lb7GgI8Y-l7K_pTFn4eeORxN0wRrcN2tMNMQprDUZ73f7T4XfAU7IdxXKBpFx_06mqcfzGj6rjv77_lYKrH8Oi7_JzxjwIAIi4ZU6MiTLc8p3ZFUZlGJ26OkH92wQarfBZdoDKx-Z7HIo6YxxnQ_J3bWTqC2b9aNNGM

Requested by

Host: d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com
URL: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 05 Nov 2021 03:10:44 GMT
server: cafe
cache-control: private
content-length: 295
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame CFA1 26 KB
14 KB 68ms
68ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BMVGMJ9J5WFIDiayOspzBGUmaLC-wtQVeFB2szhisLxc3Tz-1Tv9sGQNtVyzutIAqLHeL5iSK3EKauUdI1JgNuObNcPHFueDS5c3lWNkNLyjmZYfcsnztVGgseZJ3sALDVnvL97tLNwC2UIWbxvh3Z-VUgkg&cry=1&dbm_d=AKAmf-ANOH-eyODa8fJcoY4t6NChw1CCv8XsKsBdpyEngBYtJl_0X1cdqMWVHST-ogsypkmgQLzov8PeTlU7DblvZAgh5xxA6yZtZ5YFS58KFiDcdkU-6mAaUkRM18Fw1DOOY3skwq1TgEzBbtoA3db60fb1LroWnPrlL1NeNAHWvC4uJ2g7thDPOavvd2QBXYunUS7zJjpVa2E_QYUu41fLVkieJcWWVCeyYqDXPMldFacFbK3rA1tWUJAtisDzUowhfoLovbpPmG82IFLdPa0vxDDQXIzbeeQnuUlIF9Z8NfVns6uEKOK2k32RFzIvxUetSRVAQxRd4zoCnWnwlbYknf9J3M-WUxRqTvk7w_acehiMXWByudHIpcdrNJOM84VHoaj1XSmAYT99ZcgdCXe2IC4IQS20We-L_ZGA1ZV0wIumF_yvAe5SnxTREHUg_UE9aSlugVnMJ2fo0D9fUXTcWTm9bPrQ9uF0ZKCLcDuKU4RpRV2MktoUBrVuVsD7lUhcofzY-ep87wO02bx0aOQv0DN6K03zPMbNTEZ3V1JewE4IHHASvncq4f30IbT4ytj5aIx_zLWLp0w4lwu3hfK1BEA7t9ZhMx6A2mj0H35KxWN2PeJKv-pCz6utyQtkrnuGy3tVjnKjfKbm5Vzpkt0NlwOIwJifeuc1ykvZzLDcBmmVVH-IBJ8cbwUx86KxenFnG90JIizMTp92Uii0qIJnHjnMxAK7zemeh8dsN-RAQdNmixcrjXGHQYpgOmQe_pcU6MCEbnGKbg6HLHjgl5AO-6gaOVXcRWwDHelvZXusKNojFVPHnLCUz6wDV7hWNv1NP38BC7rkYZt-ph8WkIQAvfGfSZu2FBw5nXjAIyh56EknQUQO0_7euUdbypC-ypsieyqNcD8xCKuLcnuCUu2FWemUUBRRyPYbOFtNnxkQDujvT4VEICpvcVUoURQ4MbDVd2xdozAO6i8psRZnj6l7vzGC7JI1sF8cB_PuMuJbADTsUaSdabE__sph5WtFL8W7S8ix4nFVpqkqAF8td71csmRD1mt3_-ZIRTfe2yVk1B52maDg17s1u9sL9He2E37a3b3t5at8lPiHP7wD6qIdqqEOFpqCFyBc8cxeU8U4_FEV_02KHIVbiFBFsv9YIWV2ZbHAGGx-fcWjBDV-ki9uGzCyDE7cQ5OlBXVDJBijwTdrRaOX9K2uGLUVc5PCJHoRh2ar1QPT_xFwFSPHwfL58j9BpmroXt62SoX1XiaXFK9hPuZ-deCm3up_e9svxVhcViU6OPZZm1vpdfOLTNESu09F7doKMQwrjR6fIsKpdee4BJ3KRimDayByo7yKWEoBeAImuPa-f-MC3WQaArTQp4dRo1sGpSnyhwqn2idkpPJ6cmUVEWu3Lbp1byvp8tW2DBQ9ecJCeUsB7Y_HC3cdbdsPqcpfS1C5wabtmGfrzSTFheVkR5onvfdJHvFrI8c9klP24Gp5nHdiOIPPlAeTbbCnJMxRolvtvck1bJnwyLC6t_m9s7iVpmRU4G4FuQmCb2ohLgz1hs0cyQoowEePmtR98SOzuGf6MpSJtEBohY5JxwI3vu3o-5vRN6blfCB9FGI8dW1cvNujKJDKaNFLN8QpTE5aYWQNshE6U5Luo-TjWbOp0W4f1gMtzlA5ttKIwbdK674us4ztYrUy8Gc3kBmMZZVRa3GTREvf4sjCsbmeH8_Q8mLy3bqqLLElstPun4laS7HKzLmdw1-aSyxLswA-huu93UgJYwAL5TddjjEO4coVN9jGpdQz_xHWl4d_sFr8K2F8ZtJR_SqbT6lHl8jzCwol9URlgOFhQswt-5MvOeG95ICsPZpN2HWyZRyDVmgx6d_p2ijYGddFhHzcgWlq0INFA2_wzeHEpbK9jn1ED2qysUg9eKEs28SNoH3TZD3DhXJkameqlGWcf2rGEr3JMcsTBU0_MMe8iN_bU833XRp5yNxR-vaw60gCC18bCbJCrbljHpWbxVKNca7G7w5lvQJkG1QaURrsSkEOejDem8hAyYbuQIrQd0UsM_TOhUTki_i5YNKrEbId4tIznvHd_dYAw8RfrH59qTBchslW9PAnWekxrKa_aondGE3J_3J15FBxHFF6DYlCpS4Q5l3tOSGdsW-jAk5fG5xPoCWNXAGgfNHv_cLflvKo0L4E41NBRaNmPzT0D-BHSxIv3cnOxYf6Av6LFqLQ3JmFGndN1ARleQ4CWmoe4haxgw3dFMFLXDx6FsJqman8EwRgAt9nzm8wDW47BhDP0oT_OO2OwYMJazvypm6xB3_cslu1mo04Xgpj2qSotgKR7araXpegkBN6zwdiDqixgh_Pplq-1o5lcOrMXwzwRNKalh6PMyeC66k2z9I18XKYWCbI2pxf7QafaMfJ2N9FLuc7blqUfXYtQ5NgsxuHCVvc_ydyVhmiIqFpJpQ3cv5cGn_YDKydRAEIMe44h-M56lb7vUWmDmv-u6Hm8bBMTE6I8i19wX9aOum43hmt5Ycy978nRKQoJpMi4Za1ZsipkZbsOFAnGPhRgc-RpwxpLcRA3cPeFamSGWzWLsObyFlssLYuHSS_xl6Z8DX_um2pzKR169UBAVxxShc6Uae_4AEChdiSPqlGBGW5L3euUC0dpVS2gQug5BXOqPzNM_Xzx-vza0b8ZrUKiUfmg3KIDfPa0c6PuEL5beN2Fc2PxaTxkNWx6n9dpHwvhp1luwYo7RN_8ittXFEsfY4Bfq7fAlgoThbNXDaA7IF4URnCvtqIn7CK67fNRHj7j6UqOE3Brki_SfWkNT4bCFvJctumtvOFnvenoJ9GOPUbpeRwok7rUoIVbvPFYrtxB9VRt_xoglZs1XsxIbjWqhuijk9B7GGx35ngkl97rDfb-_n9i8d5BNOKMlFC3u8CNKxb1A8ocIxlSw9NE-DcOLyBKMX9wOpYU_c9OiOVpHnXTrYJTXrRDtxc4aHH0wb-Jezkkh997pLhOceY2PE-8XcABB673EAlS795K-t12adrGd24dCt4-OIMmWQYSmn6imnlSJNXrDf2xncxJGoVosERbVFagz-SzdlAxPJqgCzve7NDo1fmTCXUz-6plJDBV5BS4ED1eJrfCPLfjFq3Mj1c4uRrP_hzJkJXItNvq_thyslI3j93zx5oj0FdesC6oW615BYuIMdrBPtjSPCgsKfgAHOQJsbsGaNwspIWmQOT&cid=CAASEuRoT4pQfkBt6hPxTYy-7NNNBg&rfl=1%2Chttps%253A%252F%252Fwww.wrtv.com%252F%240

Requested by

Host: www.wrtv.com
URL: https://www.wrtv.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0b548bcd9e8592280fce318fbeb64b894589fe2892ca331cf449c80201cd294e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13880
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame CFA1 42 B
63 B 47ms
46ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ANg-2oTllWFlOy4aazM8EPPrKk1Rw-0sc9EM226ZF_OTaLHyH0OMbkcWG9yYADx00gb_tz9rhzxHa4qZDH9okAKv73NmJy4HfX5GN0BwMStA0hJvk

Requested by

Host: d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com
URL: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame CFA1 9 KB
4 KB 21ms
20ms Script
text/javascript 2a00:1450:4025:402::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com
URL: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4025:402::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba8e38c6c85b0384447b0174b6e16c72c56acbd084c40db40abedf89036f080c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 03:08:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 130
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4451
x-xss-protection: 0
last-modified: Thu, 21 Oct 2021 15:55:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 05 Nov 2021 04:08:34 GMT

GET
H2 200 skeleton.js Show response
pixel.adsafeprotected.com/rjss/st/415630/45225567/ Frame CFA1 46 KB
13 KB 129ms
56ms Script
application/javascript 52.51.10.244
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/rjss/st/415630/45225567/skeleton.js
Requested by: Host: d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com
URL: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.10.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-10-244.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 7971efe98b5f22df3b7e8ebaea3567d01626d0ea323e6c75f61db9ee92f767d5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:44 GMT
content-encoding: gzip
x-server-name: app08.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame CFA1 3 KB
1 KB 29ms
28ms Script
text/javascript 2a00:1450:4025:402::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js

Requested by

Host: d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com
URL: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4025:402::84 Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 21:17:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21219
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Nov 2021 21:17:05 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CFA1 120 KB
37 KB 29ms
29ms Script
text/javascript 2a00:1450:4025:402::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com
URL: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4025:402::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 03:10:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37686
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635939303405469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 05 Nov 2021 03:10:44 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame CFA1 15 KB
6 KB 29ms
28ms Script
text/javascript 2a00:1450:4025:402::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com
URL: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4025:402::84 Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 00:08:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10927
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6619
x-xss-protection: 0
server: cafe
etag: 4215814365075848680
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 19 Nov 2021 00:08:37 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B050 0
0 22ms
21ms Fetch
image/gif 142.250.102.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvcjdPWlHgQtXOAxIvcMbH4Yw1y2fouwDsQ11-mTZ6LKv2uS3FOUuZtKRFWJSE7X_xWqJf_GyrDqHTD4QI6Lip9pI-HCpFBoKf6uDHoPgvxgy_9graLUc_TVYn7nd4WW8b89y1LsA2tUXwU47tZ9nB1l56B_XDJIFcjW0_FmagU62p6HEnmmIpylLnwsQ5aZ4UZQd2Z2Vs3FsWmDuNuqSGGnBn33Fva-mIZovAkUNOaCHtsCk02fEwFfjN8dPhlJkEfznvo1G5V-QAzh2jGhTHPcPjlB3e00iDuIO7sV-5EY5diIMFUVkG4q9A&sig=Cg0ArKJSzFcLS-egyR7iEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.wrtv.com
URL: https://www.wrtv.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.102.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

rb-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 05 Nov 2021 03:10:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B050 0
0 20ms
20ms Fetch
image/gif 142.250.102.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsum29T5sdQSpf4mdJAkLZodjuKQndIECvfr7aW6Jcy2OPY8s2f5xVrX-3DfwvpYCRZ35b1E4Tj5R_PoUArRGCiF4hNy03sEFXPBqixZPu4-kMmOwKb5GakYoLABE-Hx2hTXTMHCzWTtelovkDeJwAG-LvXF73-XGx_gpz_u86Mo0kc16iMPVFCH1VbfAcnVqe3R9JIv-4ecJMsgCaZLG96hVQUT-gkqqFHqVF2G7eFLC0TpRIAGRlzu-4KseIXAQ0vIEBElgI_K3YZsuArauswCiHHeRYgHbul-D4GpO0cTOWLx_pPJD4HuOZbDqA&sig=Cg0ArKJSzKqRKzXXo3e6EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.102.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

rb-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 05 Nov 2021 03:10:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 05 Nov 2021 03:10:44 GMT

GET
DATA 200
OK truncated
/ Frame B050 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3f0fcacd3f37427f065e042a6aa8ad2505cbdf295387a1371f1c8023f78d22ed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame FEAA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED2vy7qyhruMPVwNumjvrSs&google_cver=1

43 B
1014 B

60ms
41ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED2vy7qyhruMPVwNumjvrSs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhiZkL-5ATAB&v=APEucNUOze7w6a0m8IrDCE3EdK2TIvyt7tYqMqAevY7sEtB8hHkSSuGXUFJlEh4A4jcpowrwbNsX2V3V1LMpCPXmX2pulXGtJYVVTGtDvCvvIKt2H6Ztcm3DNL56LH-h0W3AkeaR3iYsHBbgtLpJdyHf1C_QjX41F0IVm86rA23pwfeYCCIYrJU
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 05 Nov 2021 03:10:44 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 05 Nov 2021 03:10:44 GMT

Redirect headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:44 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED2vy7qyhruMPVwNumjvrSs&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame FEAA
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YYSgtDPFl2dHHW91wo.sdAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED2vy7qyhruMPVwNumjvrSs&google_cver=1&google_hm=2

43 B
894 B

31ms
29ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED2vy7qyhruMPVwNumjvrSs&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhiZkL-5ATAB&v=APEucNUOze7w6a0m8IrDCE3EdK2TIvyt7tYqMqAevY7sEtB8hHkSSuGXUFJlEh4A4jcpowrwbNsX2V3V1LMpCPXmX2pulXGtJYVVTGtDvCvvIKt2H6Ztcm3DNL56LH-h0W3AkeaR3iYsHBbgtLpJdyHf1C_QjX41F0IVm86rA23pwfeYCCIYrJU
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 05 Nov 2021 03:10:44 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 05 Nov 2021 03:10:44 GMT

Redirect headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:44 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED2vy7qyhruMPVwNumjvrSs&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame FEAA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEJo0ZXQwWL9Nt8s_prgRiJE&google_cver=1

43 B
1002 B

13ms
13ms

Image
image/gif

185.33.221.89
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEJo0ZXQwWL9Nt8s_prgRiJE&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhiZkL-5ATAB&v=APEucNUOze7w6a0m8IrDCE3EdK2TIvyt7tYqMqAevY7sEtB8hHkSSuGXUFJlEh4A4jcpowrwbNsX2V3V1LMpCPXmX2pulXGtJYVVTGtDvCvvIKt2H6Ztcm3DNL56LH-h0W3AkeaR3iYsHBbgtLpJdyHf1C_QjX41F0IVm86rA23pwfeYCCIYrJU

Protocol

HTTP/1.1

Server

185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 05 Nov 2021 03:10:44 GMT
X-Proxy-Origin: 193.27.14.10; 193.27.14.10; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: b6679aca-593c-4714-9a5a-3f1b8cf54fa9
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:44 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEJo0ZXQwWL9Nt8s_prgRiJE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame FEAA
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjM4NzE1MDk1MTQ5NzU5NTYxOA%3D%3D

170 B
243 B

92ms
15ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjM4NzE1MDk1MTQ5NzU5NTYxOA%3D%3D

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 05 Nov 2021 03:10:44 GMT
X-Proxy-Origin: 193.27.14.10; 193.27.14.10; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 3c9315c2-b56e-4a01-9984-4b65df143023
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjM4NzE1MDk1MTQ5NzU5NTYxOA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 9BE7 106 KB
38 KB 124ms
16ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: www.wrtv.com
URL: https://www.wrtv.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/
Origin: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 08:37:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66794
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 05 Nov 2021 08:37:30 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/elements/html/ Frame 9BE7 8 KB
3 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D2GxXs9dcMYBKMX-v6vcDpbjDu64GEIOTuOyo585gJK06yH4WnTE9bmfmcLjmL0UI84FQT17_3lrqFPErFzf7UvzY5as_ZqM30y2UmeVv5mMtbxHvOQBQRVDPKGMkPEckR7LHeMRcsPQW6gyqO_6jbSfaCdw&dbm_d=AKAmf-AEygzIm5sLIhd9ske5YH79gUbdX6c9HMx9kOXht883WRsbIBKtqMmgsubdB2vOjDoZlf7H7q4fGZshKX7DtFMe5CQZVECi1UiO8kHPH_jYWDWrumciKRI_BRszV0GTZYMNScFyGR9yml3UqShsgPXGavSEs3sNtwt5Bs5lIw8gRO5sCkfGsACD8EomI4IKctMUuCMhVEFW-hTnXQjAuY5gveyCtY4YcQFKqdJ6rPr4NYoR9xiNQri3nPkWQwmWhoI0nA2_7EUQBKODDlWrPMHUpbI9CIQMFr63Zv6PBwEBay-ZT2MwP09G5OnFrGli5qDJNDOXwb1RS8-qSD_2R_3LV72PkgQXRfufVA_MYdNTWefPk8GLfWRN8LygkoDzdYHz5Ff9po4g4UoVIuhtV73YllcX8djmj1kugCLzOuhBOLThEtPqSkZLxTQ8WJm-XRzy4zu40sfhYH17l-4ILKNv3NFAHO8YkR-5b55AuRu9xKNevVeatFpnfg33o40fZGbIiAGSyem5kEgKQd837hjNM1AZ00tMIef-YSth3EmjgX1e38KwcSSV4WIpQpVv826ftflNfRuqLBep-1LJyBhdrWInCK-dz7ppFHGn6uoO2bpjDNgJlL-7LKAPHPg4JZMl_0oveqGT9cD81hMEx2Dp3S5Q6AzBkQ_OSCPcP0A6WBF_JIsAmZ4005r696xkT_mLRGIrjG6Cf9bMNMv7mdmtuO8QleIkkzldU-G6lqE6T-8TxEvFst26AhwhcWSlxPfpFt8Rd9mu59inDzrpQLKfdbKlx-6FkekTFaK65mbkaLP8sSned1_G2rr6IzZuUnwWnxkCs4OgC4MDqEtdO3Su1_ZoZ-47t_-flfC8sbSaJ3dQL1e6gE1cjB0e5TPuf8_o7mPG-RtDIqPxEvv-PLHP0SyJthFf3hwCp2GR0fTL6XvmwAX1RyWvFxCHF8723tZRKp_zB0Ae6cm1lFRymmk4_ICcy6Vfod9tYcUKhESRQNTvaNNVEMYO7VgPz_rjmRLBy4kIbP6TbKfu15H69v5-t7gmhXgN2SmADCMeCcYt16XINyjhNlTnc97N0CS4PLw1RVkb2GSA02wAcCoaT7OI6wKcOTrUTbnwiVum9StwvcPuCZFU2i-pWUpzOYaGtyre7zfBARhDQmED6GzJpuw6_2oHN4t7mzy8WM0hJrLqpJLgz7bo56DercGl8MO3_HnWQSwx735Gb_k7JQrcSGotq9tNx5QOWPeEfWYYhU31rD8Yg0n-T6dOcMlFxEpONaVLld71YVsxn88j1QSraavpT1B3EYTE-03R4R--Nq6MnINvFzoenoEBf_3HrXsmdE71UHWVMubYQOABJ5VjFX4ZPN1geELVnwma6umQ58_6lmoEWOuv0Fg1eTHYRLB_yrzS33dboDt_KXPWHmy-D-hnaoMfjjIUzonMQyEwQ4stlo5NDzAQ1UoheWQZ_lnUApYWQkVM3GYgyOJsVMXXKdY3NAyxQpb2o_pEU6BDa_QViPU75nfFC8UZ3h5azCwUjtMH_1dKj8fwHI1QE5dj6vI-UdY_Ez9MUiMmxODQbVfQGt161PexaQFp8HmdDAPFrKuKTCb-qElBf1GXS0Klzf8WTs6Q9aTG1oDHOHu9KYQ2biz463twf2tsAIDI_FPC1gyFTVBVEQkaHJftKTUNmgAX4d5Ah_GGrdmyHTq0uE0NEBmjP6aG3y6jNjOm5o-nO0oraXcz34iuODddIJTPOReyfi17u0JG5kWKSbPSUxGRlaS8guZ2Q1FXIVYH6VX8l8yd-aCOwZDP33aL4AYpIY66QLnul4pZ_HPc21EyxMB5G3V7qojnTfzEE3JSLIb3pqXiYLO0Hx7iBvcHKSn_z52YZWvorkIQCxK12ezGprwmV-lD3C6oH2lAx6YnegBL4BoskXyniIuUARQMzm8dY5dpEnZ5Ka0eLLgO8RLaKberNM2yr1L5oyXBkEjNhtHNDAmVpxlLoli5NDKRCkKyD7558LTMVQD8uh-5DNNhe6rGUi2PBGbyWN3Gj7q4SaLxSQda6Rcmx-rcWdiF-frMGlv-meHthvvY6qkdwIJUNeJvyrpoQE2tzB_pxa9oK0YAP9F_PKtdqIw5yxGsHe37WjaSKctm5QIxJ0iLjSEA_76UDoHtSG10pvsVkys-TKICYKXFJnAvx-Itel4GRqSL5tBcmusSKGmzFikceZ06T_MREr2Eq0fu0XbktoszHChG36zntqSHAqZohhtnfWqDBaOVuKSFDRe7cf0cbpy1IWY1c1yOuD_kLpN6m9hXxuvuN4vM2VG_QTSVOZgFkBY_q48CYy0RWvd8QdQejTh6EnnjGjTJpCMNZzy4GWlxR18qdnRgYMtApzo70b-IiRNonGTAgLb70NskCDG_RkAvcAfHq6C2UgeBpbttUbIgKeX7MMRvB515l-UsF8PIGa9LfeIoLR0m3snrTwiyfBHMHx_nf39K8B6Ls6aisPgdGuwc2Ie_tEUSw4Ci8dLYIphLmMfwPytdU_sshlpGlFxNA36Amyx8DykkGXgHGTpj7JFtSokLnR7fuzZOU62xaAdnHb1H0RxElTxY4U48YkyX51N5-zbhDr9SnMhL0R3N01BOtpj3ahmcBrazhh_ymuewHR-xKaLK7sVosD-MYiQOMmeESlZ2-hEvDEf1kiUbAK8CSGzX3K5TzhwVwp0fi_AMh8rt2GWql6DSJItX5lSbftYN-vvM1xsSgRP9GYpeqkXwLAAJKJKyT-Y06KzgWyzWfheiphbL6eNQaUlU4bmToO55VIpgucHcGP9g5s2MpwUek7BlRas6m0ExvlDtamYv61J5qSOyCkXTAIPZ89hEbBIzVQ0vIjwenm6l0WAtixGSEPKZdAY9jSl58jsvrlFOhUEKAFAjRHYCqLIDJxckDcv_aNNEAQeYFx_sBqjitqxnx0eLUkZmB3Oq5WHAJqoJasnPKX4XA2tkYgaPSvmm3sqMUWeqM6bXVY1XrAlCY-b1MhJr7n5W&cid=CAASEuRonuZcwrVFMajmaDpvjO7yuw&rfl=1%2Chttps%253A%252F%252Fwww.wrtv.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 02:36:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2068
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 19 Nov 2021 02:36:16 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/ Frame 9BE7 24 KB
9 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8957910f9a887e298f5c082685e139255d095ec819e8b8cc6469b0006ef204b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 03:07:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 173
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9560
x-xss-protection: 0
server: cafe
etag: 378257483732583304
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 19 Nov 2021 03:07:51 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/ Frame CFA1 24 KB
9 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BMVGMJ9J5WFIDiayOspzBGUmaLC-wtQVeFB2szhisLxc3Tz-1Tv9sGQNtVyzutIAqLHeL5iSK3EKauUdI1JgNuObNcPHFueDS5c3lWNkNLyjmZYfcsnztVGgseZJ3sALDVnvL97tLNwC2UIWbxvh3Z-VUgkg&cry=1&dbm_d=AKAmf-ANOH-eyODa8fJcoY4t6NChw1CCv8XsKsBdpyEngBYtJl_0X1cdqMWVHST-ogsypkmgQLzov8PeTlU7DblvZAgh5xxA6yZtZ5YFS58KFiDcdkU-6mAaUkRM18Fw1DOOY3skwq1TgEzBbtoA3db60fb1LroWnPrlL1NeNAHWvC4uJ2g7thDPOavvd2QBXYunUS7zJjpVa2E_QYUu41fLVkieJcWWVCeyYqDXPMldFacFbK3rA1tWUJAtisDzUowhfoLovbpPmG82IFLdPa0vxDDQXIzbeeQnuUlIF9Z8NfVns6uEKOK2k32RFzIvxUetSRVAQxRd4zoCnWnwlbYknf9J3M-WUxRqTvk7w_acehiMXWByudHIpcdrNJOM84VHoaj1XSmAYT99ZcgdCXe2IC4IQS20We-L_ZGA1ZV0wIumF_yvAe5SnxTREHUg_UE9aSlugVnMJ2fo0D9fUXTcWTm9bPrQ9uF0ZKCLcDuKU4RpRV2MktoUBrVuVsD7lUhcofzY-ep87wO02bx0aOQv0DN6K03zPMbNTEZ3V1JewE4IHHASvncq4f30IbT4ytj5aIx_zLWLp0w4lwu3hfK1BEA7t9ZhMx6A2mj0H35KxWN2PeJKv-pCz6utyQtkrnuGy3tVjnKjfKbm5Vzpkt0NlwOIwJifeuc1ykvZzLDcBmmVVH-IBJ8cbwUx86KxenFnG90JIizMTp92Uii0qIJnHjnMxAK7zemeh8dsN-RAQdNmixcrjXGHQYpgOmQe_pcU6MCEbnGKbg6HLHjgl5AO-6gaOVXcRWwDHelvZXusKNojFVPHnLCUz6wDV7hWNv1NP38BC7rkYZt-ph8WkIQAvfGfSZu2FBw5nXjAIyh56EknQUQO0_7euUdbypC-ypsieyqNcD8xCKuLcnuCUu2FWemUUBRRyPYbOFtNnxkQDujvT4VEICpvcVUoURQ4MbDVd2xdozAO6i8psRZnj6l7vzGC7JI1sF8cB_PuMuJbADTsUaSdabE__sph5WtFL8W7S8ix4nFVpqkqAF8td71csmRD1mt3_-ZIRTfe2yVk1B52maDg17s1u9sL9He2E37a3b3t5at8lPiHP7wD6qIdqqEOFpqCFyBc8cxeU8U4_FEV_02KHIVbiFBFsv9YIWV2ZbHAGGx-fcWjBDV-ki9uGzCyDE7cQ5OlBXVDJBijwTdrRaOX9K2uGLUVc5PCJHoRh2ar1QPT_xFwFSPHwfL58j9BpmroXt62SoX1XiaXFK9hPuZ-deCm3up_e9svxVhcViU6OPZZm1vpdfOLTNESu09F7doKMQwrjR6fIsKpdee4BJ3KRimDayByo7yKWEoBeAImuPa-f-MC3WQaArTQp4dRo1sGpSnyhwqn2idkpPJ6cmUVEWu3Lbp1byvp8tW2DBQ9ecJCeUsB7Y_HC3cdbdsPqcpfS1C5wabtmGfrzSTFheVkR5onvfdJHvFrI8c9klP24Gp5nHdiOIPPlAeTbbCnJMxRolvtvck1bJnwyLC6t_m9s7iVpmRU4G4FuQmCb2ohLgz1hs0cyQoowEePmtR98SOzuGf6MpSJtEBohY5JxwI3vu3o-5vRN6blfCB9FGI8dW1cvNujKJDKaNFLN8QpTE5aYWQNshE6U5Luo-TjWbOp0W4f1gMtzlA5ttKIwbdK674us4ztYrUy8Gc3kBmMZZVRa3GTREvf4sjCsbmeH8_Q8mLy3bqqLLElstPun4laS7HKzLmdw1-aSyxLswA-huu93UgJYwAL5TddjjEO4coVN9jGpdQz_xHWl4d_sFr8K2F8ZtJR_SqbT6lHl8jzCwol9URlgOFhQswt-5MvOeG95ICsPZpN2HWyZRyDVmgx6d_p2ijYGddFhHzcgWlq0INFA2_wzeHEpbK9jn1ED2qysUg9eKEs28SNoH3TZD3DhXJkameqlGWcf2rGEr3JMcsTBU0_MMe8iN_bU833XRp5yNxR-vaw60gCC18bCbJCrbljHpWbxVKNca7G7w5lvQJkG1QaURrsSkEOejDem8hAyYbuQIrQd0UsM_TOhUTki_i5YNKrEbId4tIznvHd_dYAw8RfrH59qTBchslW9PAnWekxrKa_aondGE3J_3J15FBxHFF6DYlCpS4Q5l3tOSGdsW-jAk5fG5xPoCWNXAGgfNHv_cLflvKo0L4E41NBRaNmPzT0D-BHSxIv3cnOxYf6Av6LFqLQ3JmFGndN1ARleQ4CWmoe4haxgw3dFMFLXDx6FsJqman8EwRgAt9nzm8wDW47BhDP0oT_OO2OwYMJazvypm6xB3_cslu1mo04Xgpj2qSotgKR7araXpegkBN6zwdiDqixgh_Pplq-1o5lcOrMXwzwRNKalh6PMyeC66k2z9I18XKYWCbI2pxf7QafaMfJ2N9FLuc7blqUfXYtQ5NgsxuHCVvc_ydyVhmiIqFpJpQ3cv5cGn_YDKydRAEIMe44h-M56lb7vUWmDmv-u6Hm8bBMTE6I8i19wX9aOum43hmt5Ycy978nRKQoJpMi4Za1ZsipkZbsOFAnGPhRgc-RpwxpLcRA3cPeFamSGWzWLsObyFlssLYuHSS_xl6Z8DX_um2pzKR169UBAVxxShc6Uae_4AEChdiSPqlGBGW5L3euUC0dpVS2gQug5BXOqPzNM_Xzx-vza0b8ZrUKiUfmg3KIDfPa0c6PuEL5beN2Fc2PxaTxkNWx6n9dpHwvhp1luwYo7RN_8ittXFEsfY4Bfq7fAlgoThbNXDaA7IF4URnCvtqIn7CK67fNRHj7j6UqOE3Brki_SfWkNT4bCFvJctumtvOFnvenoJ9GOPUbpeRwok7rUoIVbvPFYrtxB9VRt_xoglZs1XsxIbjWqhuijk9B7GGx35ngkl97rDfb-_n9i8d5BNOKMlFC3u8CNKxb1A8ocIxlSw9NE-DcOLyBKMX9wOpYU_c9OiOVpHnXTrYJTXrRDtxc4aHH0wb-Jezkkh997pLhOceY2PE-8XcABB673EAlS795K-t12adrGd24dCt4-OIMmWQYSmn6imnlSJNXrDf2xncxJGoVosERbVFagz-SzdlAxPJqgCzve7NDo1fmTCXUz-6plJDBV5BS4ED1eJrfCPLfjFq3Mj1c4uRrP_hzJkJXItNvq_thyslI3j93zx5oj0FdesC6oW615BYuIMdrBPtjSPCgsKfgAHOQJsbsGaNwspIWmQOT&cid=CAASEuRoT4pQfkBt6hPxTYy-7NNNBg&rfl=1%2Chttps%253A%252F%252Fwww.wrtv.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8957910f9a887e298f5c082685e139255d095ec819e8b8cc6469b0006ef204b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 03:07:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 173
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9560
x-xss-protection: 0
server: cafe
etag: 378257483732583304
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 19 Nov 2021 03:07:51 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame CFA1 41 KB
15 KB 21ms
21ms Script
text/javascript 2a00:1450:4025:402::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4025:402::84 Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 08:31:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67138
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Fri, 04 Nov 2022 08:31:46 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 19ms
18ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&zMoatAdUnit1=ssp.wrtv&zMoatAdUnit2=inview-bottom&wf=1&ra=3&pxm=3&sgs=3&vb=11&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fd5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&i=CRACKED_SCRIPPS_DFP_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B*EjrG%3DH%3CA.a%24%7D9H%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-au92djWwZ10QbMk%2BqjMratT%2F8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-WC5uNxErYklCYg%3D%3D&sc=1&os=1-Lg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.wrtv.com%2F&pcode=crackedscrippsdfpprebidheader262014341684&rx=999788427589&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&zMoatpage=-&zMoatpos=above%2C6&zMoatpt=landing%2Cfalse&g=0&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=728&rm=1&fy=436&gp=1106&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.wrtv.com%2F&id=1&ii=4&f=0&j=&t=1636081842968&de=741499513057&cu=1636081842968&m=1674&ar=553ffc12ef5-clean&iw=aa17278&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=1106&lb=8089&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A908%3A908%3A1854%3A780&as=0&ag=7&an=0&gf=7&gg=0&ix=7&ic=7&ez=1&aj=1&pg=100&pf=0&ib=1&cc=0&bw=7&bx=0&dj=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=13&cd=0&ah=13&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=16839141%3A237842901%3A5250393788%3A138298488418&gw=crackedscrippsdfpprebidheader262014341684&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=195402&na=1613387880&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:44 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 05 Nov 2021 03:10:44 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 19ms
19ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&zMoatAdUnit1=ssp.wrtv&zMoatAdUnit2=home&zMoatAdUnit3=landing&wf=1&ra=3&pxm=3&sgs=3&vb=11&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fd5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&i=CRACKED_SCRIPPS_DFP_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B*EjrG%3DH%3CA.a%24%7D9H%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-au92djWwZ10QbMk%2BqjMratT%2F8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-WC5uNxErYklCYg%3D%3D&sc=1&os=1-Lg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.wrtv.com%2F&pcode=crackedscrippsdfpprebidheader262014341684&rx=999788427589&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&zMoatpage=-&zMoatpos=above%2C7&zMoatpt=landing%2Cfalse&g=0&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=728&rm=1&fy=436&gp=1541.1875&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.wrtv.com%2F&id=1&ii=4&f=0&j=&t=1636081842968&de=314310033065&cu=1636081842968&m=1711&ar=553ffc12ef5-clean&iw=aa17278&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=1541.1875&lb=8089&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A908%3A908%3A1854%3A780&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=40&cd=0&ah=40&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=16839141%3A237842901%3A2053316181%3A115768603221&gw=crackedscrippsdfpprebidheader262014341684&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&tc=0&fs=195402&na=1217551272&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:44 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 05 Nov 2021 03:10:44 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 51ms
50ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021110201&jk=3010810008861259&bg=!xsWlxYHNAAYH3anuB907ACkAdvg8Wj3s1x07U_44mMU53S_-C8umdifmx4wgVzi-iaQrRJSaqz3xVwIAAADwUgAAAAxoAQcKAEoOUjRJFqR-Da3dtz2tf89NSxzUZlNGx9b3yEvAIr_vb6MVyxCcOMBSZew_38GI4TKNTpMvQfFdZooGTmf4_nRmbNgbN5cHyb0A8pkCt3q5FgdwXPis2_clCoIWZLzb8EGzF0h9i6V1vi9c6SgVXjLtOZVfeADlx0PBtF_Ci2hy-mvxZ-UscloVXw_ViYTGorbVPPLFoOn7kw1ygd-cR4k65bGzlU8F1gyNuMuWNDnwls6EgJyfbyKE85daZOmpLtRGBztWnrqsM9TzRHGtCpvET4WJxDCgPCeGDM-zGFLNwJjhwr3w6TVlPriC9-QA4gfaxy5UqL70F4Fl80BmLPqLziOTG3bAdrJUPyZaa7A5kItXcd5Vq5H9EDqfvBDkZ_MfUG8Ovveuiqw9pAxAGHcpzPyLcfN7Fn4Tfd_N_yV1pKfCqvW8LuIzv8nTgLOWoPuB4db02gHbUXcvCkQFfgk1cLOTRAukabNBdtzVYYMFQWhTacMeB_2kXdsa8pHx19nDiyCG0SUlVOGNkvqKzEzns_U6ZCaSpjIuq10Os1fn6AcNPULVetkDyAXrpWJtVaGeUzVBFgtk6Pjuup7tXiqtSVQyJJfK1eEGJtTCHqCcm0Si-BPHX-zl0aSvZQtZnrxh-1TclplSRVHsC1pF19ovQCiLRlBPmvGPcR-Wg_fdaVSVT-NX26w4Ohexwqc68v2qyCzsGMRb2r7-8zp7c_NRheNeziADEEWKtg325NjLF013tzg6cXxSjUJyW4YPqhyXa2oVu1lZbAncy35k3ZBzCJBc0oNtYAuu7bQ670-CXxfkw8-Qe3zuvLQRs-soAWZ4RqGqHuazMSuyX2nXKfyup-BlUTTk8UrB2Aijjo_BnZexXerBPGBw43RcnKB120ooLyPomgrrWsEAK1lfcH8lzkMg3GDt4S-YXzWwyaCQv9XJpaL0yxi8CIGmdLtXjh3xJuVA8ffI8VllLug7ZVYrz69HAGLpaVwKz-nm41xAgw8dCh7b_xCdlRx-kBYS4i20axZb

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 153B 22 KB
8 KB 22ms
22ms Document
text/html 2a00:1450:4025:402::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4025:402::84 Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Thu, 04 Nov 2021 01:37:16 GMT
expires: Fri, 04 Nov 2022 01:37:16 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 92008
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 9BE7 41 KB
15 KB 40ms
38ms Script
text/javascript 2a00:1450:4025:402::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com
URL: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4025:402::84 Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 08:31:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67138
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Fri, 04 Nov 2022 08:31:46 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6D4A 1 KB
749 B 31ms
30ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com
URL: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 04 Nov 2021 21:11:57 GMT
expires: Fri, 05 Nov 2021 21:11:57 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 21527
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 9BE7 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ced547787cfaa69b2cdc2082480a1b75be7afd19067879d38628cb0f97897831

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 5111
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFLVp5VIPr7DcefRiH2929c&google_cver=1

43 B
114 B

17ms
17ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFLVp5VIPr7DcefRiH2929c&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIPG4AIQmaDwAhi-vu5tMAE&v=APEucNWaKW44ceqmA1t8lb7GgI8Y-l7K_pTFn4eeORxN0wRrcN2tMNMQprDUZ73f7T4XfAU7IdxXKBpFx_06mqcfzGj6rjv77_lYKrH8Oi7_JzxjwIAIi4ZU6MiTLc8p3ZFUZlGJ26OkH92wQarfBZdoDKx-Z7HIo6YxxnQ_J3bWTqC2b9aNNGM
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:44 GMT
via: 1.1 google
server: OXGW/16.218.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:44 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFLVp5VIPr7DcefRiH2929c&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5111
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MGQ2N2ZhNzMtZDcyYS02MGZmLTRmNzEtMDU0YjJiYWViOGI0

170 B
188 B

17ms
16ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MGQ2N2ZhNzMtZDcyYS02MGZmLTRmNzEtMDU0YjJiYWViOGI0

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIPG4AIQmaDwAhi-vu5tMAE&v=APEucNWaKW44ceqmA1t8lb7GgI8Y-l7K_pTFn4eeORxN0wRrcN2tMNMQprDUZ73f7T4XfAU7IdxXKBpFx_06mqcfzGj6rjv77_lYKrH8Oi7_JzxjwIAIi4ZU6MiTLc8p3ZFUZlGJ26OkH92wQarfBZdoDKx-Z7HIo6YxxnQ_J3bWTqC2b9aNNGM

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 05 Nov 2021 03:10:44 GMT
content-encoding: gzip
server: OXGW/16.218.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MGQ2N2ZhNzMtZDcyYS02MGZmLTRmNzEtMDU0YjJiYWViOGI0
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H2

200

um
sync.teads.tv/ Frame 5111
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEL47ZDUgM4wwZpMeJOPXXH0&google_cver=1

23 B
172 B

95ms
45ms

Image
image/gif

104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEL47ZDUgM4wwZpMeJOPXXH0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIPG4AIQmaDwAhi-vu5tMAE&v=APEucNWaKW44ceqmA1t8lb7GgI8Y-l7K_pTFn4eeORxN0wRrcN2tMNMQprDUZ73f7T4XfAU7IdxXKBpFx_06mqcfzGj6rjv77_lYKrH8Oi7_JzxjwIAIi4ZU6MiTLc8p3ZFUZlGJ26OkH92wQarfBZdoDKx-Z7HIo6YxxnQ_J3bWTqC2b9aNNGM
Protocol: H2
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.6 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:44 GMT
cache-control: max-age=0, no-cache, no-store
expires: Fri, 05 Nov 2021 03:10:44 GMT
server: akka-http/10.2.6
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:44 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESEL47ZDUgM4wwZpMeJOPXXH0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 5111 23 B
172 B 133ms
47ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIPG4AIQmaDwAhi-vu5tMAE&v=APEucNWaKW44ceqmA1t8lb7GgI8Y-l7K_pTFn4eeORxN0wRrcN2tMNMQprDUZ73f7T4XfAU7IdxXKBpFx_06mqcfzGj6rjv77_lYKrH8Oi7_JzxjwIAIi4ZU6MiTLc8p3ZFUZlGJ26OkH92wQarfBZdoDKx-Z7HIo6YxxnQ_J3bWTqC2b9aNNGM
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.6 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:44 GMT
cache-control: max-age=0, no-cache, no-store
expires: Fri, 05 Nov 2021 03:10:44 GMT
server: akka-http/10.2.6
content-length: 23
content-type: image/gif

GET
H3 200 impl_v81.js Show response
www.googletagservices.com/dcm/ Frame CFA1 41 KB
17 KB 20ms
20ms Script
text/javascript 2a00:1450:4025:402::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v81.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4025:402::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3be6ad457ba5d4425f4d105688e9cf5a32595ff156bd290c8ccbe0e6ca3a68a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 22:08:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18130
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17189
x-xss-protection: 0
last-modified: Mon, 18 Oct 2021 20:08:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Nov 2022 22:08:34 GMT

GET
H/1.1 200
OK mtrcs_220434.js Show response
s79.mxcdn.net/bb-mx/serve/ Frame 9BE7 148 KB
57 KB 65ms
19ms Script
text/javascript 2.18.233.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s79.mxcdn.net/bb-mx/serve/mtrcs_220434.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-67.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b16916d8b6df8c1acec5fe749e18006d6ac052af249367015f97c2db11dca359

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 05 Nov 2021 03:10:44 GMT
Content-Encoding: gzip
Last-Modified: Fri, 29 Oct 2021 14:40:13 GMT
Server: nginx
ETag: "\W00000582421635518413776"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NON DSP CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI COM NAV STA"
Cache-Control: public, max-age=1800
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 58242
Expires: Fri, 05 Nov 2021 03:40:44 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/ Frame 34DB 12 KB
3 KB 37ms
14ms Document
text/html 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

76512bbaf0cc095f7c67adbf9a349a81c9b33141ed643950fcdc5fc2ebcfe7cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 3490
date: Thu, 04 Nov 2021 23:00:00 GMT
expires: Fri, 04 Nov 2022 23:00:00 GMT
last-modified: Mon, 01 Nov 2021 12:36:39 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 15044
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9BE7 0
571 B 74ms
52ms Ping
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuyr5wuFA752yBqz_6cTxaL_Qh_2e8daIyXYZXL-TGoOOLZZ33QgD78YpXqfpzpOhBxhWvMdE91brxu4RT1HmLGO-2XTKIdBfiry__qBrjztXGImYgFpqTlKBsaXr16fGEo9VBzT75fkw0oQVZt0y2k2K4hGYE2ucCnUpsEi2ICgtvQOxausWlGzAPj00bWuS_DfTQ3QNsYvyb8Qb2SUl4eXtJglOZby9eSO_2okxlGmhc3HnJ5VP-OnUrkUf1xZjlA8qIH7JtTn8ZLXsvt6Mau7mbBbcdL95rdTmvHjiHxwrJPOa4fk_ZLjxsZYZB1ZZbs4gUBsfJrWKnTiqJDxpJRkzmxV1F9T6QjBx6KqE3e83EQqf5m0feCp3vTRs82WN8oFOOK1LCsLbhby0hLOmP__KMKb0mFAtVXvqodk5iMVflpp8vz88hNxCBsqe_GL4jV6EIdnddWagoF2skhGYoJLFdTUKdd0h7gE2ERV4qXlvBg4qL8VjiHTL9oXcLA73bZZR8N79W_ykNZSGbK1Zrq4PL0i680o_HL-euXfllBs7jvxZqzy9ruQ8LlMzPCTI2UgpeWR_Gctj_YtduZn_gkgakrjB_wRBtOOtXe3SSQIuOQp7eMUAf0gBZNw_pbcGf3pKxfjs7TGZts_EPUXOazzox5muf4aNjWWGTTADBaE-4MU8Kpxaf7jhkwA6N-zaKdj8Mk6xqvlMb1vOPbOxSVH9ESGkL-AaUUOe76fC2VQDXoFlXjV3IiuEr89NbJizJk37QVSjpa3GBg26xYvHNmx2wex-Rw0ZCxT081cxHFJ_BAJB2auyNTWsc1EtEirXRlsoKIjTz68Eg-a-fWrCk1idNv7B0DC_NId_QGQ9eG-v4nF7fK_03ZXsP9uh2aQEGbByR4-BcDVikB4KuB8JCMi4v2OgoXV6TEXOiFci-5h5CtwbSBQ0qubcO5Av_W34nkb_f4EmJ98hPkpZOLgQaeyM1qP5C1Ysx9WVCQdh_Lgq3T85339bMLszvy5JeSce35CTLfCK3yVSwciTYP8tiIUN0DsTSMQZ_N2KaXNPhPiEoma9XpzlfA7QUahZSJKBNNuFNA18i3H4ORZqoe8eJ_qoAw7ObO-rTIfyMaaESsNN-Hua_nXvualg456jduFC4Eo0uqTqKuzEPq1njUaa_tC3VvMAghvyset2-GAsg4FYrfjP_u0BNOw82F1XrkMSQ_0oEuTtH8-6ihO0RJ3y9q3O4E35iXDkoi6rKVjTNMCf5OaWraDA&sai=AMfl-YTGr8LjL6wn4xz5W0l9wQviqtCGj0dsYHePkjov35mnrlnfVGJwiqv8ZIeePWJqpqeCJ2bp9OVlUXmFsc5LppzO7JB-u6Wd1wo_bhGTqu_7J-GHWpJ-9A05syOa18Vwm936uwezhVFWFkDpTXKd9aPzLJP6Tg&sig=Cg0ArKJSzPTmjjo5SNmiEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=193&cbvp=1&cstd=190&cisv=r20211103.92701&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.wrtv.com
URL: https://www.wrtv.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Fri, 05 Nov 2021 03:10:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 B24008644.271759989;dc_ver=81.235;sz=728x90;u_sd=1;dc_adk=2228999113;ord=tt8ddb;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCb9mis6CEYfuHM8bo3gPRvrGgAZugtPllhO3Un7gO... Show response
ad.doubleclick.net/ddm/adj/N1200812.3230469APEXOUTCOMES/ Frame CFA1 59 KB
25 KB 57ms
56ms Script
text/javascript 142.250.186.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N1200812.3230469APEXOUTCOMES/B24008644.271759989;dc_ver=81.235;sz=728x90;u_sd=1;dc_adk=2228999113;ord=tt8ddb;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCb9mis6CEYfuHM8bo3gPRvrGgAZugtPllhO3Un7gOv-iivcABEAEg5pSFGGCVgouCmAegAdus6LgCyAEJqQKRxi-N6qa2PqgDAaoEhgJP0N2OZBoqlhGLC-dXb5bAEPbf_UkzFg2EB7Hhcy7hzYg6Zx7Wo69H00XLTfQU_-sLlI-OtUae9p1hzT90Y0OWMm5CNZBYHz8Rs8cBKrZWuD8k_r_tS1ZUMPVpp_3wGONAVtu5jTAq5SXn_65BVMKUS_x-dm1Z4za0VQBdLaJGNUBgvLxCLe0Tz2s-VJH2fN78N50I_v6iLmHG-EObUnPmypA9txCfYVzkcIQQBTlmmjmrNjOK7Fy6bsUQ7JSwA7zXdOyXWGG-D692bjKebjCOnqs6WXEEVrTgpR9dSA3PhZw4QqP2WMDklJOVmBMhR4khkHZENCkXJLER6w73Tlsz0f9wg0-pwASy05W6zQPgBAOQBgGgBk2AB43Tl8cBqAfw2RuoB_LZG6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYHYAKA5gLAcgLAYAMAbAT4Yj5DNATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRoT4pQfkBt6hPxTYy-7NNNBg%26sig%3DAOD64_2QDWZWw5D1k5R0jP8ZBmS4sIToFQ%26client%3Dca-pub-8414627280054593%26dbm_c%3DAKAmf-BiKotspepYPYzSgOtHhEUZyHoZOuuXbQm_h732IOcOO8j5XuQwhE59ac19Ensb70zAE8AdOyQznCMGdLGvmb0mUjawVteXZ4zOsbJWaxT9g78YZASFixHQ67K3oJ-jNKENWnEJ4VDgBZ1vrfEQd31hApaIDA%26cry%3D1%26dbm_d%3DAKAmf-DQ0CgaortS3vfqRES-rpr689GbTAujC_cjsQdEvoMUAqukRl720MSbZc0AUOk8CKay1dmjhONoNOvn9yhuZ9MmZOsaK26IH9yk50Z_MXiUzsb-rDN95Akor9qZI0UGHJs1ViLHmY_RGJXxzk4Orr3j-fhBVFovs-YmY3jWC-kcVo1M9UVkBM4sG_FUG62Zj5XAliFwBUtrutd9uFFh6JEfVVeFWIv9jG8RnCJjKWbJrC6E9aAC8goJ0p1EX-YJgIM3A62npttt0nJTRE993c74ykbJM5A0Eyn_CvJVFttNTC0z5czBo6hBe89VtC3FdsTVj7z8qi_Pdas0Bji2SgWgcsWxFIr9deOch0OVbSN6TI2-a58BDrYMXTsv12Z8hifkTCqY2l8CaRHYjRBpS8GsuVpfj-p-iuEnC5dKyyUpJhghRxMZAy9JW8cyfBZ1YJhVgu6Y%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.wrtv.com%2F$0;xdt=1;crlt=4-zJVBdqOE;sttr=51;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v81.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f6.1e100.net

Software

cafe /

Resource Hash

140b58c06fdd8d86ca20a7eca26ae9ae1b72a937380cba39b711987930cd5e99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25276
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 0A35 22 KB
8 KB 20ms
20ms Document
text/html 2a00:1450:4025:402::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4025:402::84 Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Thu, 04 Nov 2021 01:37:16 GMT
expires: Fri, 04 Nov 2022 01:37:16 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 92008
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 dpixel
cms.quantserve.com/ Frame 6D4A 35 B
363 B 31ms
19ms Image
image/gif 91.228.74.134
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBMETXk2ph6QguR3yS3XMkI&google_cver=1&google_push=AYg5qPLH-53KPwWSkWSvMM0k_Eh_XZnRnyFEiOwP8n_2Fu0mGtWzypdvvHWrM1x7g5xN8s67Ao2bhyXyMMDwSVvMQeJj_VRjGQ

Requested by

Host: d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com
URL: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.134 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:44 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6D4A
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPLpNwBa99MmLo5JHoqWS5A&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPLpNwBa99MmLo5JHoqWS5A&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SWw5VmZRR0QxTUlQQ1E1&google_gid=CAESEPLpNwBa99MmLo5JHoqWS5A&google_cver=1&google_push=AYg5qPKcpQxUhIURnM4Wd3dUKpi7IKBmd_yI2mZNpIvOAOC...

170 B
188 B

17ms
17ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SWw5VmZRR0QxTUlQQ1E1&google_gid=CAESEPLpNwBa99MmLo5JHoqWS5A&google_cver=1&google_push=AYg5qPKcpQxUhIURnM4Wd3dUKpi7IKBmd_yI2mZNpIvOAOCJtNtCeD0u_ES2mI-62vDi9zqTrahQsNepRnHu1gLcDVeAL9QzRhY

Requested by

Host: d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com
URL: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 05 Nov 2021 03:10:44 GMT
Server: PingMatch/v2.0.30-691-gbabbd08#rel-ec2-master i-09c412c5345d1bfc7@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SWw5VmZRR0QxTUlQQ1E1&google_gid=CAESEPLpNwBa99MmLo5JHoqWS5A&google_cver=1&google_push=AYg5qPKcpQxUhIURnM4Wd3dUKpi7IKBmd_yI2mZNpIvOAOCJtNtCeD0u_ES2mI-62vDi9zqTrahQsNepRnHu1gLcDVeAL9QzRhY
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6D4A
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEIRb6tOjY2wFsJ6ToB4Wp3I&google_cver=1&google_push=AYg5qPKcVc--cpULV9CK_ODn4Y-rWDw_imPSgVM4xLdw2lellOTgfXW1qAXAnuf2iPGT0p5DwEYS-qx9rguj0c3w...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPKcVc--cpULV9CK_ODn4Y-rWDw_imPSgVM4xLdw2lellOTgfXW1qAXAnuf2iPGT0p5DwEYS-qx9rguj0c3wuOnrK4KiG78

170 B
188 B

17ms
16ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPKcVc--cpULV9CK_ODn4Y-rWDw_imPSgVM4xLdw2lellOTgfXW1qAXAnuf2iPGT0p5DwEYS-qx9rguj0c3wuOnrK4KiG78

Requested by

Host: d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com
URL: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 05 Nov 2021 03:10:44 GMT
Server: MT3 4067 88cc6bf master cdg-pixel-x10 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPKcVc--cpULV9CK_ODn4Y-rWDw_imPSgVM4xLdw2lellOTgfXW1qAXAnuf2iPGT0p5DwEYS-qx9rguj0c3wuOnrK4KiG78
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 05 Nov 2021 03:10:43 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 6D4A 0
141 B 47ms
13ms Image
text/plain 34.96.105.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEIwUlRGznZjSsdT-pMpzbmY&google_cver=1&google_push=AYg5qPL08usO_BMoGXdQvhbU-GXYWgllJizqzXxp3xJmXwQlveo4jz0zMI4uXdgzYch4btHs9qs5pbop8ViSahNpDdqFCrHmicM
Requested by: Host: d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com
URL: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 03:10:44 GMT
via: 1.1 google
alt-svc: clear

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6D4A
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKzNhRdGCThFm1atfggBloY&google_cver=1&google_push=AYg5qPI4uUsHgvvYqxLaRZLjgkBl28QMMwrtcPzMmREG2qoGeQHqXQiBYQYSRZPTEGNu89U4w0D...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZMU1ZYVUctWS0yOFcw&google_push=AYg5qPI4uUsHgvvYqxLaRZLjgkBl28QMMwrtcPzMmREG2qoGeQHqXQiBYQYSRZPTEGNu89U4w0DkJup7DDnUxEqLJrCmGmkaTQ

170 B
188 B

27ms
20ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZMU1ZYVUctWS0yOFcw&google_push=AYg5qPI4uUsHgvvYqxLaRZLjgkBl28QMMwrtcPzMmREG2qoGeQHqXQiBYQYSRZPTEGNu89U4w0DkJup7DDnUxEqLJrCmGmkaTQ

Requested by

Host: d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com
URL: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZMU1ZYVUctWS0yOFcw&google_push=AYg5qPI4uUsHgvvYqxLaRZLjgkBl28QMMwrtcPzMmREG2qoGeQHqXQiBYQYSRZPTEGNu89U4w0DkJup7DDnUxEqLJrCmGmkaTQ
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6D4A
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEP8chfTA3nznM3pZ4OPiPOA&google_cver=1&google_push=AYg5qPIWVF5qEi8RHsJuMKVcShBPwKyD8rPjAtqYa_iWI3oEvYD2jRYbigLn7vFCHwjfuw7ioa-X8wig5SLbqf3Y...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPIWVF5qEi8RHsJuMKVcShBPwKyD8rPjAtqYa_iWI3oEvYD2jRYbigLn7vFCHwjfuw7ioa-X8wig5SLbqf3YGHvIg9uIjg

170 B
188 B

18ms
17ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPIWVF5qEi8RHsJuMKVcShBPwKyD8rPjAtqYa_iWI3oEvYD2jRYbigLn7vFCHwjfuw7ioa-X8wig5SLbqf3YGHvIg9uIjg

Requested by

Host: d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com
URL: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 05 Nov 2021 03:10:44 GMT
via: 1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-P5
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPIWVF5qEi8RHsJuMKVcShBPwKyD8rPjAtqYa_iWI3oEvYD2jRYbigLn7vFCHwjfuw7ioa-X8wig5SLbqf3YGHvIg9uIjg
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: _OlKKWonZLrwVlLWUqQpMuOqIwJHc-zP0lQCwe4GlgrPQxtYmDKPkg==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6D4A
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEA...
https://sync.targeting.unrulymedia.com/csync/RX-80ce4e99-9ca2-4a78-affd-99a12c42a1da-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPLFpR160deII8LXm6L4s...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPLFpR160deII8LXm6L4sI6jlPd-UFZ2y7LRXBA98PxlnK-UIBEZe8NrpcB3GKJt-tYIhG8wOE_UI6vFR1QzKJDp8B-HTw&google_hm=A4DOTpmcokp4r_2ZoSxCodo

170 B
188 B

19ms
18ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPLFpR160deII8LXm6L4sI6jlPd-UFZ2y7LRXBA98PxlnK-UIBEZe8NrpcB3GKJt-tYIhG8wOE_UI6vFR1QzKJDp8B-HTw&google_hm=A4DOTpmcokp4r_2ZoSxCodo

Requested by

Host: d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com
URL: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPLFpR160deII8LXm6L4sI6jlPd-UFZ2y7LRXBA98PxlnK-UIBEZe8NrpcB3GKJt-tYIhG8wOE_UI6vFR1QzKJDp8B-HTw&google_hm=A4DOTpmcokp4r_2ZoSxCodo
date: Fri, 05 Nov 2021 03:10:45 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX80ce4e999ca24a78affd99a12c42a1da003
content-type: text/html

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 6D4A 0
12 B 20ms
18ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LtS2OfKnClTaZsK3RBXbY8ODj7JPrDjmoCBgbha51PBKFkmAZNEtB4qYOfctEC7pdLhhso

Requested by

Host: d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com
URL: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 03:10:44 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 cr6w3YeOZbdvzGsTB8jc1jWyQH2Tx0ZUK6FFw6rgKog.js Show response
pagead2.googlesyndication.com/bg/ Frame 153B 35 KB
13 KB 26ms
24ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/cr6w3YeOZbdvzGsTB8jc1jWyQH2Tx0ZUK6FFw6rgKog.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72beb0dd878e65b76fcc6b1307c8dcd635b2407d93c746542ba145c3aae02a88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 01:49:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4887
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13296
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 13:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 05 Nov 2022 01:49:17 GMT

GET
H3 200 bg.jpg
s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/ Frame 34DB 74 KB
74 KB 18ms
15ms Image
image/jpeg 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/bg.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff82bb92f844829b285f937ba9b8cd3c168c702fe5190117593ed5cb05b78a24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 23:00:00 GMT
x-content-type-options: nosniff
age: 15044
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 75447
x-xss-protection: 0
last-modified: Mon, 01 Nov 2021 12:36:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 04 Nov 2022 23:00:00 GMT

GET
H3 200 img-lensflare-0.png
s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/ Frame 34DB 4 KB
4 KB 24ms
17ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/img-lensflare-0.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

feb49fae7fd245f703b2fbeb29c41f136a34ee8bccfa2cc7c8a5a6fbfa4439ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 23:00:00 GMT
x-content-type-options: nosniff
age: 15044
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4352
x-xss-protection: 0
last-modified: Mon, 01 Nov 2021 12:36:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 04 Nov 2022 23:00:00 GMT

GET
H3 200 text1a.png
s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/ Frame 34DB 3 KB
3 KB 41ms
33ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/text1a.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8088f1d161a58af558862367e42cb9d6451ffb8bd973396ebed69da04d6188a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 23:00:00 GMT
x-content-type-options: nosniff
age: 15044
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3023
x-xss-protection: 0
last-modified: Mon, 01 Nov 2021 12:36:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 04 Nov 2022 23:00:00 GMT

GET
H3 200 text1b.png
s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/ Frame 34DB 3 KB
3 KB 40ms
32ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/text1b.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b5a4ee93e1379a85fe56c16769e11eb203372c1a230a5150c7ae4f4f542147f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 23:00:00 GMT
x-content-type-options: nosniff
age: 15044
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2584
x-xss-protection: 0
last-modified: Mon, 01 Nov 2021 12:36:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 04 Nov 2022 23:00:00 GMT

GET
H3 200 text1c.png
s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/ Frame 34DB 4 KB
4 KB 38ms
31ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/text1c.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

760144b690ee7570b72cf862a52ecf8678571ac6aecd431716c53a5e3f16d6dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 23:00:00 GMT
x-content-type-options: nosniff
age: 15044
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3655
x-xss-protection: 0
last-modified: Mon, 01 Nov 2021 12:36:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 04 Nov 2022 23:00:00 GMT

GET
H3 200 stoerer.png
s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/ Frame 34DB 3 KB
3 KB 38ms
30ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/stoerer.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3feb016374130f322d545f888f59bceb80667989dd11d9b5953f5cb1c04d1e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 23:00:00 GMT
x-content-type-options: nosniff
age: 15044
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2655
x-xss-protection: 0
last-modified: Mon, 01 Nov 2021 12:36:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 04 Nov 2022 23:00:00 GMT

GET
H3 200 text2.png
s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/ Frame 34DB 4 KB
4 KB 41ms
33ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/text2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3e24ac0b49f099ddbb00e219447f8d4aa4cd7021f38bd4c94c77747dc58ed2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 23:00:00 GMT
x-content-type-options: nosniff
age: 15044
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3787
x-xss-protection: 0
last-modified: Mon, 01 Nov 2021 12:36:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 04 Nov 2022 23:00:00 GMT

GET
H3 200 text3.png
s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/ Frame 34DB 3 KB
3 KB 44ms
36ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/text3.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

101dc7f34320cbce5950b82377f76ea6c59b54797aa19628de9b346497e7aaf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 23:00:00 GMT
x-content-type-options: nosniff
age: 15044
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2653
x-xss-protection: 0
last-modified: Mon, 01 Nov 2021 12:36:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 04 Nov 2022 23:00:00 GMT

GET
H3 200 text4.png
s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/ Frame 34DB 4 KB
4 KB 48ms
41ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/text4.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79b628a883191c8130a3382f904e50f5d4210b2abaac6227162e6b1e07f6c593

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 23:00:00 GMT
x-content-type-options: nosniff
age: 15044
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4233
x-xss-protection: 0
last-modified: Mon, 01 Nov 2021 12:36:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 04 Nov 2022 23:00:00 GMT

GET
H3 200 text5.png
s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/ Frame 34DB 3 KB
3 KB 46ms
39ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/text5.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32322986a3b686254b0bd0a35a1feff3886eee67ef8812baf9a7a0185df71a63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 23:00:00 GMT
x-content-type-options: nosniff
age: 15044
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2963
x-xss-protection: 0
last-modified: Mon, 01 Nov 2021 12:36:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 04 Nov 2022 23:00:00 GMT

GET
H3 200 legal1.png
s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/ Frame 34DB 11 KB
11 KB 47ms
39ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/legal1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79a48ca4e0e9b49e2cdf02fb8e1af695c0bcf48508d96aac0a9c0be160f99749

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 23:00:00 GMT
x-content-type-options: nosniff
age: 15044
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11631
x-xss-protection: 0
last-modified: Mon, 01 Nov 2021 12:36:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 04 Nov 2022 23:00:00 GMT

GET
H3 200 legal2.png
s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/ Frame 34DB 14 KB
14 KB 47ms
40ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/legal2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52b255c86ae6d99ee7e166fb426b5bd737bd64c166bd7655a6ca995311ebe6f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 23:00:00 GMT
x-content-type-options: nosniff
age: 15044
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14104
x-xss-protection: 0
last-modified: Mon, 01 Nov 2021 12:36:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 04 Nov 2022 23:00:00 GMT

GET
H3 200 cta.png
s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/ Frame 34DB 1 KB
1 KB 48ms
41ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/cta.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f9c986bc677282c44182cc3bfd5b2813607b6b1fd23d6f8d6a9dda208bc480e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 23:00:00 GMT
x-content-type-options: nosniff
age: 15044
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1296
x-xss-protection: 0
last-modified: Mon, 01 Nov 2021 12:36:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 04 Nov 2022 23:00:00 GMT

GET
H3 200 cta_2.png
s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/ Frame 34DB 1 KB
1 KB 48ms
41ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/cta_2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ea6cd9c53fbf12ca23803fbc243e351166ca35f12d3d4a00dd978a6000bd673

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 23:00:00 GMT
x-content-type-options: nosniff
age: 15044
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1316
x-xss-protection: 0
last-modified: Mon, 01 Nov 2021 12:36:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 04 Nov 2022 23:00:00 GMT

GET
H3 200 logo.png
s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/ Frame 34DB 2 KB
2 KB 49ms
41ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1323112ac126d2bc27da6f7e045a1f8d06a1dabaad2560ef8e8297cfc9379a2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 23:00:00 GMT
x-content-type-options: nosniff
age: 15044
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1756
x-xss-protection: 0
last-modified: Mon, 01 Nov 2021 12:36:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 04 Nov 2022 23:00:00 GMT

GET
H3 200 logo2.png
s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/ Frame 34DB 2 KB
2 KB 48ms
41ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/logo2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fbbc45aee6c23f17d07220ede528f0216aaf05b2b6238d47038ab3f9f0a6b374

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 23:00:00 GMT
x-content-type-options: nosniff
age: 15044
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1990
x-xss-protection: 0
last-modified: Mon, 01 Nov 2021 12:36:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 04 Nov 2022 23:00:00 GMT

GET
H3 200 tweenmax_1.19.0_643d6911392a3398cb1607993edabfa7_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 34DB 109 KB
37 KB 31ms
23ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.19.0_643d6911392a3398cb1607993edabfa7_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

36c0ec05d79bd9d3164effc3eca0f1962cd6f82bb1f41cb212e080910be24153

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 03:10:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37530
x-xss-protection: 0
last-modified: Tue, 06 Sep 2016 20:51:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 05 Nov 2021 03:10:44 GMT

GET
H3 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame CFA1 106 KB
37 KB 42ms
16ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: www.wrtv.com
URL: https://www.wrtv.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/
Origin: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 08:37:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66794
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 05 Nov 2021 08:37:30 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211101/r20110914/elements/html/ Frame CFA1 8 KB
3 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211101/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1200812.3230469APEXOUTCOMES/B24008644.271759989;dc_ver=81.235;sz=728x90;u_sd=1;dc_adk=2228999113;ord=tt8ddb;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCb9mis6CEYfuHM8bo3gPRvrGgAZugtPllhO3Un7gOv-iivcABEAEg5pSFGGCVgouCmAegAdus6LgCyAEJqQKRxi-N6qa2PqgDAaoEhgJP0N2OZBoqlhGLC-dXb5bAEPbf_UkzFg2EB7Hhcy7hzYg6Zx7Wo69H00XLTfQU_-sLlI-OtUae9p1hzT90Y0OWMm5CNZBYHz8Rs8cBKrZWuD8k_r_tS1ZUMPVpp_3wGONAVtu5jTAq5SXn_65BVMKUS_x-dm1Z4za0VQBdLaJGNUBgvLxCLe0Tz2s-VJH2fN78N50I_v6iLmHG-EObUnPmypA9txCfYVzkcIQQBTlmmjmrNjOK7Fy6bsUQ7JSwA7zXdOyXWGG-D692bjKebjCOnqs6WXEEVrTgpR9dSA3PhZw4QqP2WMDklJOVmBMhR4khkHZENCkXJLER6w73Tlsz0f9wg0-pwASy05W6zQPgBAOQBgGgBk2AB43Tl8cBqAfw2RuoB_LZG6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYHYAKA5gLAcgLAYAMAbAT4Yj5DNATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRoT4pQfkBt6hPxTYy-7NNNBg%26sig%3DAOD64_2QDWZWw5D1k5R0jP8ZBmS4sIToFQ%26client%3Dca-pub-8414627280054593%26dbm_c%3DAKAmf-BiKotspepYPYzSgOtHhEUZyHoZOuuXbQm_h732IOcOO8j5XuQwhE59ac19Ensb70zAE8AdOyQznCMGdLGvmb0mUjawVteXZ4zOsbJWaxT9g78YZASFixHQ67K3oJ-jNKENWnEJ4VDgBZ1vrfEQd31hApaIDA%26cry%3D1%26dbm_d%3DAKAmf-DQ0CgaortS3vfqRES-rpr689GbTAujC_cjsQdEvoMUAqukRl720MSbZc0AUOk8CKay1dmjhONoNOvn9yhuZ9MmZOsaK26IH9yk50Z_MXiUzsb-rDN95Akor9qZI0UGHJs1ViLHmY_RGJXxzk4Orr3j-fhBVFovs-YmY3jWC-kcVo1M9UVkBM4sG_FUG62Zj5XAliFwBUtrutd9uFFh6JEfVVeFWIv9jG8RnCJjKWbJrC6E9aAC8goJ0p1EX-YJgIM3A62npttt0nJTRE993c74ykbJM5A0Eyn_CvJVFttNTC0z5czBo6hBe89VtC3FdsTVj7z8qi_Pdas0Bji2SgWgcsWxFIr9deOch0OVbSN6TI2-a58BDrYMXTsv12Z8hifkTCqY2l8CaRHYjRBpS8GsuVpfj-p-iuEnC5dKyyUpJhghRxMZAy9JW8cyfBZ1YJhVgu6Y%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.wrtv.com%2F$0;xdt=1;crlt=4-zJVBdqOE;sttr=51;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 01:20:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6603
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 19 Nov 2021 01:20:41 GMT

GET
H2 200 main.gr.19.8.263.js Show response
static.adsafeprotected.com/ Frame CFA1 187 KB
60 KB 54ms
8ms Script
application/javascript 2600:9000:223f:f800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.263.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/rjss/st/415630/45225567/skeleton.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:f800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 177e5f948cc82a4c47e8019cabe6588a2dbecc64436ba17d6b949e223ea0cd3f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 19:39:33 GMT
content-encoding: gzip
age: 27073
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 04 Nov 2021 19:24:40 GMT
server: AmazonS3
etag: W/"9addc11e192d275e750ea5aea12ac7df"
vary: Accept-Encoding
x-amz-version-id: NVrRxFxGBFFuBDr8S8kpZkTNKXYqcIFm
via: 1.1 eb6e5773d654b9aeadbed8169564506d.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-P5
content-type: application/javascript
x-amz-cf-id: uspBcL-Hj7aVDQBB9e9q7Ka--u6TAio9DnKuaQf-pUFNU0eWSD_bZA==

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 5C7E 1 KB
749 B 19ms
19ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com
URL: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 04 Nov 2021 21:11:57 GMT
expires: Fri, 05 Nov 2021 21:11:57 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 21527
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame CFA1 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 54f66b2c726c86056975e10ebc14fbe66b643214cc84d50f0d12b7db9698e9a2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 6F62 22 KB
8 KB 21ms
20ms Document
text/html 2a00:1450:4025:402::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4025:402::84 Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Thu, 04 Nov 2021 01:37:16 GMT
expires: Fri, 04 Nov 2022 01:37:16 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 92008
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK stat Show response
stat.meetrics.net/ Frame 9BE7 82 B
351 B 38ms
11ms Script
application/javascript 148.251.84.39
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.meetrics.net/stat
Requested by: Host: s79.mxcdn.net
URL: https://s79.mxcdn.net/bb-mx/serve/mtrcs_220434.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.251.84.39 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h550.meetrics.de
Software: nginx /
Resource Hash: 79b208a19742aa53a96b0902c3b88c3434687c4b2453842d82a50c7b4080417e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 05 Nov 2021 03:10:45 GMT
Cache-Control: private, no-cache, must-revalidate
Last-Modified: Fri, 05 Nov 2021 03:10:01 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H/1.1 200
OK gettag Show response
s79.research.de.com/bb-mxad/ Frame 9BE7 0
208 B 44ms
11ms Script
application/octet-stream 88.198.52.202
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s79.research.de.com/bb-mxad/gettag
Requested by: Host: s79.mxcdn.net
URL: https://s79.mxcdn.net/bb-mx/serve/mtrcs_220434.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.198.52.202 Munich, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h530.meetrics.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 05 Nov 2021 03:10:45 GMT
Cache-control: private,must-revalidate
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/octet-stream

GET
H/1.1 200
OK submit
b100.s79.research.de.com/bb-mx/ Frame 9BE7 43 B
291 B 49ms
13ms Image
image/gif 178.63.107.139
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b100.s79.research.de.com/bb-mx/submit?/eemAB0AAA/whFtBo0F0wFz6BvvAk1BjmFx0A25Ay1AwiEj4BhwBhhF51A30AyzAl5B0hEmxBmmFuzEhmFlmFyhFtlFunEvvFnsFlzF5uFkpFjhF0pFvuFujEvtFvzEhmFlmFyhFtlFvxAtwAtzA4vAo0FtsFvjEvuF0hFpuFlyFuoE0tFsBF0pyFo0F0wFz6BvvA33F3uB3yF02FujEvtFvBE+k2FmywAyxAtxAwtAy5AtxA06Az5AtyAywA0zA0tAyuAxyAztAm4By3AkxBx0AKp6Fsp3Fx2Az2Aw4Ax4A00AxxA0BEjwtFuvFulFnqnFluFtVETsBluFL2wFBLl1FC/2xF3CylFx1FlzF0mF1sFszFjyFllFugBm1FssFzjFylFluFluFhiFslFkgBluFnpFulFfjFoyFvtFlfF5zAg3EpuFkvF3fF3lFirFp0Fz0FvyFhnFlpFumFvgB3pFukFv3Ff3FliFrpF0jFhuFjlFshFupFthF0pFvuFmyFhtFlgB3pFukFv3Ff3FliFrpF0yFlxF1lFz0FhuFptFh0FpvFumFyhFtlFgjEzzFf3FliFrpF0gBjwF1fF0gAyhFtfF4gAthF4fFluFnpFulFf5BzBELlnFB/k0FsBxgAwqFpkF9yAywA0zA0mAhkFj9B53A14Az2A2mAjwFpkF9yA23AxyAx5AxmAzpF0lF91A51Ay3Az5AmwEshFjlF9zAx4A4xAwzAy5AmjEpkF9xA2wA15Ay1AwxAmzEp6Fl9B3yA44E5wAmjEi9BxzAz4A43AzyAx3AUkzFmBFAAAAAAYLaBaBAPAAAAAAAAAOAAAAGBAAAAAYLaBaBABPmAAAAAAAAB/5AAZLAAFAx8Ez8ExBEEAz3AxxArfbnAPAAAFAA/5ATfbnASksF2EbAAAAAAAAAAAAEAAA/5AAAAAAAAIAy2A3xAyxA5xAJAzxA44AxwAzyA5BEHA15A1yA3zA5BEGA3yA44E5wAJAx2Aw1A5yA1wAxBEHA53A14Az2A2BEdAAAAAAYLAaBAFAAAfbnAAAeBo0F0wFz6BvvAzwBuyAtkFuuBulF0vBzhFkiF1uFksFlvB52A03A30A31Az2A21AwxA5xA25A5vAxwAtJEXFFtCEGXFtMElhFklFyiFvhFykFt3Ay4A45BwtACGFXvBpuFklF4uBo0FtsFCATCFAAAAAAAAAAAAAAGAJGFSBFNFFQtjF8fJ2VA
Requested by: Host: d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com
URL: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.63.107.139 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h294.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 05 Nov 2021 03:10:45 GMT
Server: nginx
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Content-Length: 43
Expires: Fri, 05 Nov 2021 03:10:44 GMT

GET
H/1.1 200
OK data
b100.s79.research.de.com/ Frame 9BE7 43 B
308 B 46ms
11ms Image
image/gif 178.63.107.139
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b100.s79.research.de.com/data?/eemAC1AAAl2yFuvFfhFwpFLktFDTkzFARksFAQtjFTbVNSA
Requested by: Host: d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com
URL: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.63.107.139 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h294.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 05 Nov 2021 03:10:45 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Fri, 05-Nov-21 03:10:44 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9BE7 0
23 B 57ms
43ms Ping
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuyr5wuFA752yBqz_6cTxaL_Qh_2e8daIyXYZXL-TGoOOLZZ33QgD78YpXqfpzpOhBxhWvMdE91brxu4RT1HmLGO-2XTKIdBfiry__qBrjztXGImYgFpqTlKBsaXr16fGEo9VBzT75fkw0oQVZt0y2k2K4hGYE2ucCnUpsEi2ICgtvQOxausWlGzAPj00bWuS_DfTQ3QNsYvyb8Qb2SUl4eXtJglOZby9eSO_2okxlGmhc3HnJ5VP-OnUrkUf1xZjlA8qIH7JtTn8ZLXsvt6Mau7mbBbcdL95rdTmvHjiHxwrJPOa4fk_ZLjxsZYZB1ZZbs4gUBsfJrWKnTiqJDxpJRkzmxV1F9T6QjBx6KqE3e83EQqf5m0feCp3vTRs82WN8oFOOK1LCsLbhby0hLOmP__KMKb0mFAtVXvqodk5iMVflpp8vz88hNxCBsqe_GL4jV6EIdnddWagoF2skhGYoJLFdTUKdd0h7gE2ERV4qXlvBg4qL8VjiHTL9oXcLA73bZZR8N79W_ykNZSGbK1Zrq4PL0i680o_HL-euXfllBs7jvxZqzy9ruQ8LlMzPCTI2UgpeWR_Gctj_YtduZn_gkgakrjB_wRBtOOtXe3SSQIuOQp7eMUAf0gBZNw_pbcGf3pKxfjs7TGZts_EPUXOazzox5muf4aNjWWGTTADBaE-4MU8Kpxaf7jhkwA6N-zaKdj8Mk6xqvlMb1vOPbOxSVH9ESGkL-AaUUOe76fC2VQDXoFlXjV3IiuEr89NbJizJk37QVSjpa3GBg26xYvHNmx2wex-Rw0ZCxT081cxHFJ_BAJB2auyNTWsc1EtEirXRlsoKIjTz68Eg-a-fWrCk1idNv7B0DC_NId_QGQ9eG-v4nF7fK_03ZXsP9uh2aQEGbByR4-BcDVikB4KuB8JCMi4v2OgoXV6TEXOiFci-5h5CtwbSBQ0qubcO5Av_W34nkb_f4EmJ98hPkpZOLgQaeyM1qP5C1Ysx9WVCQdh_Lgq3T85339bMLszvy5JeSce35CTLfCK3yVSwciTYP8tiIUN0DsTSMQZ_N2KaXNPhPiEoma9XpzlfA7QUahZSJKBNNuFNA18i3H4ORZqoe8eJ_qoAw7ObO-rTIfyMaaESsNN-Hua_nXvualg456jduFC4Eo0uqTqKuzEPq1njUaa_tC3VvMAghvyset2-GAsg4FYrfjP_u0BNOw82F1XrkMSQ_0oEuTtH8-6ihO0RJ3y9q3O4E35iXDkoi6rKVjTNMCf5OaWraDA&sai=AMfl-YTGr8LjL6wn4xz5W0l9wQviqtCGj0dsYHePkjov35mnrlnfVGJwiqv8ZIeePWJqpqeCJ2bp9OVlUXmFsc5LppzO7JB-u6Wd1wo_bhGTqu_7J-GHWpJ-9A05syOa18Vwm936uwezhVFWFkDpTXKd9aPzLJP6Tg&sig=Cg0ArKJSzPTmjjo5SNmiEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=489&vt=11&dtpt=296&dett=3&cstd=190&cisv=r20211103.92701&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.wrtv.com
URL: https://www.wrtv.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Fri, 05 Nov 2021 03:10:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 cr6w3YeOZbdvzGsTB8jc1jWyQH2Tx0ZUK6FFw6rgKog.js Show response
pagead2.googlesyndication.com/bg/ Frame 0A35 35 KB
13 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/cr6w3YeOZbdvzGsTB8jc1jWyQH2Tx0ZUK6FFw6rgKog.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72beb0dd878e65b76fcc6b1307c8dcd635b2407d93c746542ba145c3aae02a88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 01:49:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4888
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13296
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 13:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 05 Nov 2022 01:49:17 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/16670014928280162921/ Frame 0B90 99 KB
20 KB 15ms
14ms Document
text/html 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16670014928280162921/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3cfd96c3b7a1cc0049b29f75a6408751b901e66bd2a2706285cc97d79aa2e74e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
date: Thu, 04 Nov 2021 00:00:20 GMT
expires: Fri, 04 Nov 2022 00:00:20 GMT
last-modified: Fri, 23 Jul 2021 13:51:07 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
content-length: 20737
age: 97825
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame CFA1 0
23 B 46ms
46ms Ping
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss1Kz50_yMIY5-SBZ5SIqhnHxrxX0ewT5sOzqWkzDtZm6SLMHzjTYJ74szu3hCwLE2dsPjvr-vnM1QlabmLUXXxHAyF4YKyKhcpVzoFD_B7N4-lw4kRZN9ue0WezTBtcALQia7EtYtJG-3hNoN3&sig=Cg0ArKJSzAwEgtI9V8x0EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=197&cbvp=1&cstd=195&cisv=r20211101.48639&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.wrtv.com
URL: https://www.wrtv.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Fri, 05 Nov 2021 03:10:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame CFA1
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/415630/45225567/skeleton.js?adsafe_url=https%3A%2F%2Fwww.wrtv.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fd5cf1469250bc8a0aa957423e94af1ff.safeframe.googl...
https://static.adsafeprotected.com/skeleton.js

17 B
465 B

7ms
7ms

Script
application/javascript

2600:9000:223f:f800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Requested by: Host: d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com
URL: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 2600:9000:223f:f800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:35:57 GMT
via: 1.1 eb6e5773d654b9aeadbed8169564506d.cloudfront.net (CloudFront)
age: 10434889
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: 5eTFnNswNr4Xb2P-jMK50JjcGqNEJGjgqlgmejXf0CEFAAaF1EFIIA==

Redirect headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:45 GMT
x-server-name: app21.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame 9B51 80 KB
21 KB 7ms
7ms Script
application/javascript 2600:9000:223f:f800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com
URL: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:f800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 18:55:08 GMT
content-encoding: gzip
age: 6682538
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 eb6e5773d654b9aeadbed8169564506d.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-P5
content-type: application/javascript
x-amz-cf-id: SgdhhqnEXAtBjpnB3sGkKI-_I-xrmpYkizPVN7op_eJrHdVtIcldgQ==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame CFA1 43 B
215 B 311ms
99ms Image
image/gif 52.44.124.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=415630&asId=f6cec119-e6f4-effc-decd-8f353b4330a3&tv=%7Bc:t3HUc1,pingTime:-3,time:297,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:261%7D,%7Bpiv:0,vs:o,r:l,t:296%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:297,n:296,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:261,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B50~1,0~0%5D,as:%5B50~728.90%5D%7D%7D,%7Bsl:o,t:296,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B0~0%5D,as:%5B0~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sNR6GG4+1111%7C12%7C13%7C141%7C142%7C143%7C144%7C145%7C15%7C16*.415630-45225567%7C161%7C1621%7C163%7C164%7C165,idMap:16*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Requested by: Host: d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com
URL: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.44.124.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-44-124-140.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:45 GMT
x-server-name: dt46.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame CFA1 43 B
216 B 304ms
98ms Image
image/gif 52.44.124.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=415630&asId=f6cec119-e6f4-effc-decd-8f353b4330a3&tv=%7Bc:t3HUc6,pingTime:-6,time:302,type:i,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:302,n:296,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:261,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B50~1,0~0%5D,as:%5B50~728.90%5D%7D%7D,%7Bsl:o,t:296,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B5~0%5D,as:%5B5~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sNR6GG4+1111%7C12%7C13%7C141%7C142%7C143%7C144%7C145%7C15%7C16*.415630-45225567%7C161%7C1621%7C163%7C164%7C165,idMap:16*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&tpiLookup=ao:www.wrtv.com*&br=c
Requested by: Host: d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com
URL: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.44.124.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-44-124-140.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:45 GMT
x-server-name: dt50.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5C7E
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEPfyxMSl8C28Cc7dUgoIW6w&google_cver=1&google_push=AYg5qPKRRb6M9WvLJ7yLVnEErUok6d11vs48J6tzmZVK3dvI-CBDUq9Lb8TVG_s_p-VfwKs9Q5pK3cetmDMxxF2D...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=l-phhKC0QwCo3oODJgWaeQ&google_push=AYg5qPKRRb6M9WvLJ7yLVnEErUok6d11vs48J6tzmZVK3dvI-CBDUq9Lb8TVG_s_p-VfwKs9Q5pK3cetmDMxxF2D93VjAN-2...

170 B
188 B

18ms
17ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=l-phhKC0QwCo3oODJgWaeQ&google_push=AYg5qPKRRb6M9WvLJ7yLVnEErUok6d11vs48J6tzmZVK3dvI-CBDUq9Lb8TVG_s_p-VfwKs9Q5pK3cetmDMxxF2D93VjAN-216wL

Requested by

Host: d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com
URL: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 05 Nov 2021 03:10:45 GMT
Server: MT3 4067 88cc6bf master cdg-pixel-x16 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=l-phhKC0QwCo3oODJgWaeQ&google_push=AYg5qPKRRb6M9WvLJ7yLVnEErUok6d11vs48J6tzmZVK3dvI-CBDUq9Lb8TVG_s_p-VfwKs9Q5pK3cetmDMxxF2D93VjAN-216wL
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 05 Nov 2021 03:10:44 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5C7E
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJRCSnZZXHcvzhmRb6xfIWM&google_push=AYg5qPLPU_pA_niAMuATEpRrw9m3og8Gf3oQbWYCuHgWaA4HdWnDaUs6jE...

170 B
188 B

18ms
17ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJRCSnZZXHcvzhmRb6xfIWM&google_push=AYg5qPLPU_pA_niAMuATEpRrw9m3og8Gf3oQbWYCuHgWaA4HdWnDaUs6jEf5W7Emcn6lIG9t1dW1j6AelGh65VVx60Wj-b8pV-YI

Requested by

Host: d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com
URL: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:45 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1636081845.316680,VS0,VE93
x-served-by: cache-hhn4058-HHN
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJRCSnZZXHcvzhmRb6xfIWM&google_push=AYg5qPLPU_pA_niAMuATEpRrw9m3og8Gf3oQbWYCuHgWaA4HdWnDaUs6jEf5W7Emcn6lIG9t1dW1j6AelGh65VVx60Wj-b8pV-YI
cache-control: no-cache
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5C7E
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEAGsF-ZU3O2PgayUxsS3dH4&google_cver=1&google_push=AYg5qPJnD8fw1Vcon2KElsrlQbT2j_MrA128pH5hQo6hWv47mvLFkXM5Xo_uFg91zV3y15WZZ75ILkamQQ5J5HoPg8xOghW...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJnD8fw1Vcon2KElsrlQbT2j_MrA128pH5hQo6hWv47mvLFkXM5Xo_uFg91zV3y15WZZ75ILkamQQ5J5HoPg8xOghW3XDU&google_hm=NjI1ODQxOTg0Njg3MzYzOTA...

170 B
188 B

18ms
17ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJnD8fw1Vcon2KElsrlQbT2j_MrA128pH5hQo6hWv47mvLFkXM5Xo_uFg91zV3y15WZZ75ILkamQQ5J5HoPg8xOghW3XDU&google_hm=NjI1ODQxOTg0Njg3MzYzOTAwOA%3D%3D

Requested by

Host: d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com
URL: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 05 Nov 2021 03:10:45 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJnD8fw1Vcon2KElsrlQbT2j_MrA128pH5hQo6hWv47mvLFkXM5Xo_uFg91zV3y15WZZ75ILkamQQ5J5HoPg8xOghW3XDU&google_hm=NjI1ODQxOTg0Njg3MzYzOTAwOA%3D%3D
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5C7E
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Di-5bqgARqCTlkQc0ZoLjQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

18ms
17ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Di-5bqgARqCTlkQc0ZoLjQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLz3VbaRcI77fMtcMbxO1Py50ROIdOcZZDuu5Mhz0W_7qTJBk83tQ7O4G_j1XrxRrj2mY-HiXGhi-48WEfrTcSHOaTJuvc

Requested by

Host: d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com
URL: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Di-5bqgARqCTlkQc0ZoLjQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLz3VbaRcI77fMtcMbxO1Py50ROIdOcZZDuu5Mhz0W_7qTJBk83tQ7O4G_j1XrxRrj2mY-HiXGhi-48WEfrTcSHOaTJuvc
date: Fri, 05 Nov 2021 03:10:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5C7E
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENkORWeq8j69cCD4fwpQP_4&google_cver=1&google_push=AYg5qPLceV1LJrZM_Hc-t5PdHyqMvqI-DB330gbIZdHPOSqtfY1bxlExZvEsYCXjqtqvpOZlTPw...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZMU1ZYVUctWS0yOFcw&google_push=AYg5qPLceV1LJrZM_Hc-t5PdHyqMvqI-DB330gbIZdHPOSqtfY1bxlExZvEsYCXjqtqvpOZlTPwupxR1Nrm7XcR0SbiKMoYW9yhG

170 B
188 B

18ms
17ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZMU1ZYVUctWS0yOFcw&google_push=AYg5qPLceV1LJrZM_Hc-t5PdHyqMvqI-DB330gbIZdHPOSqtfY1bxlExZvEsYCXjqtqvpOZlTPwupxR1Nrm7XcR0SbiKMoYW9yhG

Requested by

Host: d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com
URL: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZMU1ZYVUctWS0yOFcw&google_push=AYg5qPLceV1LJrZM_Hc-t5PdHyqMvqI-DB330gbIZdHPOSqtfY1bxlExZvEsYCXjqtqvpOZlTPwupxR1Nrm7XcR0SbiKMoYW9yhG
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 5C7E
Redirect Chain

https://onetag-sys.com/sync/i,19/?google_gid=CAESEBL0XVyzB7ECQWuNDqOVPCo&google_cver=1&google_push=AYg5qPKjXWpVHJkLdP7psTVMtsIUkchAJbpEb1kYfbJmahLJBf1IfEcxFwZpzeL7Ppc1aFoSWuKVQKIhqqO9jWdmvLMFGLDQnxI
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKjXWpVHJkLdP7psTVMtsIUkchAJbpEb1kYfbJmahLJBf1IfEcxFwZpzeL7Ppc1aFoSWuKVQKIhqqO9jWdmvLMFGLDQnxI&google_hm=cjR5YWMyY0ZzZDlhSEtiZ...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKjXWpVHJkLdP7psTVMtsIUkchAJbpEb1kYfbJmahLJBf1IfEcxFwZpzeL7Ppc1aFoSWuKVQKIhqqO9jWdmvLMFGLDQnxI&google_hm=cjR5YWMyY0ZzZDlhSEtiZ...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKjXWpVHJkLdP7psTVMtsIUkchAJbpEb1kYfbJmahLJBf1IfEcxFwZpzeL7Ppc1aFoSWuKVQKIhqqO9jWdmvLMFGLDQnxI&google_hm=cjR5YWMyY0ZzZDlhSEtiZ...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKjXWpVHJkLdP7psTVMtsIUkchAJbpEb1kYfbJmahLJBf1IfEcxFwZpzeL7Ppc1aFoSWuKVQKIhqqO9jWdmvLMFGLDQnxI&google_hm=cjR5YWMyY0ZzZDlhSEtiZ...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKjXWpVHJkLdP7psTVMtsIUkchAJbpEb1kYfbJmahLJBf1IfEcxFwZpzeL7Ppc1aFoSWuKVQKIhqqO9jWdmvLMFGLDQnxI&google_hm=cjR5YWMyY0ZzZDlhSEtiZ...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKjXWpVHJkLdP7psTVMtsIUkchAJbpEb1kYfbJmahLJBf1IfEcxFwZpzeL7Ppc1aFoSWuKVQKIhqqO9jWdmvLMFGLDQnxI&google_hm=cjR5YWMyY0ZzZDlhSEtiZ...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKjXWpVHJkLdP7psTVMtsIUkchAJbpEb1kYfbJmahLJBf1IfEcxFwZpzeL7Ppc1aFoSWuKVQKIhqqO9jWdmvLMFGLDQnxI&google_hm=cjR5YWMyY0ZzZDlhSEtiZ...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKjXWpVHJkLdP7psTVMtsIUkchAJbpEb1kYfbJmahLJBf1IfEcxFwZpzeL7Ppc1aFoSWuKVQKIhqqO9jWdmvLMFGLDQnxI&google_hm=cjR5YWMyY0ZzZDlhSEtiZ...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKjXWpVHJkLdP7psTVMtsIUkchAJbpEb1kYfbJmahLJBf1IfEcxFwZpzeL7Ppc1aFoSWuKVQKIhqqO9jWdmvLMFGLDQnxI&google_hm=cjR5YWMyY0ZzZDlhSEtiZ...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKjXWpVHJkLdP7psTVMtsIUkchAJbpEb1kYfbJmahLJBf1IfEcxFwZpzeL7Ppc1aFoSWuKVQKIhqqO9jWdmvLMFGLDQnxI&google_hm=cjR5YWMyY0ZzZDlhSEtiZ...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKjXWpVHJkLdP7psTVMtsIUkchAJbpEb1kYfbJmahLJBf1IfEcxFwZpzeL7Ppc1aFoSWuKVQKIhqqO9jWdmvLMFGLDQnxI&google_hm=cjR5YWMyY0ZzZDlhSEtiZ...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKjXWpVHJkLdP7psTVMtsIUkchAJbpEb1kYfbJmahLJBf1IfEcxFwZpzeL7Ppc1aFoSWuKVQKIhqqO9jWdmvLMFGLDQnxI&google_hm=cjR5YWMyY0ZzZDlhSEtiZ...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKjXWpVHJkLdP7psTVMtsIUkchAJbpEb1kYfbJmahLJBf1IfEcxFwZpzeL7Ppc1aFoSWuKVQKIhqqO9jWdmvLMFGLDQnxI&google_hm=cjR5YWMyY0ZzZDlhSEtiZ...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKjXWpVHJkLdP7psTVMtsIUkchAJbpEb1kYfbJmahLJBf1IfEcxFwZpzeL7Ppc1aFoSWuKVQKIhqqO9jWdmvLMFGLDQnxI&google_hm=cjR5YWMyY0ZzZDlhSEtiZ...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKjXWpVHJkLdP7psTVMtsIUkchAJbpEb1kYfbJmahLJBf1IfEcxFwZpzeL7Ppc1aFoSWuKVQKIhqqO9jWdmvLMFGLDQnxI&google_hm=cjR5YWMyY0ZzZDlhSEtiZ...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKjXWpVHJkLdP7psTVMtsIUkchAJbpEb1kYfbJmahLJBf1IfEcxFwZpzeL7Ppc1aFoSWuKVQKIhqqO9jWdmvLMFGLDQnxI&google_hm=cjR5YWMyY0ZzZDlhSEtiZ...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKjXWpVHJkLdP7psTVMtsIUkchAJbpEb1kYfbJmahLJBf1IfEcxFwZpzeL7Ppc1aFoSWuKVQKIhqqO9jWdmvLMFGLDQnxI&google_hm=cjR5YWMyY0ZzZDlhSEtiZ...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKjXWpVHJkLdP7psTVMtsIUkchAJbpEb1kYfbJmahLJBf1IfEcxFwZpzeL7Ppc1aFoSWuKVQKIhqqO9jWdmvLMFGLDQnxI&google_hm=cjR5YWMyY0ZzZDlhSEtiZ...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKjXWpVHJkLdP7psTVMtsIUkchAJbpEb1kYfbJmahLJBf1IfEcxFwZpzeL7Ppc1aFoSWuKVQKIhqqO9jWdmvLMFGLDQnxI&google_hm=cjR5YWMyY0ZzZDlhSEtiZ...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKjXWpVHJkLdP7psTVMtsIUkchAJbpEb1kYfbJmahLJBf1IfEcxFwZpzeL7Ppc1aFoSWuKVQKIhqqO9jWdmvLMFGLDQnxI&google_hm=cjR5YWMyY0ZzZDlhSEtiZ...

0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5C7E
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEO...
https://sync.targeting.unrulymedia.com/csync/RX-80ce4e99-9ca2-4a78-affd-99a12c42a1da-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPIpsQvdpWufj0Zo_FY9o...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPIpsQvdpWufj0Zo_FY9o5b7b8kLUFzJeV8Wgy-3750FL7pcvXsDQvAZCc5ailiw2mlk-UYyzCzMMZEbFiqifJm2LNftfWQ9&google_hm=A4DOTpmcokp4r_2ZoSxCodo

170 B
188 B

17ms
17ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPIpsQvdpWufj0Zo_FY9o5b7b8kLUFzJeV8Wgy-3750FL7pcvXsDQvAZCc5ailiw2mlk-UYyzCzMMZEbFiqifJm2LNftfWQ9&google_hm=A4DOTpmcokp4r_2ZoSxCodo

Requested by

Host: d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com
URL: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPIpsQvdpWufj0Zo_FY9o5b7b8kLUFzJeV8Wgy-3750FL7pcvXsDQvAZCc5ailiw2mlk-UYyzCzMMZEbFiqifJm2LNftfWQ9&google_hm=A4DOTpmcokp4r_2ZoSxCodo
date: Fri, 05 Nov 2021 03:10:45 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX80ce4e999ca24a78affd99a12c42a1da003
content-type: text/html

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 5C7E 0
12 B 15ms
14ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IDxBpdx3V2oOL31BHzkeAw0SouJCWnK9KjakIz4D17OlV7AvxYnhxIyWFJqvrKkJDQtJRs

Requested by

Host: d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com
URL: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 03:10:45 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 dt
dt.adsafeprotected.com/ Frame CFA1 43 B
215 B 267ms
98ms Image
image/gif 52.44.124.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=415630&asId=f6cec119-e6f4-effc-decd-8f353b4330a3&tv=%7Bc:t3HUcJ,pingTime:-2,time:341,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:357,bdZ:487,beA:780,beZ:781,mfA:1023,cmA:1025,inA:1025,inZ:1029,prA:1029,prZ:1035,si:1042,poA:1043,poZ:1058,cmZ:1058,mfZ:1058,loA:1078,loZ:1084,ltA:1121,ltZ:1121%7D%7D,sca:%7Bdfp:%7Bdf:3,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:261%7D,%7Bpiv:0,vs:o,r:l,t:296%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:341,n:296,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:261,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B50~1,0~0%5D,as:%5B50~728.90%5D%7D%7D,%7Bsl:o,t:296,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B45~0%5D,as:%5B45~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sNR6GG4+1111%7C12%7C13%7C141%7C142%7C143%7C144%7C145%7C15%7C16*.415630-45225567%7C161%7C1621%7C163%7C164%7C165,idMap:16*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:DIV.qs.sn,sinceFw:78,readyFired:true%7D&br=c
Requested by: Host: d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com
URL: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.44.124.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-44-124-140.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:45 GMT
x-server-name: dt47.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H/1.1 200
OK data
b100.s79.research.de.com/ Frame 9BE7 43 B
308 B 12ms
11ms Image
image/gif 178.63.107.139
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b100.s79.research.de.com/data?/eemADhEAAzrvFo0F0wFz6BvvA33F3uB3yF02FujEvtFLruFBLkqFFlqwFyyAw0Az0AL2vFBLl1FDLkqFK0kyByyAw0Az0A6zE0hF0jFi6BwyFl0FptFlBF2qoFx2Az2Aw4Ax4A00AxxA03A3zAxpEwyAn1FxBFlqwFyyAw0Az0ALkmFBTkzFzQbBAAAAAAAYAAAAOCAQBAAAAAAAAXAAAAOCAPRBAAZAwSAcAAAARksFAQtjFWnwVSA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.63.107.139 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h294.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 05 Nov 2021 03:10:45 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Fri, 05-Nov-21 03:10:44 GMT

GET
H3 200 aNNWlbpyBdP4mP9d7th6qOA8X9p-adJ6S1XSHexjUrk.js Show response
pagead2.googlesyndication.com/bg/ Frame 6F62 35 KB
13 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/aNNWlbpyBdP4mP9d7th6qOA8X9p-adJ6S1XSHexjUrk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68d35695ba7205d3f898ff5deed87aa8e03c5fda7e69d27a4b55d21dec6352b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 01:50:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4811
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13338
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 13:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 05 Nov 2022 01:50:34 GMT

GET
H3 200 DcmEnabler_01_246.js Show response
s0.2mdn.net/879366/ Frame 0B90 28 KB
10 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_246.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16670014928280162921/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44e04e4776c58b34580006ef8e8a1e1ae336f3e9c429ae242fe9a8f090889b79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16670014928280162921/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 08:37:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66795
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10121
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 20:54:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 05 Nov 2021 08:37:30 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame CFA1 0
23 B 42ms
42ms Ping
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss1Kz50_yMIY5-SBZ5SIqhnHxrxX0ewT5sOzqWkzDtZm6SLMHzjTYJ74szu3hCwLE2dsPjvr-vnM1QlabmLUXXxHAyF4YKyKhcpVzoFD_B7N4-lw4kRZN9ue0WezTBtcALQia7EtYtJG-3hNoN3&sig=Cg0ArKJSzAwEgtI9V8x0EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=422&vt=11&dtpt=225&dett=3&cstd=195&cisv=r20211101.48639&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.wrtv.com
URL: https://www.wrtv.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Fri, 05 Nov 2021 03:10:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 Group_25.svg
s0.2mdn.net/sadbundle/16670014928280162921/ Frame 0B90 6 KB
2 KB 15ms
14ms Image
image/svg+xml 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16670014928280162921/Group_25.svg

Requested by

Host: d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com
URL: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

485ba6d2ae61daafb41e4292e89b612020270df70952ea23f75d151f36384621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16670014928280162921/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 02:16:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 89681
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2129
x-xss-protection: 0
last-modified: Fri, 23 Jul 2021 13:51:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 04 Nov 2022 02:16:04 GMT

GET
H3 200 Group_133.svg
s0.2mdn.net/sadbundle/16670014928280162921/ Frame 0B90 27 KB
7 KB 16ms
15ms Image
image/svg+xml 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16670014928280162921/Group_133.svg

Requested by

Host: d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com
URL: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f33ddcfd3fe82be25a6acdfef8849c6af4317c9fb8fd37507df70747cec2fe46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16670014928280162921/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 17:51:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 206373
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7109
x-xss-protection: 0
last-modified: Fri, 23 Jul 2021 13:51:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 02 Nov 2022 17:51:12 GMT

GET
H3 200 Path_472.svg
s0.2mdn.net/sadbundle/16670014928280162921/ Frame 0B90 10 KB
3 KB 17ms
16ms Image
image/svg+xml 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16670014928280162921/Path_472.svg

Requested by

Host: d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com
URL: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13e7993286c9d94388488848f663400010af10a0ca5cfde38b8b0881fa6b6d04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16670014928280162921/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 04:06:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 601442
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2766
x-xss-protection: 0
last-modified: Fri, 23 Jul 2021 13:51:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 29 Oct 2022 04:06:43 GMT

GET
H3 200 AlignTech_Case_Aligners_Black.png
s0.2mdn.net/sadbundle/16670014928280162921/ Frame 0B90 86 KB
87 KB 18ms
16ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16670014928280162921/AlignTech_Case_Aligners_Black.png

Requested by

Host: d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com
URL: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c0c847b67ed4820d2e0acb1a4462da36069e06825a6083df46b54b4e7f4c2de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16670014928280162921/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 04:06:43 GMT
x-content-type-options: nosniff
age: 601442
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 88557
x-xss-protection: 0
last-modified: Fri, 23 Jul 2021 13:51:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 29 Oct 2022 04:06:43 GMT

GET
H3 200 Mask_Group_3.png
s0.2mdn.net/sadbundle/16670014928280162921/ Frame 0B90 7 KB
7 KB 18ms
17ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16670014928280162921/Mask_Group_3.png

Requested by

Host: d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com
URL: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e085396f14259508b9e8fd68f97b35ecd80ca1fa5759094c3f0c2fef43324493

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16670014928280162921/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 09:43:57 GMT
x-content-type-options: nosniff
age: 62808
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7644
x-xss-protection: 0
last-modified: Fri, 23 Jul 2021 13:51:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 04 Nov 2022 09:43:57 GMT

GET
H3 200 Ellipse_1_1.png
s0.2mdn.net/sadbundle/16670014928280162921/ Frame 0B90 42 KB
42 KB 20ms
18ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16670014928280162921/Ellipse_1_1.png

Requested by

Host: d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com
URL: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

95adfbce20b8f852f86df6223fbd9f57cfa659ffdcae5f2ff95c524aaa2bc9cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16670014928280162921/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 23:42:07 GMT
x-content-type-options: nosniff
age: 98918
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42986
x-xss-protection: 0
last-modified: Fri, 23 Jul 2021 13:51:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 03 Nov 2022 23:42:07 GMT

GET
H3 200 Group-137-2x_2.jpg
s0.2mdn.net/sadbundle/16670014928280162921/ Frame 0B90 42 KB
42 KB 20ms
19ms Image
image/jpeg 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16670014928280162921/Group-137-2x_2.jpg

Requested by

Host: d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com
URL: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

465e6e205d5624e2c26e9866efaf2a14c5dfcd02e623976755240251782ad54d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16670014928280162921/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 05:32:16 GMT
x-content-type-options: nosniff
age: 250709
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42723
x-xss-protection: 0
last-modified: Fri, 23 Jul 2021 13:51:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 02 Nov 2022 05:32:16 GMT

GET
H3 200 Invisalign_Primary_NoR_REV.svg
s0.2mdn.net/sadbundle/16670014928280162921/ Frame 0B90 35 KB
25 KB 23ms
21ms Image
image/svg+xml 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16670014928280162921/Invisalign_Primary_NoR_REV.svg

Requested by

Host: d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com
URL: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d1149945b7dc34659a57778ddef27ff34c57889fff8d865989baf38252ad1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16670014928280162921/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 04:21:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 600559
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25834
x-xss-protection: 0
last-modified: Fri, 23 Jul 2021 13:51:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 29 Oct 2022 04:21:26 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 153B 0
20 B 49ms
48ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BZmOCtKCEYZLSIoTf3wPujouQCgAAAAA4AeAEAg&bg=!KCulK2_NAAYH3anuB907ACkAdvg8WpfWym4lskF-8ubIEOWRk8bZCdpKlJhmNqy0n3RqkbQX5k9NPQIAAAH7UgAAACxoAQcKABpnv2nunTKT5Fm7iAPAFiiciQN7KUSRxBuDjpkDDC84n6N1r-ZNOTzPwGUNxzHuGezW-xvFravkVRzoMQHISprl2B4DhyM8qKhb1JygtyOGKImxyF-c6mb-tZRpaMLwlHMwHDG5zEsbBkT2d62hl0RKXPjLvjXWTkVZW0iPSwF8mNgw3aSsIrTGa0Nj_WV_vZ1SNMHSbheodT9L113ngYUZ8QT9HL427CbTRFLHtrNm42uyICs-T1f5yWFODvolxNrncyF9twCl537x1az_MZ4imEp6Oe0LxNkeAEPof5r4x-4VjasAHTNpYLWvZ25wFzL8eYwBACzhxnTNTsbwZJP1LTQhi6kpUCfEOTk-aXYQ71fA25Xj2mP02mst4vixfzPc8RKYN_kWev9pdzNxaDqi-3iiuWLnmwiiqXwiRCz8tKyK2JrlXWvp8zsB77c2B21L5nGWCv9Cc4R64WiSGEbPpJHQW_Zkoeul0x4nNog3sFudqXzVGD7n-cqpLnsurn56tfteyjHxBqT41Aj2dQN9F6rV882aqYlWoo9QiIgTfhwSMX-FDDdf0t1JJc9IuU2UOFAdi5Bu0M4N26VHXhR2EtkdJJTjOzGxNJd2BWvOXRELZUlbcfg6Vz60YsIfdbjIB7n6_5key3rJWvOb-1YB2IMPOqSO9do5HTRG2Y2VEEd60Pv4D6DOq-fOIOYI_4Oi1F6eTrepelRTN-M-hkZPp6AAIqLxGw5FrCg98iWJb884vuWXNOYWhCYkwTMWRx2WhFz8VxyJ7eLS6zvMNCRCjNxVgBx0q3Y0ERSutPTPVxfy0Hef_yjrRzzdNQ1fGCdq-sQ_zLYHY4DILdDgHsepju9bqIDX4VVzptcs25V9OG2V2aFooByDaPmeBdswNUZc61icFTs0HUqA4a6rph8NZVd5tmDODwIoS1qlZmVt0ZX-EWbk6nDi5lMLCyyWosqDJYF3Nspf67-1LbeMSqqPOpiwB2oHwQfF4qGkWOGOsgkO03dRUKbKg52vNovKY0rQoHjHPtmmhBVBKNQUbTQmho1rap7CPEY1T-GNUiG54JPyQzVoQ3lNIQ

Requested by

Host: d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com
URL: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame CFA1 43 B
215 B 99ms
98ms Image
image/gif 52.44.124.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=415630&asId=f6cec119-e6f4-effc-decd-8f353b4330a3&tv=%7Bc:t3HUhC,time:644,type:e,im:%7Bimprf:%7Bttecl:814,ecd:7,tsecr:44%7D%7D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:644,n:296,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:261,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B50~1,0~0%5D,as:%5B50~728.90%5D%7D%7D,%7Bsl:o,t:296,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B347~0%5D,as:%5B347~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:341,fm:sNR6GG4+1111%7C12%7C13%7C141%7C142%7C143%7C144%7C145%7C15%7C16*.415630-45225567%7C161%7C1621%7C163%7C164%7C165,idMap:16*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.44.124.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-44-124-140.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:45 GMT
x-server-name: dt13.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame CFA1 43 B
215 B 99ms
98ms Image
image/gif 52.44.124.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=415630&asId=f6cec119-e6f4-effc-decd-8f353b4330a3&tv=%7Bc:t3HUhR,pingTime:-10,time:659,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85NS4wLjQ2MzguNTQgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1636081845610%7C%7C1698fffd31173165fa6f125ed5724e1f%7C%7C9ceebc4ad83ababb94d4029b4dca4e66%7C%7Cde03de0a7f8291d78e717e2002765f71%7C%7C696b892fd3f2d45cc9d2e171671bad5c%7C%7C121a2feb54e7bc9802674d4db3b3bcca%7C%7C8103b1c0b739ece47bb14a8a27a382ad%7C%7C256720bfdf669edcd5c5546f8c10e11d%7C%7C1629390669%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.44.124.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-44-124-140.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:45 GMT
x-server-name: dt20.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0A35 0
20 B 49ms
49ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bqu7BtKCEYdCiINaNgAe01r9oAAAAADgB4AQC&bg=!GRqlGl7NAAYH3anuB907ACkAdvg8WgHWh9jD2aeO1e6COvLCNBsXLFmE13n-9RRN6SfW57QtEW3dAgIAAAE7UgAAACZoAQeZAvyNC08dDWQy0JiuPm9t66IHBsEKkTXiz9ywVt29XP1pCjpyIBHzAxowQ0KpTdHjjom28FjI-RnPGRD7X5Jnq6vswWKTtBWFOUAgaAkpiRs1SS32pKH9a3Bt3Jl7wdQE2hpsZqXm-_582XQT8Y8QleMRYyyvZZX7Rcm80rCoiaxGNgtq6hE4p6kwK8WyiqhTJebbZyvLo_7GFa4qV9dZxUqY5523gvSfTfMhNEyrhUDnfmmB2FS3UawOQeWdIxoYmjxRIRjuYnwUJ8PPrDiV7CJ5RGhM5MwuEpQ1o4ipgFYLmZK5-M4rWKpxgApNNspX9g5TFxalGcBLWAw3Cf5alv2WowMEgw_ppxKDpRlDAGJDBN4rMLy0tMRZF596WUJCw4OkWDXNx_WMI-qh8MjEJexaGfDDV1IxjqvsSewJoUEXEeFLudiNp9xpz-8-d7GcHWTK8pOZ8G2-h3M7ZZI8rq1UUJmE92z8rUE-mpPHsJ6lxKFSiY-ln3-j9-x3jr0ILOzfIJtT5M_rIBqpJpdQhtM1N5K9DhrFq248EynBlpND6wY5LaFdD6EJ12KszQ2gtP62J45S8X-iayc6ijZoI_rtWC7WrcRFObsCh0G3t07P8rbVqeyrYVf3FBccF9cg-xGJfCvIV-rKguc3dWWBrw5NBr0k45FdcHq6heN6t2IplfhfDqZqE7hl-m3N86GyXCld_nN0sR_jJS8NrgVO495F_dV7FDY5yS_pvmEq-wz58neZsvWWZrL-rYaQzHr0K4fWEP7n1VPA0ZaiHFLeAfX5VVOMD0el57M7qfWa40c75jmUlsczKVpLK9p2z5QdH7XCC9iegrDuaAm4e6CmwmYzHGdrbC0SuRTHdqh_3eqg7iBC1oLgQx4QlbiDwzmr2o-tr9gj4fq8tv_uLkm41wCxmeuUMydAgrbBGWORh1R-5ck9YMYdW6Y3wC42IqJLQz3VfauKwti3yjBPi5VKLwlM1XS8DXvvTF8YjQHd7FtmTM61KGnCJ1C9XxqoGQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6F62 0
20 B 50ms
50ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BMyCUtKCEYYnVM-TE7_UPiN60oA8AAAAAOAHgBAI&bg=!XV6lXhrNAAYH3anuB907ACkAdvg8Ws6oeBIOScOeKI6L6WD2jwq9e9ALU4ZFpAdKgjfd-mQUgzm4LwIAAAD8UgAAAAtoAQcKAHUioH8LlkjhcNHBx5NfTS8FLqL2apMhn8ytslK0mPQEgM2ztEryZeH9aLfAlc_zYnf47xb-WE6bZROXyUOXcPd1B44LZYmK5QL6LA3y8gR6udq0cflKdkcpjJQe1DuEd0A0wO1GJ1UN5HjqLOz6ywtwLgqmH2SZAwpWpRthFH2fkLCs0D0SvT2R5hktG2WUEGk7t6Q2E7liSk0Q3tQ_er0npdvmujwpqvRXHvsKkH7qV7kD09tQqoTXlPwU5CbIfb4nLMkOi7SgcMQc-6sCS5yfT67GD8bWyXumVP4Dz1fX7THfwCD3PCAfds2ts6zhIceAEYOTfNBudtryGcBzMjRLFxJ5lWnHeZNptF3IgObUV3Q5kU7qJrxYmdZTLRX1i21tw0lvB8YtRY1F3HUFJw5V4fBKGTVZzvJkzoW5bnxd2xufP8q_i-Eul_K2I9ivQpuntWtnobQ3l15iYbau16HpB_UvXZ5_YTPXpHQTbLbEvfOsJU9R-5T8hBk714NhOKpEmI_2LJ6bHOX7ace_5wqB5vvRAVj1F26N18Ax6oqeZtWsAEbpjODy0Gk85f6Ad-XROG15KwN1H-ivmJXZAiVHZeghE-ki5ZIxnJ-X8qOQnonGe_OfazEwzrX2AUe579nkCb55WL--LxKaqcxxNGxyTHh5TQQlv8XLZ-AUcUovJWftjnxerjrzo35QkgnMiq-5uXkmXqv0V_bIUEb5DpYZ2anrjWrogf5X4wvZPw1WbKcZkZRsoJJOhcAv7Z-1c1HXMiL9INnJKYsQQi3A_jnahw6iE2GDo83N2gTpsaxEaMRvai7WiKheemzH8--UlAn8lzilIJ4xxWhqAqFagyd93n6I1W7dNl1YGtwiI9uImJMdXqJ2zHUSwHVPNPuFZnSt-MZLoNby61XtHqH8eGsrphq5wa-DKKRtHG0YYHjFYOY3Q1D9KSyTclVqtfkXNyIpdqh5su1xdvn7Tok2BOdmKt5jqw6UX4_6bbOIGdavLAeroYGI3ClwO6tNVJePLzjo_xS2GQcUeq2IbKeSP6Iz6q94PRToQwEnsqi-PBk0xIAcE7RKZvltGB8APHCyUkFfuCSdRiuHEv57Bisrl6plA-9rrOtVP-H1VUisrC5ZVUrIk-0yWIZgN4sLpwchEweDTTGWnAwqk9vwvddptff2HlIW2GieWHgabd8aP5ksb47b

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 18ms
17ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&zMoatAdUnit1=ssp.wrtv&zMoatAdUnit2=inview-bottom&wf=1&ra=3&pxm=3&sgs=3&vb=11&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=CRACKED_SCRIPPS_DFP_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B*EjrG%3DH%3CA.a%24%7D9H%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-au92djWwZ10QbMk%2BqjMratT%2F8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-WC5uNxErYklCYg%3D%3D&sc=1&os=1-Lg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.wrtv.com%2F&pcode=crackedscrippsdfpprebidheader262014341684&rx=999788427589&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&zMoatpage=-&zMoatpos=above%2C6&zMoatpt=landing%2Cfalse&g=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=728&rm=1&fy=436&gp=1106&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.wrtv.com%2F&id=1&ii=4&f=0&j=&t=1636081842968&de=741499513057&cu=1636081842968&m=2759&ar=553ffc12ef5-clean&iw=aa17278&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=1106&lb=8089&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A908%3A908%3A1854%3A780&as=1&ag=1095&an=7&gi=1&gf=1095&gg=7&ix=1095&ic=1095&ez=1&ck=1095&kw=900&aj=1&pg=100&pf=100&ib=1&cc=1&bw=1095&bx=7&ci=1095&jz=900&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=900&cd=13&ah=900&am=13&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=16839141%3A237842901%3A5250393788%3A138298488418&gw=crackedscrippsdfpprebidheader262014341684&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=195402&na=470498647&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:45 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 05 Nov 2021 03:10:45 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 19ms
18ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&zMoatAdUnit1=ssp.wrtv&zMoatAdUnit2=inview-bottom&wf=1&ra=3&pxm=3&sgs=3&vb=11&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=CRACKED_SCRIPPS_DFP_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B*EjrG%3DH%3CA.a%24%7D9H%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-au92djWwZ10QbMk%2BqjMratT%2F8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-WC5uNxErYklCYg%3D%3D&sc=1&os=1-Lg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.wrtv.com%2F&pcode=crackedscrippsdfpprebidheader262014341684&rx=999788427589&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&zMoatpage=-&zMoatpos=above%2C6&zMoatpt=landing%2Cfalse&g=2&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=728&rm=1&fy=436&gp=1106&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.wrtv.com%2F&id=1&ii=4&f=0&j=&t=1636081842968&de=741499513057&cu=1636081842968&m=2760&ar=553ffc12ef5-clean&iw=aa17278&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=1106&lb=8089&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A908%3A908%3A1854%3A780&as=1&ag=1095&an=1095&gi=1&gf=1095&gg=1095&ix=1095&ic=1095&ez=1&ck=1095&kw=900&aj=1&pg=100&pf=100&ib=1&cc=1&bw=1095&bx=1095&ci=1095&jz=900&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=900&cd=900&ah=900&am=900&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=16839141%3A237842901%3A5250393788%3A138298488418&gw=crackedscrippsdfpprebidheader262014341684&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=195402&na=1014444743&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:45 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 05 Nov 2021 03:10:45 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 18ms
18ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&zMoatAdUnit1=ssp.wrtv&zMoatAdUnit2=inview-bottom&wf=1&ra=3&pxm=3&sgs=3&vb=11&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=CRACKED_SCRIPPS_DFP_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B*EjrG%3DH%3CA.a%24%7D9H%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-au92djWwZ10QbMk%2BqjMratT%2F8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-WC5uNxErYklCYg%3D%3D&sc=1&os=1-Lg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.wrtv.com%2F&pcode=crackedscrippsdfpprebidheader262014341684&rx=999788427589&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&zMoatpage=-&zMoatpos=above%2C6&zMoatpt=landing%2Cfalse&g=3&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=728&rm=1&fy=436&gp=1106&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.wrtv.com%2F&id=1&ii=4&f=0&j=&t=1636081842968&de=741499513057&cu=1636081842968&m=2761&ar=553ffc12ef5-clean&iw=aa17278&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=1106&lb=8089&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A908%3A908%3A1854%3A780&as=1&ag=1095&an=1095&gi=1&gf=1095&gg=1095&ix=1095&ic=1095&ez=1&ck=1095&kw=900&aj=1&pg=100&pf=100&ib=1&cc=1&bw=1095&bx=1095&ci=1095&jz=900&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=900&cd=900&ah=900&am=900&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=16839141%3A237842901%3A5250393788%3A138298488418&gw=crackedscrippsdfpprebidheader262014341684&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=195402&na=1349277221&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:45 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 05 Nov 2021 03:10:45 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9BE7 42 B
64 B 51ms
30ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu88xzqHDEpryGOtU6bUpTWc8-AmikqZ5LSXxVrLvpT2Bkdr63YqzE4JVThqRvnRIux5ViiT86-Q4GsrLFHx5MgmJLSWyq_9aYMBZ-0ywAjifb9Yfvg5A&sai=AMfl-YS_0afRRpH7qGzgtDAPX5Tdt2HwqFOBHXhVP3rnUTDaTnDWDw9Wbrpih0g2MJr_6ePlRWMiUfR01oFPCm3ePxYwsUf6GNsqoRbr9PU9gt1c3dGvQQK8HxoXNec&sig=Cg0ArKJSzJgv4677Dd94EAE&cid=CAASEuRonuZcwrVFMajmaDpvjO7yuw&id=lidar2&mcvt=1000&p=1106,436,1196,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211103&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2443142646&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636081844114&rpt=651&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK data
b100.s79.research.de.com/ Frame 9BE7 43 B
308 B 11ms
11ms Image
image/gif 178.63.107.139
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b100.s79.research.de.com/data?/eemAERYAATkzFARksFAQtjFcwJNSA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.63.107.139 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h294.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 05 Nov 2021 03:10:46 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Fri, 05-Nov-21 03:10:45 GMT

GET
H2 200 generic Show response
match.adsrvr.org/track/cmf/ Frame 7FDB 70 B
265 B 110ms
34ms Document
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/

Response headers

date: Fri, 05 Nov 2021 03:10:48 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

2000248.html Show response
serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/ Frame 2A2C
Redirect Chain

https://sync.serverbid.com/ss/2000248.html
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html

4 KB
5 KB

75ms
9ms

Document
text/html

205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html

Requested by

Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

d47b0a558d4b3c185baeca529965752d946921f4a10cb7c442b9bbee6985c4a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/

Response headers

Date: Fri, 05 Nov 2021 03:10:49 GMT
Connection: Keep-Alive
Cache-Control: max-age=48016
Content-Length: 4376
Content-Type: text/html
Last-Modified: Thu, 31 Jan 2019 14:12:06 GMT
Accept-Ranges: bytes
etag: "8ca299ba400101b6642362a2bceff771"
x-amz-request-id: tx0000000000000206f8a14-0061840ac9-67dcc8f-nyc3a
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 13
x-rgw-object-type: Normal
Vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW: 1636081849.dop239.fr8.t,1636081849.cds280.fr8.shn,1636081849.dop239.fr8.t,1636081849.cds267.fr8.c

Redirect headers

content-length: 0
location: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
cache-control: no-cache

GET
H2 200 pd Show response
eu-u.openx.net/w/1.0/ Frame 3430 668 B
720 B 25ms
18ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=1
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: a31c751b0ef7619b3dea3585bb13184d3721a05958288bdf4f6df63d57407fc1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/

Response headers

vary: Accept, Accept-Encoding
server: OXGW/16.218.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Fri, 05 Nov 2021 03:10:48 GMT
content-type: text/html
content-length: 420
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2

200

sync Show response
eb2.3lift.com/ Frame 06AA
Redirect Chain

https://eb2.3lift.com/sync?
https://eb2.3lift.com/sync?&ld=1

1 KB
1 KB

8ms
8ms

Document
text/html

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?&ld=1
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: e5fe4bfdc13b08bcb1f102edd51d21e453bb7acdf9b913ca5ff91177ee8a2959

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/

Response headers

date: Fri, 05 Nov 2021 03:10:48 GMT
content-type: text/html; charset=utf-8
content-length: 463
content-encoding: gzip
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control: no-cache, no-store, must-revalidate

Redirect headers

date: Fri, 05 Nov 2021 03:10:48 GMT
content-length: 0
location: /sync?&ld=1
cache-control: no-cache, no-store, must-revalidate
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 0D32 52 KB
17 KB 37ms
7ms Document
text/html 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Mon, 01 Nov 2021 05:06:57 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Fri, 05 Nov 2021 03:10:48 GMT
Age: 81543
X-Served-By: cache-lga21977-LGA, cache-hhn4031-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1200151
X-Timer: S1636081849.808980,VS0,VE0
Vary: Accept-Encoding

GET
H2 200 pd Show response
eu-u.openx.net/w/1.0/ Frame F4BB 668 B
731 B 20ms
17ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=1
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: a31c751b0ef7619b3dea3585bb13184d3721a05958288bdf4f6df63d57407fc1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/

Response headers

vary: Accept, Accept-Encoding
server: OXGW/16.218.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Fri, 05 Nov 2021 03:10:48 GMT
content-type: text/html
content-length: 420
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame 900B 0
0 329ms
105ms Document
text/plain 67.202.105.22
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=bFmFVUByqr67OuaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.22 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip22.67-202-105.static.steadfastdns.net
Software: 33XP002 /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/

Response headers

x-33x-status: 2000208
server: 33XP002
date: Fri, 05 Nov 2021 03:10:48 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 66FC 281 B
554 B 43ms
15ms Document
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 26 Oct 2021 17:01:05 GMT
ETag: "40334-119-5cf446c48f640"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 05 Nov 2021 03:10:48 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1

200
OK

2000248.html Show response
serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/ Frame 55AD
Redirect Chain

https://sync.serverbid.com/ss/2000248.html
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html

4 KB
5 KB

76ms
9ms

Document
text/html

205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html

Requested by

Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

d47b0a558d4b3c185baeca529965752d946921f4a10cb7c442b9bbee6985c4a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/

Response headers

Date: Fri, 05 Nov 2021 03:10:49 GMT
Connection: Keep-Alive
Cache-Control: max-age=48016
Content-Length: 4376
Content-Type: text/html
Last-Modified: Thu, 31 Jan 2019 14:12:06 GMT
Accept-Ranges: bytes
etag: "8ca299ba400101b6642362a2bceff771"
x-amz-request-id: tx0000000000000206f8a14-0061840ac9-67dcc8f-nyc3a
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 13
x-rgw-object-type: Normal
Vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW: 1636081849.dop239.fr8.t,1636081849.cds275.fr8.shn,1636081849.dop239.fr8.t,1636081849.cds267.fr8.c

Redirect headers

content-length: 0
location: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
cache-control: no-cache

GET
H2

200

sync Show response
eb2.3lift.com/ Frame 2C1C
Redirect Chain

https://eb2.3lift.com/sync?
https://eb2.3lift.com/sync?&ld=1

1 KB
1 KB

7ms
7ms

Document
text/html

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?&ld=1
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: e5fe4bfdc13b08bcb1f102edd51d21e453bb7acdf9b913ca5ff91177ee8a2959

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/

Response headers

date: Fri, 05 Nov 2021 03:10:48 GMT
content-type: text/html; charset=utf-8
content-length: 463
content-encoding: gzip
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control: no-cache, no-store, must-revalidate

Redirect headers

date: Fri, 05 Nov 2021 03:10:48 GMT
content-length: 0
location: /sync?&ld=1
cache-control: no-cache, no-store, must-revalidate
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame A255 52 KB
17 KB 36ms
11ms Document
text/html 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Mon, 01 Nov 2021 05:06:57 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Fri, 05 Nov 2021 03:10:48 GMT
Age: 81543
X-Served-By: cache-lga21977-LGA, cache-hhn4034-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1204659
X-Timer: S1636081849.813670,VS0,VE0
Vary: Accept-Encoding

GET
H2

200

usersync
rtb.gumgum.com/
Redirect Chain

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://rtb.gumgum.com/usersync?b=idi&i=c4646e2e-1663-4bf9-866e-7621af67c874

35 B
237 B

46ms
36ms

Image
image/gif

54.77.19.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=idi&i=c4646e2e-1663-4bf9-866e-7621af67c874
Protocol: H2
Server: 54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-19-59.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:48 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

location: https://rtb.gumgum.com/usersync?b=idi&i=c4646e2e-1663-4bf9-866e-7621af67c874
date: Fri, 05 Nov 2021 03:10:48 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET

6.gif
id5-sync.com/c/441/19/4/
Redirect Chain

https://id5-sync.com/s/441/9.gif?puid=&gdpr=1&gdpr_consent=
https://id5-sync.com/c/441/441/9/1.gif?puid=0&gdpr=1&gdpr_consent=
https://ice.360yield.com/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMOFXSrW3ceimlZZx-U_pe_I5JE1do-t2vimdD6Fg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F916%2F8%2F2.gif%3Fpuid%3...
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMOFXSrW3ceimlZZx-U_pe_I5JE1do-t2vimdD6Fg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F916%2F8%2F2.gif%3F...
https://id5-sync.com/cq/441/916/8/2.gif?puid=96310b6f-ccec-4bb2-8745-ddb576156aa4&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOFXSrW3ceimlZZx-U_pe_I5JE1do-t2vimdD6Fg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F7%2F3.gif%3Fpuid%3D...
https://id5-sync.com/cq/441/124/7/3.gif?puid=96310b6f-ccec-4bb2-8745-ddb576156aa4&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
https://ads.avocet.io/getuid?url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
https://id5-sync.com/c/441/146/6/4.gif?puid=8a8cb146-efd1-42aa-9299-8ea49a963497&gdpr=1&gdpr_consent=
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY
https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&domid=1033
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domi...
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=103...
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEPfHXVKDdV9zVE1c58C838Y&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0Rv...
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=2387150951497595618&opid=apx&ops=&utidl=tech:goo:CAESEPfHXVKDdV9zVE1c58C838Y&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0a...
https://id5-sync.com/qp/18.gif?puid=vec%3A22246664957&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/4/6.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/4/6.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
https://id5-sync.com/c/441/19/4/6.gif?puid=f4c959eff063f7e52f462011b36c20bb&gdpr=1&gdpr_consent=

0
0

GET
H/1.1 200
OK data
b100.s79.research.de.com/ Frame 9BE7 43 B
308 B 11ms
11ms Image
image/gif 178.63.107.139
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b100.s79.research.de.com/data?/eemAFp7AAl2yFuvFfhFwpFTkzFARksFAQtjFOrRNSA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.63.107.139 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h294.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 05 Nov 2021 03:10:48 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Fri, 05-Nov-21 03:10:47 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame F4BB
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=97ea6184-a0b4-4300-a8de-838326059a79

43 B
106 B

17ms
16ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=97ea6184-a0b4-4300-a8de-838326059a79
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=1
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:48 GMT
via: 1.1 google
server: OXGW/16.218.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Fri, 05 Nov 2021 03:10:48 GMT
Server: MT3 4067 88cc6bf master cdg-pixel-x2 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=97ea6184-a0b4-4300-a8de-838326059a79
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 05 Nov 2021 03:10:47 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame F4BB
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=Glg8n01ZZpgBX2HIHggpz0heMc0BXmCbT1ypNooF

43 B
106 B

17ms
16ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=Glg8n01ZZpgBX2HIHggpz0heMc0BXmCbT1ypNooF
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=1
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:48 GMT
via: 1.1 google
server: OXGW/16.218.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:48 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=Glg8n01ZZpgBX2HIHggpz0heMc0BXmCbT1ypNooF
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame F4BB
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=9105954489318236834

43 B
106 B

16ms
16ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=9105954489318236834
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=1
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:48 GMT
via: 1.1 google
server: OXGW/16.218.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:48 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=9105954489318236834
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame F4BB 70 B
264 B 126ms
125ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=210829b9-1e5d-3e5b-5a91-5ff2e14c76d4&gdpr=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:48 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame F4BB 170 B
188 B 21ms
21ms Image
image/png 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MGQ2N2ZhNzMtZDcyYS02MGZmLTRmNzEtMDU0YjJiYWViOGI0

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame F4BB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFLVp5VIPr7DcefRiH2929c&google_cver=1

43 B
106 B

18ms
18ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFLVp5VIPr7DcefRiH2929c&google_cver=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=1
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:48 GMT
via: 1.1 google
server: OXGW/16.218.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:48 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFLVp5VIPr7DcefRiH2929c&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 3430
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=97ea6184-a0b4-4300-a8de-838326059a79

43 B
106 B

17ms
16ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=97ea6184-a0b4-4300-a8de-838326059a79
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=1
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:48 GMT
via: 1.1 google
server: OXGW/16.218.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Fri, 05 Nov 2021 03:10:48 GMT
Server: MT3 4067 88cc6bf master cdg-pixel-x29 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=97ea6184-a0b4-4300-a8de-838326059a79
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 05 Nov 2021 03:10:47 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 3430
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=Glg8n01ZZpgBX2HIHggpz0heMc0BXmCbT1ypNooF

43 B
106 B

18ms
18ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=Glg8n01ZZpgBX2HIHggpz0heMc0BXmCbT1ypNooF
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=1
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:48 GMT
via: 1.1 google
server: OXGW/16.218.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:48 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=Glg8n01ZZpgBX2HIHggpz0heMc0BXmCbT1ypNooF
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 3430
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7453374732976846464

43 B
106 B

17ms
16ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7453374732976846464
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=1
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:48 GMT
via: 1.1 google
server: OXGW/16.218.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:48 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7453374732976846464
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame 3430 70 B
264 B 33ms
32ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=210829b9-1e5d-3e5b-5a91-5ff2e14c76d4&gdpr=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:48 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 3430 170 B
188 B 16ms
16ms Image
image/png 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MGQ2N2ZhNzMtZDcyYS02MGZmLTRmNzEtMDU0YjJiYWViOGI0

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 3430
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFLVp5VIPr7DcefRiH2929c&google_cver=1

43 B
106 B

16ms
16ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFLVp5VIPr7DcefRiH2929c&google_cver=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=1
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:48 GMT
via: 1.1 google
server: OXGW/16.218.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:48 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFLVp5VIPr7DcefRiH2929c&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 2C1C 70 B
264 B 33ms
32ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:48 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

xuid
eb2.3lift.com/ Frame 2C1C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEDHfGOahjLr_LHXYeLng5Jg&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1

37 B
353 B

8ms
8ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEDHfGOahjLr_LHXYeLng5Jg&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 03:10:48 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:48 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEDHfGOahjLr_LHXYeLng5Jg&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 332
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2C1C
Redirect Chain

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTUwOTQ1ODg0Njg0MDU1MDQ0MDI%3D

170 B
188 B

20ms
19ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTUwOTQ1ODg0Njg0MDU1MDQ0MDI%3D

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTUwOTQ1ODg0Njg0MDU1MDQ0MDI%3D
date: Fri, 05 Nov 2021 03:10:48 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 setuid
px.ads.linkedin.com/ Frame 2C1C 0
598 B 500ms
188ms Image
text/plain 2620:119:50e1:101::6cae:b25

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=15094588468405504402&dbredirect=true&gdpr=1&consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:119:50e1:101::6cae:b25 -, , ASN (),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 03:10:49 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-proto: http/2
x-li-pop: prod-esv5
content-length: 0
x-li-uuid: bKTWCMaHtBawAK0NmCsAAA==

GET
H2

200

xuid
eb2.3lift.com/ Frame 2C1C
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/triplelift/15094588468405504402?gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2662&xuid=y-q7Rf6TVE2oSKXWrIjDHitrp.Vpen9o9u7RJwMG7BFg--~A&dongle=0883

37 B
353 B

8ms
8ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2662&xuid=y-q7Rf6TVE2oSKXWrIjDHitrp.Vpen9o9u7RJwMG7BFg--~A&dongle=0883
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 03:10:48 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date: Fri, 05 Nov 2021 03:10:48 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://eb2.3lift.com/xuid?mid=2662&xuid=y-q7Rf6TVE2oSKXWrIjDHitrp.Vpen9o9u7RJwMG7BFg--~A&dongle=0883
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame 2C1C 43 B
220 B 68ms
7ms Image
image/gif 18.157.198.157
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=triplelift&user_id=15094588468405504402&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.157.198.157 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-198-157.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 05 Nov 2021 03:10:48 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 c.gif
c.bing.com/ Frame 2C1C 42 B
592 B 65ms
29ms Image
image/gif 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?xid=15094588468405504402&Red3=TLMS_pd
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:48 GMT
etag: "af5a8b34ac1d71:0"
last-modified: Thu, 14 Oct 2021 22:27:41 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6B649F0AA5E04806B44811E3205E121A Ref B: FRAEDGE1318 Ref C: 2021-11-05T03:10:48Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

GET
H/1.1

200
OK

iu3
s.amazon-adsystem.com/ Frame 2C1C
Redirect Chain

https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=15094588468405504402
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=15094588468405504402&dcc=t

0
0

102ms
102ms

Image
text/html

209.54.176.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=15094588468405504402&dcc=t
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: HTTP/1.1
Server: 209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Fri, 05 Nov 2021 03:10:49 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 16NNCGXNN6QE1FZVPEY5
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=15094588468405504402&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 2C1C
Redirect Chain

https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1

37 B
139 B

8ms
7ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 03:10:49 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

Location: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma: no-cache
Date: Fri, 05 Nov 2021 03:10:49 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 95
Content-Type: text/html; charset=utf-8

GET
H2

200

xuid
eb2.3lift.com/ Frame 2C1C
Redirect Chain

https://ad.turn.com/r/cs?pid=49&gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=4771&xuid=3894433036581876719&dongle=d407

37 B
353 B

10ms
9ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=4771&xuid=3894433036581876719&dongle=d407
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 03:10:48 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://eb2.3lift.com/xuid?mid=4771&xuid=3894433036581876719&dongle=d407
pragma: no-cache
date: Fri, 05 Nov 2021 03:10:48 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 06AA 70 B
264 B 33ms
32ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:48 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

xuid
eb2.3lift.com/ Frame 06AA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEDHfGOahjLr_LHXYeLng5Jg&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1

37 B
353 B

12ms
11ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEDHfGOahjLr_LHXYeLng5Jg&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 03:10:48 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:48 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEDHfGOahjLr_LHXYeLng5Jg&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 332
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 06AA
Redirect Chain

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTUwOTQ1ODg0Njg0MDU1MDQ0MDI%3D

170 B
188 B

20ms
19ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTUwOTQ1ODg0Njg0MDU1MDQ0MDI%3D

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTUwOTQ1ODg0Njg0MDU1MDQ0MDI%3D
date: Fri, 05 Nov 2021 03:10:48 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 setuid
px.ads.linkedin.com/ Frame 06AA 0
285 B 548ms
236ms Image
text/plain 2620:119:50e1:101::6cae:b25

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=15094588468405504402&dbredirect=true&gdpr=1&consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:119:50e1:101::6cae:b25 -, , ASN (),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 03:10:49 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-proto: http/2
x-li-pop: prod-esv5
content-length: 0
x-li-uuid: 9pzyCMaHtBYAAIEhlysAAA==

GET
H2

200

xuid
eb2.3lift.com/ Frame 06AA
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/triplelift/15094588468405504402?gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2662&xuid=y-q7Rf6TVE2oSKXWrIjDHitrp.Vpen9o9u7RJwMG7BFg--~A&dongle=0883

37 B
353 B

9ms
9ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2662&xuid=y-q7Rf6TVE2oSKXWrIjDHitrp.Vpen9o9u7RJwMG7BFg--~A&dongle=0883
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 03:10:48 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date: Fri, 05 Nov 2021 03:10:48 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://eb2.3lift.com/xuid?mid=2662&xuid=y-q7Rf6TVE2oSKXWrIjDHitrp.Vpen9o9u7RJwMG7BFg--~A&dongle=0883
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame 06AA 43 B
220 B 66ms
7ms Image
image/gif 18.157.198.157
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=triplelift&user_id=15094588468405504402&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.157.198.157 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-198-157.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 05 Nov 2021 03:10:48 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 c.gif
c.bing.com/ Frame 06AA 42 B
260 B 64ms
30ms Image
image/gif 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?xid=15094588468405504402&Red3=TLMS_pd
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:48 GMT
etag: "af5a8b34ac1d71:0"
last-modified: Thu, 14 Oct 2021 22:27:41 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 653F9C1C276C4A28AFE3953A809EE1F2 Ref B: FRAEDGE1318 Ref C: 2021-11-05T03:10:48Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

GET
H/1.1

200
OK

iu3
s.amazon-adsystem.com/ Frame 06AA
Redirect Chain

https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=15094588468405504402
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=15094588468405504402&dcc=t

0
0

106ms
106ms

Image
text/html

209.54.176.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=15094588468405504402&dcc=t
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: HTTP/1.1
Server: 209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Fri, 05 Nov 2021 03:10:49 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: AT4HYBMQF3FYW9MGV37Z
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=15094588468405504402&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 06AA
Redirect Chain

https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1

37 B
139 B

7ms
7ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 03:10:49 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

Location: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma: no-cache
Date: Fri, 05 Nov 2021 03:10:49 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 95
Content-Type: text/html; charset=utf-8

GET
H2

200

xuid
eb2.3lift.com/ Frame 06AA
Redirect Chain

https://ad.turn.com/r/cs?pid=49&gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=4771&xuid=3966490630619804655&dongle=d407

37 B
353 B

8ms
8ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=4771&xuid=3966490630619804655&dongle=d407
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 03:10:48 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://eb2.3lift.com/xuid?mid=4771&xuid=3966490630619804655&dongle=d407
pragma: no-cache
date: Fri, 05 Nov 2021 03:10:48 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 66FC 32 KB
10 KB 25ms
25ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 3f05ae4278eca1b6aa4e143f137e4c5c78cf3c13b4f24e671096308f80c01b31

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 05 Nov 2021 03:10:48 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Nov 2021 21:03:19 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=56140
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9511
Expires: Fri, 05 Nov 2021 18:46:28 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 0D32 0
729 B 14ms
13ms Script
text/html 185.33.221.89
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 05 Nov 2021 03:10:48 GMT
X-Proxy-Origin: 193.27.14.10; 193.27.14.10; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 7b74e50f-7a7e-4d65-bdb0-a9ad2518bed8
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame A255 0
729 B 13ms
13ms Script
text/html 185.33.221.89
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 05 Nov 2021 03:10:48 GMT
X-Proxy-Origin: 193.27.14.10; 193.27.14.10; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: ced33f93-5a0d-41d2-8f37-d7c64c75b5fb
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 66FC
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=97ea6184-a0b4-4300-a8de-838326059a79&expires=28

0
239 B

10ms
8ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=97ea6184-a0b4-4300-a8de-838326059a79&expires=28
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Content-Type: image/gif

Redirect headers

Date: Fri, 05 Nov 2021 03:10:49 GMT
Server: MT3 4067 88cc6bf master cdg-pixel-x29 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=97ea6184-a0b4-4300-a8de-838326059a79&expires=28
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 05 Nov 2021 03:10:48 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 66FC
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/Jr5NWdY_doQzv4D9iNgblQ?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6258419846873639008

0
239 B

9ms
9ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6258419846873639008
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Content-Type: image/gif

Redirect headers

date: Fri, 05 Nov 2021 03:10:49 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6258419846873639008
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 66FC
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZMU1ZYVUctWS0yOFcw

170 B
188 B

17ms
16ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZMU1ZYVUctWS0yOFcw

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZMU1ZYVUctWS0yOFcw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 66FC
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=M2U0NGIxOGU2YTExZTE3OTUyYjE4YWRjZGZjNWNjZTQ2OTYzZDFlYw

170 B
188 B

17ms
17ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=M2U0NGIxOGU2YTExZTE3OTUyYjE4YWRjZGZjNWNjZTQ2OTYzZDFlYw

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=M2U0NGIxOGU2YTExZTE3OTUyYjE4YWRjZGZjNWNjZTQ2OTYzZDFlYw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 451 709414.gif
id.rlcdn.com/ Frame 66FC 0
0 40ms
14ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/709414.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 66FC 70 B
264 B 33ms
32ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:49 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 66FC
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YYSgtQAAAmVOSQAz

0
239 B

7ms
7ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YYSgtQAAAmVOSQAz
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:49 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1636081849.014646,VS0,VE0
x-served-by: cache-hhn4058-HHN
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YYSgtQAAAmVOSQAz
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 66FC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEM_05ostvLIlRmwT5-naVLI&google_cver=1

0
239 B

8ms
8ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEM_05ostvLIlRmwT5-naVLI&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:49 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEM_05ostvLIlRmwT5-naVLI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame EFED
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17632&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east

281 B
554 B

8ms
7ms

Document
text/html

23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 26 Oct 2021 17:01:05 GMT
ETag: "40334-119-5cf446c48f640"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 05 Nov 2021 03:10:49 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Date: Fri, 05 Nov 2021 03:10:49 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame A4DB 14 KB
5 KB 65ms
18ms Document
text/html 2.18.233.180

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=52559
expires: Fri, 05 Nov 2021 17:46:48 GMT
date: Fri, 05 Nov 2021 03:10:49 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/ib/static/usersync/v3/ Frame DD44 995 B
1 KB 7ms
6ms Document
text/html 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

Connection: keep-alive
Content-Length: 506
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: W/"573e714d-3e3"
Expires: Thu, 06 May 2021 05:24:22 GMT
Cache-Control: max-age=31536000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Fri, 05 Nov 2021 03:10:49 GMT
Age: 15803185
X-Served-By: cache-lga21980-LGA, cache-hhn4034-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 194520, 176244
X-Timer: S1636081849.177677,VS0,VE0
Vary: Accept-Encoding

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/ Frame 2A2C
Redirect Chain

https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D%24%7BUID%7D
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=19&userId=18d6a676-a7c2-0db2-311d-9fe76017b459

0
44 B

98ms
98ms

Image
text/plain

134.209.131.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=19&userId=18d6a676-a7c2-0db2-311d-9fe76017b459
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol: H2
Server: 134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 03:10:48 GMT
content-length: 0

Redirect headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:48 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=19&userId=18d6a676-a7c2-0db2-311d-9fe76017b459
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: qjflqvafh6c3ck9cbttk0behg043t0u5

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/ Frame 2A2C
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D28%26userId%3D%24UID
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=2387150951497595618

0
44 B

97ms
97ms

Image
text/plain

134.209.131.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=2387150951497595618
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol: H2
Server: 134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 03:10:48 GMT
content-length: 0

Redirect headers

Pragma: no-cache
Date: Fri, 05 Nov 2021 03:10:49 GMT
X-Proxy-Origin: 193.27.14.10; 193.27.14.10; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 73c55934-b07f-4ee2-a6e4-0c619feb8b93
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=2387150951497595618
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/ Frame 2A2C
Redirect Chain

https://pixel.advertising.com/ups/56621/occ
https://pixel.advertising.com/ups/56621/occ?verify=true
https://ups.analytics.yahoo.com/ups/56621/occ?apid=UPf9f54b07-3de5-11ec-a5a4-066c1c3f3b86
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UPf9f54b07-3de5-11ec-a5a4-066c1c3f3b86

0
44 B

97ms
97ms

Image
text/plain

134.209.131.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UPf9f54b07-3de5-11ec-a5a4-066c1c3f3b86
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol: H2
Server: 134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 03:10:49 GMT
content-length: 0

Redirect headers

location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UPf9f54b07-3de5-11ec-a5a4-066c1c3f3b86
date: Fri, 05 Nov 2021 03:10:49 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/ Frame 2A2C
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YYSgtDPFl2dHHW91wo.sdAAA%261144

0
44 B

97ms
97ms

Image
text/plain

134.209.131.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YYSgtDPFl2dHHW91wo.sdAAA%261144
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol: H2
Server: 134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 03:10:49 GMT
content-length: 0

Redirect headers

Pragma: no-cache
Date: Fri, 05 Nov 2021 03:10:49 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YYSgtDPFl2dHHW91wo.sdAAA%261144
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 282
Expires: Fri, 05 Nov 2021 03:10:49 GMT

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/ Frame 2A2C
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID&sovrn_retry=true
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=283ab5d093028b1f1476b7dc

0
44 B

101ms
101ms

Image
text/plain

134.209.131.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=283ab5d093028b1f1476b7dc
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol: H2
Server: 134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 03:10:49 GMT
content-length: 0

Redirect headers

Date: Fri, 05 Nov 2021 03:10:50 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=283ab5d093028b1f1476b7dc
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap1sea1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H/1.1 200
OK usa
sync.go.sonobi.com/ Frame 2A2C 0
478 B 61ms
13ms Image
text/plain 178.162.133.149

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/usa?https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=38&userId=

Requested by

Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 -, , ASN (),

Reverse DNS

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 05 Nov 2021 03:10:49 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

403

ue1-sb1-c549adaf-1b21-4536-9708-cbda488d9288
p.adsymptotic.com/d/px/ Frame 2A2C
Redirect Chain

https://e.serverbid.com/udb/9969/match?redir=https://p.adsymptotic.com/d/px/?_pid=15964%26_rand=0.39016335598050667%26_psign=7af0e337a8b79b30c2c8126809252942%26_puuid=
https://p.adsymptotic.com/d/px/ue1-sb1-c549adaf-1b21-4536-9708-cbda488d9288

0
0

529ms
36ms

Image
text/html

104.18.102.194

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.adsymptotic.com/d/px/ue1-sb1-c549adaf-1b21-4536-9708-cbda488d9288
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol: H2
Server: 104.18.102.194 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Redirect headers

location: https://p.adsymptotic.com/d/px/ue1-sb1-c549adaf-1b21-4536-9708-cbda488d9288
cache-control: no-cache
content-length: 0

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/ Frame 55AD
Redirect Chain

https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D%24%7BUID%7D
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=19&userId=18d6a676-a7c2-0db2-311d-9fe76017b459

0
44 B

98ms
97ms

Image
text/plain

134.209.131.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=19&userId=18d6a676-a7c2-0db2-311d-9fe76017b459
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol: H2
Server: 134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 03:10:48 GMT
content-length: 0

Redirect headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:48 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=19&userId=18d6a676-a7c2-0db2-311d-9fe76017b459
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: ee8trs6db0q10a893dkcggdl2u9qss30

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/ Frame 55AD
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D28%26userId%3D%24UID
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=2387150951497595618

0
44 B

97ms
97ms

Image
text/plain

134.209.131.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=2387150951497595618
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol: H2
Server: 134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 03:10:48 GMT
content-length: 0

Redirect headers

Pragma: no-cache
Date: Fri, 05 Nov 2021 03:10:49 GMT
X-Proxy-Origin: 193.27.14.10; 193.27.14.10; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 36f00382-9dd6-4eb4-9c2b-34bcea44e211
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=2387150951497595618
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/ Frame 55AD
Redirect Chain

https://pixel.advertising.com/ups/56621/occ
https://pixel.advertising.com/ups/56621/occ?verify=true
https://ups.analytics.yahoo.com/ups/56621/occ?apid=UPf9f54b07-3de5-11ec-a5a4-066c1c3f3b86
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UPf9f54b07-3de5-11ec-a5a4-066c1c3f3b86

0
44 B

97ms
97ms

Image
text/plain

134.209.131.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UPf9f54b07-3de5-11ec-a5a4-066c1c3f3b86
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol: H2
Server: 134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 03:10:48 GMT
content-length: 0

Redirect headers

location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UPf9f54b07-3de5-11ec-a5a4-066c1c3f3b86
date: Fri, 05 Nov 2021 03:10:49 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/ Frame 55AD
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YYSgtDPFl2dHHW91wo.sdAAA%261144

0
44 B

97ms
97ms

Image
text/plain

134.209.131.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YYSgtDPFl2dHHW91wo.sdAAA%261144
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol: H2
Server: 134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 03:10:48 GMT
content-length: 0

Redirect headers

Pragma: no-cache
Date: Fri, 05 Nov 2021 03:10:49 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YYSgtDPFl2dHHW91wo.sdAAA%261144
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 282
Expires: Fri, 05 Nov 2021 03:10:49 GMT

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/ Frame 55AD
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID&sovrn_retry=true
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=b88dceccf540e50fabec5cba

0
44 B

100ms
100ms

Image
text/plain

134.209.131.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=b88dceccf540e50fabec5cba
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol: H2
Server: 134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 03:10:50 GMT
content-length: 0

Redirect headers

Date: Fri, 05 Nov 2021 03:10:50 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=b88dceccf540e50fabec5cba
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap1sea1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H/1.1 200
OK usa
sync.go.sonobi.com/ Frame 55AD 0
474 B 62ms
14ms Image
text/plain 178.162.133.149

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/usa?https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=38&userId=

Requested by

Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 -, , ASN (),

Reverse DNS

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 05 Nov 2021 03:10:49 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame BFC5
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17632&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east

281 B
554 B

11ms
8ms

Document
text/html

23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 26 Oct 2021 17:01:05 GMT
ETag: "40334-119-5cf446c48f640"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 05 Nov 2021 03:10:49 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Date: Fri, 05 Nov 2021 03:10:49 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame C574 14 KB
5 KB 60ms
19ms Document
text/html 2.18.233.180

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=52559
expires: Fri, 05 Nov 2021 17:46:48 GMT
date: Fri, 05 Nov 2021 03:10:49 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/ib/static/usersync/v3/ Frame 5B37 995 B
1 KB 7ms
6ms Document
text/html 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

Connection: keep-alive
Content-Length: 506
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: W/"573e714d-3e3"
Expires: Thu, 06 May 2021 05:24:22 GMT
Cache-Control: max-age=31536000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Fri, 05 Nov 2021 03:10:49 GMT
Age: 15803185
X-Served-By: cache-lga21980-LGA, cache-hhn4031-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 194520, 153977
X-Timer: S1636081849.183447,VS0,VE0
Vary: Accept-Encoding

GET
H2

403

ue1-sb1-c549adaf-1b21-4536-9708-cbda488d9288
p.adsymptotic.com/d/px/ Frame 55AD
Redirect Chain

https://e.serverbid.com/udb/9969/match?redir=https://p.adsymptotic.com/d/px/?_pid=15964%26_rand=0.9032885969389142%26_psign=7af0e337a8b79b30c2c8126809252942%26_puuid=
https://p.adsymptotic.com/d/px/ue1-sb1-c549adaf-1b21-4536-9708-cbda488d9288

0
0

524ms
36ms

Image
text/html

104.18.102.194

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.adsymptotic.com/d/px/ue1-sb1-c549adaf-1b21-4536-9708-cbda488d9288
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol: H2
Server: 104.18.102.194 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Redirect headers

location: https://p.adsymptotic.com/d/px/ue1-sb1-c549adaf-1b21-4536-9708-cbda488d9288
cache-control: no-cache
content-length: 0

GET
H/1.1 200
OK async_usersync Show response
secure.adnxs.com/ Frame DD44 0
729 B 42ms
13ms Script
text/html 185.33.223.38

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/async_usersync?cbfn=AN_async_load

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.38 -, , ASN (),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 05 Nov 2021 03:10:49 GMT
X-Proxy-Origin: 193.27.14.10; 193.27.14.10; 400.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 09499e15-a3e5-4a5a-a244-acd88f42c4bf
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
secure.adnxs.com/ Frame 5B37 0
729 B 41ms
13ms Script
text/html 185.33.223.38

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/async_usersync?cbfn=AN_async_load

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.38 -, , ASN (),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 05 Nov 2021 03:10:49 GMT
X-Proxy-Origin: 193.27.14.10; 193.27.14.10; 400.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 73cb43d6-f3da-4501-ae84-990a920eacaa
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame EFED 32 KB
10 KB 9ms
8ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 3f05ae4278eca1b6aa4e143f137e4c5c78cf3c13b4f24e671096308f80c01b31

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 05 Nov 2021 03:10:49 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Nov 2021 21:03:19 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=56139
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9511
Expires: Fri, 05 Nov 2021 18:46:28 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame BFC5 32 KB
10 KB 9ms
8ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 3f05ae4278eca1b6aa4e143f137e4c5c78cf3c13b4f24e671096308f80c01b31

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 05 Nov 2021 03:10:49 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Nov 2021 21:03:19 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=56139
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9511
Expires: Fri, 05 Nov 2021 18:46:28 GMT

GET
H/1.1 204
No Content sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame EFED 0
239 B 733ms
95ms Image
image/gif 69.173.151.100

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=17632
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.151.100 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 84e0f527cd81a00b0210e20b4ee7ed94
Content-Type: image/gif

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame A4DB 5 KB
6 KB 13ms
13ms Script
text/html 198.47.127.19
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=16342964&p=156319&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: dbc76e7c6de4311c68299d1dcffd74af09abfb906c28cd6ff3bc6558a2157b2c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 03:10:48 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 match Show response
c1.adform.net/serving/cookie/ Frame 06DB 35 B
468 B 27ms
24ms Document
image/gif 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?party=14&cid=0E2FB96E-A800-46A0-9396-441CD19A0B8D

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Fri, 05 Nov 2021 03:10:49 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 543A
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3539097901260284538

42 B
210 B

18ms
18ms

Document
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3539097901260284538
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Fri, 05 Nov 2021 03:10:49 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: lhrpug018:0:405
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3539097901260284538
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame C733 43 B
334 B 58ms
17ms Document
image/gif 178.250.2.151

General

Check archive.org

Show headers Download Go to

Full URL: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.151 -, , ASN (),
Reverse DNS
Software: Kestrel /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

date: Fri, 05 Nov 2021 03:10:48 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Fri, 05 Nov 2021 00:00:00 GMT
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 554830

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 373A
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7026918035043645590

42 B
210 B

19ms
18ms

Document
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7026918035043645590
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Fri, 05 Nov 2021 03:10:49 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: lhrpug002:0:340
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Server: nginx
Date: Fri, 05 Nov 2021 03:10:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7026918035043645590

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame E181
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YYSgtQAAAmVOSQAz&gdpr=0&gdpr_consent=

1 B
236 B

33ms
18ms

Document
text/html

185.64.190.80

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YYSgtQAAAmVOSQAz&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Fri, 05 Nov 2021 03:10:49 GMT
content-type: text/html; charset=utf-8
content-length: 1
x-lat: lhrpug022:0:431
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

server: Varnish
retry-after: 0
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YYSgtQAAAmVOSQAz&gdpr=0&gdpr_consent=
accept-ranges: bytes
date: Fri, 05 Nov 2021 03:10:49 GMT
via: 1.1 varnish
x-served-by: cache-hhn4058-HHN
x-cache: HIT
x-cache-hits: 0
x-timer: S1636081850.762002,VS0,VE0
cache-control: no-cache
pragma: no-cache
content-length: 0

GET
H/1.1

200
OK

redir Show response
rtb-csync.smartadserver.com/ Frame 91FE
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFHdkRrN0RDVUVBQUJUdnc0QzBRUQ&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAGvDk7DCUEAABTvw4C0QQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_curre...

43 B
163 B

67ms
20ms

Document
image/gif

185.86.137.133

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAGvDk7DCUEAABTvw4C0QQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.133 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

date: Fri, 05 Nov 2021 03:10:49 GMT
content-type: image/gif
transfer-encoding: chunked

Redirect headers

Date: Fri, 05 Nov 2021 03:10:49 GMT
location: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAGvDk7DCUEAABTvw4C0QQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 5B79
Redirect Chain

https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0

0
88 B

18ms
18ms

Document
text/html

185.64.190.80

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Fri, 05 Nov 2021 03:10:49 GMT
content-type: text/html; charset=utf-8
x-lat: lhrpug016:2:281
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
content-encoding: gzip

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
content-length: 0
date: Fri, 05 Nov 2021 03:10:49 GMT
server: _

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 0A4A
Redirect Chain

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7264695576
https://sync.1rx.io/usersync/tradedesk/5f06a4a5-a2ef-44da-b26e-a8a6d7046f8c
https://sync.targeting.unrulymedia.com/csync/RX-80ce4e99-9ca2-4a78-affd-99a12c42a1da-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-80ce4e99-9ca2-4a78-affd-99a12c42a1da-003

42 B
228 B

18ms
18ms

Document
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-80ce4e99-9ca2-4a78-affd-99a12c42a1da-003
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Fri, 05 Nov 2021 03:10:49 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: lhrpug009:0:395
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

server: Tengine
date: Fri, 05 Nov 2021 03:10:49 GMT
content-type: text/html
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-80ce4e99-9ca2-4a78-affd-99a12c42a1da-003
etag: RX80ce4e999ca24a78affd99a12c42a1da003

GET
H2 404 dpe Show response
ad4m.at/ad/ Frame 866F 15 B
915 B 109ms
38ms Document
text/plain 2606:4700:20::681a:ad1

General

Check archive.org

Show headers Download Go to

Full URL

https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

c6420ab9ec6ebff1cd61333dade6ba9ac879d3617a59334148672dee6af12fec

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

date: Fri, 05 Nov 2021 03:10:49 GMT
content-type: text/plain; charset=utf-8
content-length: 15
report-to: {"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires: 0
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy: block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy: same-origin
pragma: no-cache
surrogate-control: no-store
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6a92e42978b840a5-CDG

GET
H/1.1 200
OK bridge Show response
cm.adgrx.com/ Frame F230 43 B
408 B 234ms
14ms Document
image/gif 72.251.241.206

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.251.241.206 -, , ASN (),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

Date: Fri, 05 Nov 2021 03:10:49 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
server: Cowboy
X-RealServer-NX: ams-delivery-4
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Pragma: no-cache
Expires: Thu, 23 Sep 2004 17:42:04 GMT
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *

GET cm
green.erne.co/pubmatic/ Frame 06EB 0
0

GET
H2 200 141 Show response
match.deepintent.com/usersync/ Frame 9B6A 0
44 B 295ms
95ms Document
text/plain 38.91.45.7

General

Check archive.org

Show headers Download Go to

Full URL: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 38.91.45.7 -, , ASN (),
Reverse DNS
Software: a /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

content-length: 0
date: Fri, 05 Nov 2021 03:10:49 GMT
server: a

GET
H2

200

rtb-h Show response
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 14F0
Redirect Chain

https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=22908fd6-6ef7-4bb1-b23d-5c337aa03099-tuct87e2639&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...

0
148 B

44ms
22ms

Document
text/plain

151.101.65.44

General

Check archive.org

Show headers Download Go to

Full URL: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=22908fd6-6ef7-4bb1-b23d-5c337aa03099-tuct87e2639&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
accept-ranges: bytes
date: Fri, 05 Nov 2021 03:10:49 GMT
via: 1.1 varnish
x-served-by: cache-hhn4054-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1636081850.885527,VS0,VE15
content-length: 0

Redirect headers

server: nginx
location: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=22908fd6-6ef7-4bb1-b23d-5c337aa03099-tuct87e2639&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges: bytes
date: Fri, 05 Nov 2021 03:10:49 GMT
via: 1.1 varnish
x-served-by: cache-mxp6972-MXP
x-cache: MISS
x-cache-hits: 0
x-timer: S1636081850.822626,VS0,VE29
x-vcl-time-ms: 29
content-length: 0

GET
H2

200

i.match Show response
s.tribalfusion.com/z/ Frame A007
Redirect Chain

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...

43 B
425 B

228ms
209ms

Document
image/gif

2606:4700::6812:c05

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c05 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

date: Fri, 05 Nov 2021 03:10:50 GMT
content-type: image/gif; charset=utf-8
content-length: 43
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 302
cache-control: no-cache private
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6a92e42adccb0f86-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date: Fri, 05 Nov 2021 03:10:50 GMT
content-type: text/html
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 206
x-reuse-index: 702
cache-control: no-cache private
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
location: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6a92e4296b930f86-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 i.gif Show response
e.serverbid.com/udb/9969/sync/ Frame 8522 0
44 B 100ms
99ms Document
text/plain 134.209.131.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=4&userId=0E2FB96E-A800-46A0-9396-441CD19A0B8D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

content-length: 0
date: Fri, 05 Nov 2021 03:10:49 GMT

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A4DB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Di-5bqgARqCTlkQc0ZoLjQ%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

14 KB
14 KB

18ms
18ms

Image
text/html

2.18.233.180

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol: H2
Server: 2.18.233.180 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 03:10:49 GMT
content-encoding: gzip
last-modified: Tue, 15 Jun 2021 06:08:03 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300708-3945-5c4c7cc02bd56"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=52559
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 5054
expires: Fri, 05 Nov 2021 17:46:48 GMT

Redirect headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:49 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame A4DB
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=97ea6184-a0b4-4300-a8de-838326059a79

0
128 B

455ms
13ms

Image
text/plain

198.47.127.20

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=97ea6184-a0b4-4300-a8de-838326059a79
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol: H2
Server: 198.47.127.20 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 03:10:48 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Fri, 05 Nov 2021 03:10:49 GMT
Server: MT3 4067 88cc6bf master cdg-pixel-x27 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=97ea6184-a0b4-4300-a8de-838326059a79
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 05 Nov 2021 03:10:48 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame A4DB
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=0E2FB96E-A800-46A0-9396-441CD19A0B8D
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=f4c959eff063f7e52f462011b36c20bb
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
https://pixel.onaudience.com/?partner=147&mapped=5f06a4a5-a2ef-44da-b26e-a8a6d7046f8c&icm
https://spl.zeotap.com/?zdid=1332&zcluid=2a80b3a5394d9976
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=da4e5cb6-93fd-4651-5f66-c0baea23f702&reqId=3f247cdd-4d12-49ca-4863-76ae27169992&zclui...
https://mwzeom.zeotap.com/mw?google_gid=CAESEKnZAtkOpyRZduOxTcp81jw&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=da4e5cb6-93fd-4651-5f66-c0baea23f702&reqId=3f247cdd-4d12-49ca-4863-76a...

95 B
164 B

76ms
39ms

Image
image/png

2606:4700:10::ac43:db6

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?google_gid=CAESEKnZAtkOpyRZduOxTcp81jw&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=da4e5cb6-93fd-4651-5f66-c0baea23f702&reqId=3f247cdd-4d12-49ca-4863-76ae27169992&zcluid=2a80b3a5394d9976&zdid=1332
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol: H2
Server: 2606:4700:10::ac43:db6 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 03:10:50 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 6a92e42b59c4f91f-MXP
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:50 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://mwzeom.zeotap.com/mw?google_gid=CAESEKnZAtkOpyRZduOxTcp81jw&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=da4e5cb6-93fd-4651-5f66-c0baea23f702&reqId=3f247cdd-4d12-49ca-4863-76ae27169992&zcluid=2a80b3a5394d9976&zdid=1332
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 469
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame A4DB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MEUyRkI5NkUtQTgwMC00NkEwLTkzOTYtNDQxQ0QxOUEwQjhE&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
111 B

464ms
19ms

Image
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol: H2
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 03:10:49 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug014:0:374
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:49 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame A4DB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEJRZDcr1WWLCjy0OOFp9g0&google_cver=1

42 B
283 B

464ms
19ms

Image
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEJRZDcr1WWLCjy0OOFp9g0&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol: H2
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 03:10:49 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug003:0:429
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:49 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEJRZDcr1WWLCjy0OOFp9g0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame A4DB 43 B
618 B 484ms
21ms Image
image/gif 169.50.137.182

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.182 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 03:10:49 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Thu, 04 Nov 2021 03:10:49 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame A4DB
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:97ea6184-a0b4-4300-a8de-838326059a79&gdpr=0&gdpr_consent=

42 B
341 B

458ms
18ms

Image
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:97ea6184-a0b4-4300-a8de-838326059a79&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol: H2
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 03:10:49 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug006:0:359
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Fri, 05 Nov 2021 03:10:49 GMT
Server: MT3 4067 88cc6bf master cdg-pixel-x26 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:97ea6184-a0b4-4300-a8de-838326059a79&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 05 Nov 2021 03:10:48 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame A4DB
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=5f06a4a5-a2ef-44da-b26e-a8a6d7046f8c

42 B
311 B

412ms
17ms

Image
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=5f06a4a5-a2ef-44da-b26e-a8a6d7046f8c
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol: H2
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 03:10:49 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug005:0:414
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:49 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=5f06a4a5-a2ef-44da-b26e-a8a6d7046f8c
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame A4DB
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=9105954489318236834

42 B
235 B

459ms
18ms

Image
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=9105954489318236834
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol: H2
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 03:10:49 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug008:0:438
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:49 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=9105954489318236834
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame A4DB
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2387150951497595618&gdpr=0&gdpr_consent=

42 B
520 B

465ms
19ms

Image
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2387150951497595618&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol: H2
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 03:10:49 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug010:0:485
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Fri, 05 Nov 2021 03:10:49 GMT
X-Proxy-Origin: 193.27.14.10; 193.27.14.10; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: f259879d-448c-40a7-ad77-58c0fad72ae8
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2387150951497595618&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame A4DB
Redirect Chain

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=35Ofh4iSxYDElMLQ28OK142VktXElcODipftnh-D

42 B
270 B

460ms
20ms

Image
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=35Ofh4iSxYDElMLQ28OK142VktXElcODipftnh-D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol: H2
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 03:10:49 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug009:0:528
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:49 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=35Ofh4iSxYDElMLQ28OK142VktXElcODipftnh-D
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame A4DB
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=0E2FB96E-A800-46A0-9396-441CD19A0B8D&redir=true&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-1.jVIzxE2uUqv7jqWCgnHLArIkhkiWU-~A&gdpr=0&gdpr_consent=

0
260 B

463ms
13ms

Image
text/plain

198.47.127.20

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-1.jVIzxE2uUqv7jqWCgnHLArIkhkiWU-~A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol: H2
Server: 198.47.127.20 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 03:10:49 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-1.jVIzxE2uUqv7jqWCgnHLArIkhkiWU-~A&gdpr=0&gdpr_consent=
date: Fri, 05 Nov 2021 03:10:49 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 0E2FB96E-A800-46A0-9396-441CD19A0B8D
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame A4DB 43 B
872 B 37ms
35ms Image
image/gif 2a05:d018:d29:3605:92f1:d82:bf31:b250
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/0E2FB96E-A800-46A0-9396-441CD19A0B8D?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3605:92f1:d82:bf31:b250 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 03:10:49 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame A4DB
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=4bc927f8-e822-4db8-a24f-e8aeffe1865a
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=4bc927f8-e822-4db8-a24f-e8aeffe1865a
https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=ae13abf7-4784-4405-8aab-590cbd18837a&ssp=pubmatic
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=4bc927f8-e822-4db8-a24f-e8aeffe1865a&gdpr=&gdpr_consent=&gdpr_pd=

1 B
180 B

18ms
18ms

Image
text/html

185.64.190.80

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=4bc927f8-e822-4db8-a24f-e8aeffe1865a&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol: H2
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 03:10:49 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug012:0:471
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=4bc927f8-e822-4db8-a24f-e8aeffe1865a&gdpr=&gdpr_consent=&gdpr_pd=
Date: Fri, 05 Nov 2021 03:10:49 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 204 current
pubmatic-match.dotomi.com/match/bounce/ Frame A4DB 0
104 B 484ms
22ms Image
text/plain 2a02:fa8:8806:12::1400

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=0E2FB96E-A800-46A0-9396-441CD19A0B8D&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1400 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:49 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame A4DB
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3894433036581876719&gdpr=0&gdpr_consent=&us_privacy=

1 B
479 B

458ms
17ms

Image
text/html

185.64.190.80

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3894433036581876719&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol: H2
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 03:10:49 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug007:0:418
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3894433036581876719&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Fri, 05 Nov 2021 03:10:48 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame A4DB
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=

42 B
203 B

20ms
18ms

Image
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol: H2
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 03:10:49 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug013:0:413
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:49 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame A4DB
Redirect Chain

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:cd67ef16-2df2-4101-b7e9-29069d857701&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

42 B
110 B

20ms
18ms

Image
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:cd67ef16-2df2-4101-b7e9-29069d857701&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol: H2
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 03:10:49 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug004:0:421
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:cd67ef16-2df2-4101-b7e9-29069d857701&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date: Fri, 05 Nov 2021 03:10:49 GMT
Server: Apache/2.4.41 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame A4DB
Redirect Chain

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2387150951497595618

42 B
110 B

18ms
18ms

Image
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2387150951497595618
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol: H2
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 03:10:49 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug020:0:279
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Fri, 05 Nov 2021 03:10:49 GMT
X-Proxy-Origin: 193.27.14.10; 193.27.14.10; 400.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 10e18694-ad2d-45b9-b077-7ff12f54d439
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2387150951497595618
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 d1ba4609
rtb.gumgum.com/getuid/ Frame A4DB 35 B
237 B 34ms
29ms Image
image/gif 54.77.19.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-19-59.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:49 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 25ms
22ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&zMoatAdUnit1=ssp.wrtv&zMoatAdUnit2=inview-bottom&wf=1&ra=3&pxm=3&sgs=3&vb=11&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=CRACKED_SCRIPPS_DFP_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B*EjrG%3DH%3CA.a%24%7D9H%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-au92djWwZ10QbMk%2BqjMratT%2F8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-WC5uNxErYklCYg%3D%3D&sc=1&os=1-Lg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.wrtv.com%2F&pcode=crackedscrippsdfpprebidheader262014341684&rx=999788427589&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&zMoatpage=-&zMoatpos=above%2C6&zMoatpt=landing%2Cfalse&g=4&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=728&rm=1&fy=436&gp=1105&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.wrtv.com%2F&id=1&ii=4&f=0&j=&t=1636081842968&de=741499513057&cu=1636081842968&m=6779&ar=553ffc12ef5-clean&iw=aa17278&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=1105&lb=8089&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A908%3A908%3A1854%3A780&as=1&ag=5115&an=1095&gi=1&gf=5115&gg=1095&ix=5115&ic=5115&ez=1&ck=1095&kw=900&aj=1&pg=100&pf=100&ib=1&cc=1&bw=5115&bx=1095&ci=1095&jz=900&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4921&cd=900&ah=4921&am=900&xd=00&rf=0&re=0&wb=2&cl=0&at=0&d=16839141%3A237842901%3A5250393788%3A138298488418&gw=crackedscrippsdfpprebidheader262014341684&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=195402&na=158377111&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:49 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 05 Nov 2021 03:10:49 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 0D32 0
729 B 13ms
13ms Script
text/html 185.33.221.89
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 05 Nov 2021 03:10:49 GMT
X-Proxy-Origin: 193.27.14.10; 193.27.14.10; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 13d04a75-8599-4b5a-9723-48adcb0d87d0
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame A255 0
729 B 13ms
13ms Script
text/html 185.33.221.89
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 05 Nov 2021 03:10:49 GMT
X-Proxy-Origin: 193.27.14.10; 193.27.14.10; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 09ef704e-6f76-4093-8438-0046afae2bf4
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 18ms
18ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&zMoatAdUnit1=ssp.wrtv&zMoatAdUnit2=home&zMoatAdUnit3=landing&wf=1&ra=3&pxm=3&sgs=3&vb=11&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=CRACKED_SCRIPPS_DFP_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B*EjrG%3DH%3CA.a%24%7D9H%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-au92djWwZ10QbMk%2BqjMratT%2F8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-WC5uNxErYklCYg%3D%3D&sc=1&os=1-Lg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.wrtv.com%2F&pcode=crackedscrippsdfpprebidheader262014341684&rx=999788427589&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&zMoatpage=-&zMoatpos=above%2C7&zMoatpt=landing%2Cfalse&g=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=728&rm=1&fy=436&gp=1541.1875&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.wrtv.com%2F&id=1&ii=4&f=0&j=&t=1636081842968&de=314310033065&cu=1636081842968&m=6981&ar=553ffc12ef5-clean&iw=aa17278&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=1541.1875&lb=8089&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A908%3A908%3A1854%3A780&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5108&cd=40&ah=5108&am=40&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=16839141%3A237842901%3A2053316181%3A115768603221&gw=crackedscrippsdfpprebidheader262014341684&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&tc=0&fs=195402&na=200610529&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wrtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 03:10:49 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 05 Nov 2021 03:10:49 GMT

GET
H/1.1 200
OK data
b100.s79.research.de.com/ Frame 9BE7 43 B
308 B 11ms
11ms Image
image/gif 178.63.107.139
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b100.s79.research.de.com/data?/eemAGKOBATkzFARksFAQtjFwuJNSA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.63.107.139 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h294.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 05 Nov 2021 03:10:50 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Fri, 05-Nov-21 03:10:49 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: b.collective-media.net
URL: https://b.collective-media.net/seg/cm/o4vr?gtmcb=16997439

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKjXWpVHJkLdP7psTVMtsIUkchAJbpEb1kYfbJmahLJBf1IfEcxFwZpzeL7Ppc1aFoSWuKVQKIhqqO9jWdmvLMFGLDQnxI&google_hm=cjR5YWMyY0ZzZDlhSEtiZkVvYVdYcnJtbUJtUnpKVFlfeWF1bGJnRndQWQ&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3

Domain: id5-sync.com
URL: https://id5-sync.com/c/441/19/4/6.gif?puid=f4c959eff063f7e52f462011b36c20bb&gdpr=1&gdpr_consent=

Domain: green.erne.co
URL: https://green.erne.co/pubmatic/cm?

Verdicts & Comments Add Verdict or Comment

159 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

67 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.3lift.com/sync	1970-01-20 00:37:37	Name: sync Value: CgoIgQIQ56PP8M4vCgoI4gEQ56PP8M4vCgoI5gEQ56PP8M4vCgoIhwIQ56PP8M4vCgkICRDno8_wzi8KCQg6EOejz_DOLwoJCAsQ56PP8M4vCgoIjAIQ56PP8M4vCgoIzgEQ56PP8M4vCgkIXxDno8_wzi8=
.media.net/	1970-01-20 02:54:25	Name: gdpr_status Value: 1
.wrtv.com/	1970-01-20 00:37:37	Name: _gcl_au Value: 1.1.226850752.1636081843
.wrtv.com/	1970-01-19 22:28:03	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://www.wrtv.com/%22%2C%22sref%22:%22%22%2C%22sts%22:1636081842941%2C%22slts%22:0}
.wrtv.com/	1970-01-20 07:57:25	Name: _parsely_visitor Value: {%22id%22:%22pid=7aad4a2448cb098579ee9f598b9f8817%22%2C%22session_count%22:1%2C%22last_session_ts%22:1636081842941}
www.wrtv.com/	1969-12-31 23:59:59	Name: mnet_session_depth Value: 1%7C1636081843086
.wrtv.com/	1970-01-20 15:59:13	Name: _ga Value: GA1.2.601809553.1636081843
.wrtv.com/	1970-01-19 22:29:28	Name: _gid Value: GA1.2.1970992711.1636081843
.scorecardresearch.com/	1970-01-20 15:44:49	Name: UID Value: 1CEQAMHS9D08BVLV6V1QMSg1636081843
.wrtv.com/	1970-01-19 22:28:01	Name: _gat Value: 1
.wrtv.com/	1970-01-19 22:28:01	Name: _gat_ScrippsEnterprise Value: 1
.pymx5.com/	1970-01-20 02:47:13	Name: _ia_uid Value: eyJhbGciOiJBMjU2S1ciLCJlbmMiOiJBMjU2R0NNIn0.1R72_cSfzW7NK1jyp0feRMNAkFhP7vBn1FYpsqH8lUjSnChnwKM_1g.mquA4U1H9TRLQu9a.Dtoc0RWxlaX9UwQaWJ_TmL21B7dBJ9ujVguNu3AukFo-UaFtioMUArDetfkGsv3-dn-faRCPdAcnAiSMynjTqlPoQhwfKmvDPmXryD8Te8Y0nsqUJPvLU1a_whsY_vf8zTvkZrY0lTF8fnO-Ijlgo8iAsxtWgudziNQwLlts3-WcsX5O3o3F_2KB2AtiWktanVQZl2P706huDN_9HNQrl7_D5T-rZq05kJ0-PPpJcaSHn8Vr8JZF0cgAhoK0PVBUUkd4c_JYRaf_ks-wAlX55XIhrb6v9-5dxDU1rBTG8q_IM6by7qXRhb842g10m12yB9Ecdkc9ekVZ2CGHjNh-GjF66XEzOivsvVkLGiuLYp8.ZLaIMGoYp9w42HPN5RUiEQ
.pymx5.com/	1970-01-20 02:47:13	Name: _ia_version Value: 2
.openx.net/	1970-01-20 07:13:37	Name: i Value: f2a416e0-b7da-01ac-0047-971a856b4529\|1636081843
.quantserve.com/	1970-01-20 07:58:16	Name: mc Value: 6184a0b3-6ec2a-dd75f-7d0c5
.wrtv.com/	1970-01-20 07:52:30	Name: __qca Value: P0-360651563-1636081843444
.gumgum.com/	1970-01-20 07:13:37	Name: cs Value: true
.gumgum.com/	1970-01-19 23:11:13	Name: loc Value: SfolTs1ZIlPB8MVKEK8IyKSvg4rUpAiO8hszRu6MQdwXgciFy314eCa8DRCNeggGNMdmUvl3ZxGQskJGpgd1xIFt87TMBs-LTKtZrofXbc4
.gumgum.com/	1970-01-20 07:13:37	Name: vst Value: e_df693507-9a1b-4352-9de1-9e16bcdb3f5d
.adnxs.com/	1970-01-20 00:37:37	Name: icu Value: ChgIxIZ3EAoYASABKAEws8GSjAY4AUABSAEQs8GSjAYYAA..
.adnxs.com/	1970-01-20 00:37:37	Name: uuid2 Value: 2387150951497595618
.wrtv.com/	1970-01-20 00:37:37	Name: _fbp Value: fb.1.1636081843632.1974280706
.facebook.com/	1970-01-20 00:37:37	Name: fr Value: 0ZhgBuoN8jZdQxbgm..BhhKCz...1.0.BhhKCz.
e.serverbid.com/	1970-01-20 07:13:37	Name: azk Value: ue1-sb1-c549adaf-1b21-4536-9708-cbda488d9288
.rubiconproject.com/	1969-12-31 23:59:59	Name: rsid Value: 1\|AIfsdBUO++vuGxiryvY4NyLqsLINffPD0ndRTZPwOWBzr4eVPwTuL9+dZLvlgeCkRh3C4GjGYWrGRQSWDHOtFAT+ngdUyQJYykllPZjhEHJw9y7GDs9f
.rubiconproject.com/	1970-01-20 07:13:37	Name: khaos Value: KVLSVXUG-Y-28W0
.rubiconproject.com/	1970-01-20 07:13:37	Name: audit Value: 1\|naVuGyos1qr6sKOCfPzGbLRHKV/Y9AOYB3Biw5iW/3pyPX3N2ttgR9rN4g3OX8ElaOHJflrURSNymPvo8pleP+vvlaCeciHL/R7Fz5/Qhm0=
.doubleclick.net/	1970-01-20 07:49:37	Name: IDE Value: AHWqTUkXUSyV-YvpwrN4KPpDNnhW3xFJ1PGA4nXNo8sYCQ-TUxGHUx4X-nl-yoNpx-U
.wrtv.com/	1970-01-20 07:49:37	Name: __gads Value: ID=61641bc521aa2807:T=1636081843:S=ALNI_Ma70h0zFkavmIWziuZ68HaDRM66sg
.casalemedia.com/	1970-01-20 07:13:37	Name: CMID Value: YYSgtDPFl2dHHW91wo.sdAAA
.casalemedia.com/	1970-01-20 00:37:37	Name: CMPS Value: 3219
.adnxs.com/	1970-01-20 00:37:37	Name: anj Value: dTM7k!M41.D>6NRF']wIg2ImIG%C%M!@wnfH8K6pQK`!5=E<*L5?%K3mbSFr^[YcbibcXe685'97]jj(@JJ#i<Rlq(%nugO%v4VB%nmED)vKA+
.casalemedia.com/	1970-01-20 00:37:37	Name: CMPRO Value: 1144
.casalemedia.com/	1970-01-19 22:29:28	Name: CMST Value: YYSgtGGEoLQA
.casalemedia.com/	1970-01-20 07:13:37	Name: CMRUM3 Value: 2d6184a0b42760CAESED2vy7qyhruMPVwNumjvrSs
.blismedia.com/	1970-01-20 07:13:41	Name: b Value: 6184A0B4498910C0E220BCD3BLIS
.w55c.net/	1970-01-20 07:56:49	Name: wfivefivec Value: Il9VfQGD1MIPCQ5
.1rx.io/	1970-01-20 07:13:37	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-80ce4e99-9ca2-4a78-affd-99a12c42a1da-003%22%7D
.mathtag.com/	1970-01-20 07:53:57	Name: uuid Value: 97ea6184-a0b4-4300-a8de-838326059a79
.w55c.net/	1970-01-19 23:11:13	Name: matchgoogle Value: 5
.targeting.unrulymedia.com/	1970-01-20 07:13:37	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-80ce4e99-9ca2-4a78-affd-99a12c42a1da-003%22%7D
.pubmatic.com/	1970-01-19 22:29:28	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 00:37:37	Name: KADUSERCOOKIE Value: 0E2FB96E-A800-46A0-9396-441CD19A0B8D
.yahoo.com/	1970-01-20 07:13:59	Name: A3 Value: d=AQABBLWghGECEKCP-J0ZHl4MEtikJnati5wFEgEBAQHyhWGOYQAAAAAA_SMAAA&S=AQAAAt807Fqildbnm3RU7eEZIoY
.everesttech.net/	1970-01-20 07:13:37	Name: everest_g_v2 Value: g_surferid~YYSgtQAAAmVOSQAz
.openx.net/	1970-01-19 22:49:37	Name: pd Value: v2\|1636081848\|gekin0vNiygu
.3lift.com/	1970-01-20 00:37:37	Name: tluid Value: 15094588468405504402
.id5-sync.com/	1970-01-19 22:28:02	Name: cf Value:
.id5-sync.com/	1970-01-19 22:28:02	Name: cip Value:
.id5-sync.com/	1970-01-19 22:28:02	Name: cnac Value:
.id5-sync.com/	1970-01-19 22:28:02	Name: car Value:
.id5-sync.com/	1970-01-19 22:28:02	Name: gdpr Value:
.id5-sync.com/	1970-01-19 22:28:02	Name: id5 Value: d293cca7-74e8-423b-8781-678a07e3dde1#1636081839608#1
.id5-sync.com/	1970-01-19 22:28:02	Name: callback Value:
.quantserve.com/	1970-01-20 00:37:37	Name: d Value: EC8BDwHTJIEPisMA
.360yield.com/	1970-01-20 00:37:37	Name: tuuid_lu Value: 1636081848
.360yield.com/	1970-01-20 00:37:37	Name: tuuid Value: 96310b6f-ccec-4bb2-8745-ddb576156aa4
.adform.net/	1970-01-19 23:11:13	Name: C Value: 1
.bing.com/	1970-01-20 07:49:37	Name: MUID Value: 1EA65742DBA96E3E163247A4DA7B6FCD
.adform.net/	1970-01-19 23:54:25	Name: uid Value: 9105954489318236834
.turn.com/	1970-01-20 02:47:13	Name: uid Value: 3894433036581876719
.360yield.com/	1970-01-20 00:37:37	Name: um Value: !79,jWy3IcM3Amh646RooktzAqSRS5ETEeYpRuE4.Z4YbZD-byPtjCZzU2k05FIaxu7jnHL8q9X07INscUWU,1643857848!313,jWy3IX5hNkdc8vZDlx52anr24HTgPNsiY.XSAbIpOMIyPllikONl09R-6qK1os9e4QLFxDPfGvjGC5Bb,1643857848
.360yield.com/	1970-01-20 00:37:37	Name: umeh Value: !79,0,1698289848,-1!313,0,1698289848,-1
.mathtag.com/	1970-01-19 23:11:13	Name: mt_mop Value: 9:1636081849
ads.avct.cloud/	1970-01-20 07:13:37	Name: uuid Value: 8a8cb146-efd1-42aa-9299-8ea49a963497
.id5-sync.com/	1970-01-20 00:37:37	Name: 3pi Value: 146#1636081839980#-165224832\|916#1636081839738#-1601561391\|441#1636081839649#48\|124#1636081839782#-1601561391
.advertising.com/	1970-01-20 07:15:04	Name: APID Value: UPf9f54b07-3de5-11ec-a5a4-066c1c3f3b86

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cdn.cookielaw.org/consent/000000/000000.json Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://www.googletagmanager.com/gtm.js?id=GTM-6TGJ(Line 39) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.googletagmanager.com/gtm.js?id=GTM-6TGJ(Line 39) Message: Unrecognized feature: 'conversion-measurement'.
security	warning	URL: https://www.wrtv.com/ Message: Mixed Content: The page at 'https://www.wrtv.com/' was loaded over HTTPS, but requested an insecure element 'http://b.collective-media.net/seg/cm/o4vr?gtmcb=16997439'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://b.collective-media.net/seg/cm/o4vr?gtmcb=16997439 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://assets.scrippsdigital.com/cms/images/color_schemes/wrtv/square--144.png Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKjXWpVHJkLdP7psTVMtsIUkchAJbpEb1kYfbJmahLJBf1IfEcxFwZpzeL7Ppc1aFoSWuKVQKIhqqO9jWdmvLMFGLDQnxI&google_hm=cjR5YWMyY0ZzZDlhSEtiZkVvYVdYcnJtbUJtUnpKVFlfeWF1bGJnRndQWQ&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://id.rlcdn.com/709414.gif Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://p.adsymptotic.com/d/px/ue1-sb1-c549adaf-1b21-4536-9708-cbda488d9288 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://p.adsymptotic.com/d/px/ue1-sb1-c549adaf-1b21-4536-9708-cbda488d9288 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://id5-sync.com/c/441/19/4/6.gif?puid=f4c959eff063f7e52f462011b36c20bb&gdpr=1&gdpr_consent= Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4394967.fls.doubleclick.net
a.tribalfusion.com
acdn.adnxs.com
ad.360yield.com
ad.doubleclick.net
ad.turn.com
ad4m.at
ads.playground.xyz
ads.pubmatic.com
ads.rubiconproject.com
adservice.google.com
adservice.google.de
ap.lijit.com
api.ewscloud.com
api.pymx5.com
assets.scrippsdigital.com
b.collective-media.net
b100.s79.research.de.com
b1sync.zemanta.com
c.amazon-adsystem.com
c.bing.com
c1.adform.net
c2shb.ssp.yahoo.com
cdn.cookielaw.org
cdn.parsely.com
cdn5.userzoom.com
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
csync.loopme.me
d5cf1469250bc8a0aa957423e94af1ff.safeframe.googlesyndication.com
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
e.serverbid.com
eb2.3lift.com
eu-u.openx.net
eus.rubiconproject.com
ewscripps-d.openx.net
ewscripps.brightspotcdn.com
fastlane.rubiconproject.com
g2.gumgum.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
green.erne.co
hblg.media.net
hbx.media.net
ib.adnxs.com
id.rlcdn.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.taboola.com
mb.moatads.com
mwzeom.zeotap.com
p.adsymptotic.com
p.typekit.net
p1.parsely.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.adsafeprotected.com
pixel.advertising.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.sitescout.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-a.rubiconproject.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
px.moatads.com
pymx5.com
rtb-csync.smartadserver.com
rtb.gumgum.com
rtb.mfadsrvr.com
rtb.openx.net
rules.quantcount.com
s.ad.smaato.net
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
s79.mxcdn.net
s79.research.de.com
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
sejs.moatads.com
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
simage2.pubmatic.com
spl.zeotap.com
ssc-cms.33across.com
ssc.33across.com
ssum-sec.casalemedia.com
stat.meetrics.net
static.adsafeprotected.com
static.ewscloud.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.go.sonobi.com
sync.mathtag.com
sync.serverbid.com
sync.targeting.unrulymedia.com
sync.teads.tv
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
trc.taboola.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
use.fontawesome.com
use.typekit.net
web.hb.ad.cpe.dotomi.com
wrtv.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.wrtv.com
x.bidswitch.net
z.moatads.com
b.collective-media.net
cm.g.doubleclick.net
green.erne.co
id5-sync.com
104.111.242.245
104.18.102.194
13.248.245.213
13.32.121.21
13.32.121.32
134.209.129.254
134.209.131.220
142.250.102.156
142.250.184.194
142.250.185.194
142.250.186.134
146.59.148.16
148.251.84.39
151.101.129.108
151.101.194.49
151.101.65.44
162.55.6.212
169.50.137.182
178.162.133.149
178.250.2.151
178.62.202.251
178.63.107.139
18.157.198.157
18.159.21.129
18.184.229.226
18.198.220.83
18.66.100.58
18.66.112.109
18.66.112.23
18.66.122.56
185.29.134.248
185.33.221.89
185.33.223.38
185.64.190.80
185.86.137.133
198.47.127.19
198.47.127.20
2.18.233.180
2.18.233.67
2.18.234.21
2.18.235.40
2.18.235.93
2001:678:cb4:bbbb::11
205.185.216.42
209.197.3.16
209.54.176.128
213.155.156.184
213.19.147.44
23.37.42.132
2600:9000:223f:b000:1b:5138:8a40:93a1
2600:9000:223f:f800:8:48e:53c0:93a1
2600:9000:224a:5c00:6:44e3:f8c0:93a1
2600:9000:236e:d400:10:618e:d880:93a1
2602:803:c003:200::21
2606:4700:10::ac43:db6
2606:4700:20::681a:ad1
2606:4700:3031::ac43:d645
2606:4700::6810:9540
2606:4700::6812:c05
2620:119:50e1:101::6cae:b25
2620:1ec:c11::200
2a00:1450:4001:809::2004
2a00:1450:4001:809::2008
2a00:1450:4001:810::2006
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2001
2a00:1450:4001:830::200e
2a00:1450:400c:c06::9d
2a00:1450:4025:402::84
2a00:1450:4025:402::9b
2a02:26f0:6c00:2ae::19fd
2a02:26f0:6c00::210:ba0a
2a02:fa8:8806:12::1400
2a02:fa8:8806:12::1460
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:600::300
2a05:d018:d29:3605:92f1:d82:bf31:b250
3.10.67.38
3.126.56.137
3.127.92.82
34.149.20.76
34.249.68.36
34.96.105.8
34.96.74.203
34.98.107.212
35.157.246.167
35.227.203.93
35.227.252.103
35.244.159.8
35.244.174.68
37.157.2.237
38.91.45.7
52.215.67.80
52.222.210.175
52.222.214.97
52.223.40.198
52.44.124.140
52.51.10.244
54.144.144.142
54.76.172.32
54.77.19.59
54.93.133.131
63.251.14.14
64.74.236.63
66.155.71.25
67.202.105.22
69.173.144.139
69.173.144.165
69.173.151.100
72.251.241.206
85.114.159.118
88.198.52.202
91.228.74.134
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
063fcf2d3504e33bf708d234b7b5cc5144ca74761645f9e3a2b3671be11b4c52
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0b548bcd9e8592280fce318fbeb64b894589fe2892ca331cf449c80201cd294e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c0c847b67ed4820d2e0acb1a4462da36069e06825a6083df46b54b4e7f4c2de
0ff30c727916819b4af43b6496baea6d056c41930de5e4d845df18e74fcdec07
101dc7f34320cbce5950b82377f76ea6c59b54797aa19628de9b346497e7aaf5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11b947e74a7ba8f1d433b84ab7a719799ec0662a9035a8b4a2ab4d7d1eb2d681
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1323112ac126d2bc27da6f7e045a1f8d06a1dabaad2560ef8e8297cfc9379a2f
1385a4f55db1166435032cd0c1d542629ccc77f520fb0d3702e1d2da2f514a24
13e7993286c9d94388488848f663400010af10a0ca5cfde38b8b0881fa6b6d04
140b58c06fdd8d86ca20a7eca26ae9ae1b72a937380cba39b711987930cd5e99
177e5f948cc82a4c47e8019cabe6588a2dbecc64436ba17d6b949e223ea0cd3f
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1bc57e606d6ad5fd88d325ffe6d59e983dfdb5c9a3c16937c0e2f679501e6277
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1c6170bba9d955d449e579b8bd5389307e4e80c7483c89220b3e809fdd72575e
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
238de8c6c1e688d3104efffdd6544be85d7e4848462573f6c2e4d8f3aa6e7405
2418c3c8e840534e1195fcad78b65a278a76696d2c745c387126d9a9acdf8759
2498b81bdfc16322af8b741ec7cc0e807b2106352c5aed05e9f9cec217587407
24d1eca2cdf9523d574152e4ebc006c6e2aefde295e42c09ec07304881af354c
27b9425e1ef516be0b86ff8a57898d9c36ffb195f8b09d0a99a9ef87b18432c5
2878c06eaa36809d2bf556a97ac803fa0870241e075817b5310e9b0410cc66d4
2bbe7f809fcc3e63c130ae2b3df37a41fc3f97b960a51ef590d1f2090491b122
2c485823563af366324daa7545d7eb9907eb4621a6adce9ad40e1023a5afeeb1
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
32322986a3b686254b0bd0a35a1feff3886eee67ef8812baf9a7a0185df71a63
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
329aa836249733720be7e19c5bb2157567a4d552095ab6add694b5386aab89ff
33f9695dbc249bb9dbc3592edac7e629eaa2317ec8e46579ce19513f1860a6dc
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
36c0ec05d79bd9d3164effc3eca0f1962cd6f82bb1f41cb212e080910be24153
37e9921f5adef76c836337480f19a92a0db12b090db1426cfa1460df71477e72
38b8be128d6bec260bf46332765126b601fcf1bcacd040a534c205904a845389
3cfd96c3b7a1cc0049b29f75a6408751b901e66bd2a2706285cc97d79aa2e74e
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3daa5a737b17aaad97db57eb208a1abe30c08fff56ca279cd8bf4c390d8c7b21
3de434e6eb6771d323cfb65d49fc87b31956ac1875514cc73847c148738cfff5
3e72f6c9463b9472abed90e6ce582f906042ee5777cead3c13100f8bb29ede4f
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f05ae4278eca1b6aa4e143f137e4c5c78cf3c13b4f24e671096308f80c01b31
3f0fcacd3f37427f065e042a6aa8ad2505cbdf295387a1371f1c8023f78d22ed
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
44e04e4776c58b34580006ef8e8a1e1ae336f3e9c429ae242fe9a8f090889b79
44f435231f187f4ac97e0eee3a86356c8dec9b3481d6c5596bf66789e1b86d86
465e6e205d5624e2c26e9866efaf2a14c5dfcd02e623976755240251782ad54d
485ba6d2ae61daafb41e4292e89b612020270df70952ea23f75d151f36384621
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492f490d3a8cae053f8ab9f525210cfcd792987a02d65783aa81ce4edf926fa2
4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d791ed98864710ccf18afff9e36d5c2df43568f479a476c3ec534be302ff459
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
503cb5822ad9aff8296f27f9b4581beb083dd3fc1e3f7718e769da60cc2b3d31
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50ad3a273dd7803066fae0fb2e4eec57cdfb969f449d86309527578d7e08d249
52b255c86ae6d99ee7e166fb426b5bd737bd64c166bd7655a6ca995311ebe6f3
53d91fb2b51a3daa0645f78f71b29e695f42b0ac6db0d29f7fc7e5e38c3ffb7a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54e634cdff978668d798a6f1e133be37e7c164d62f3a5ad4cf00617de6199d14
54f66b2c726c86056975e10ebc14fbe66b643214cc84d50f0d12b7db9698e9a2
550f761ba0cb70dcdc070ac4882b07938ff28b5c929b6fa9398adad8dbb481a4
586648b9de49457eab52c5a10a04d5c2c08732570b2839e7b9971b89b3656efc
5b155fb0f2cb0838d33f68171d2cc0561eaf3ed61e74b35a15e553720bed092a
5ba51c9b5c00b171e74d1ddffbff8c203722cd9f3e5e9f9be281b2ac147d9ec1
5bfeaba7747db79e42e95f4a2d6ec1fe8f7469853e3f02ccec7da2411dc3cafc
5f9c986bc677282c44182cc3bfd5b2813607b6b1fd23d6f8d6a9dda208bc480e
60776a7bb86055bba4957444d1485789c9c1253a97bf739262fd1f7fc37faed2
6134c69a4499afd5f1c8aa273268c18604922248782917819d91e9cdfdf22995
61e9dfd37f26ea074697ea04a94b7ab89e6a8f369fcbc566819d4829487d63ee
6250e7e7c6d6d72adbe9ab8b688ac1250d83f0796a131e76afbedae83616775b
62b5e7ae9e2ed60dcd7cb2e0823dd0884575f2176aff629f2df1e912dfae20e1
65b04a24d55f9d8d3c632ad9420616ea4932bb3a3ebf20a6829adfbe66a7abd5
68d35695ba7205d3f898ff5deed87aa8e03c5fda7e69d27a4b55d21dec6352b9
69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5
69e58276a19e2d43470338491e1e7763a6b4a86ad7903eadb60118b6e86a3f41
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d1149945b7dc34659a57778ddef27ff34c57889fff8d865989baf38252ad1f2
715a4e5174940eb741273856be9cd6da8ffa530842d10b6713c4f54fa76cbb86
71cddfddb060a8f5e31dc12a421140d8c51f5bc2aaee694db88ec9f43d29b74d
72beb0dd878e65b76fcc6b1307c8dcd635b2407d93c746542ba145c3aae02a88
760144b690ee7570b72cf862a52ecf8678571ac6aecd431716c53a5e3f16d6dc
760a8b00e4f3370e3cfd72aa7c2bc34b67ad4ab2f3cabfaae940d280a5a76399
76512bbaf0cc095f7c67adbf9a349a81c9b33141ed643950fcdc5fc2ebcfe7cd
76cda8d31567864a9d065b134f3b6bb7a6566897e502c1a6d0fb4375f967ff25
791a3a7449870a956ba48d6bb19007c2eabb90cd7e55f6e93d97eca2b7e27919
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7971efe98b5f22df3b7e8ebaea3567d01626d0ea323e6c75f61db9ee92f767d5
79a48ca4e0e9b49e2cdf02fb8e1af695c0bcf48508d96aac0a9c0be160f99749
79b208a19742aa53a96b0902c3b88c3434687c4b2453842d82a50c7b4080417e
79b628a883191c8130a3382f904e50f5d4210b2abaac6227162e6b1e07f6c593
7befcf8b8028debcdbeeed86c17c52b284d3530a35e08ce6845fbcff0bec5f5c
7cf89686a83932b96590f942f131f107965fde7ad08b3c7fdbba6c9af641bc22
8088f1d161a58af558862367e42cb9d6451ffb8bd973396ebed69da04d6188a7
80ae1976faf61789462b630ab8e5f7f3ec62dda4929579788b7c54129bdf892b
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8460a62315008ce0bdf05518585bcb432c037c67fb53b28b8542c8670aaeddfc
8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39
88e071a02a5adf92b172da587c1d4469a2984108aa6d90ab042f2887859d053e
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b08a1ea47e0d95f87f369c64fae7bc49765ddcbd2836200757aefd5572b7e64
8ce0ab5a804abbab5e0e15fa77967b6561c556f37ec9dedd590b1100e9fc0a24
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8db22950b3f47f686f4bad6b6d21386f03a4b0b24320c6715436424e41dcda09
8e730ee16a0db99b8f0575bea2e3ef0471019b00e2037fb0d367fbfbb5833248
8ea6cd9c53fbf12ca23803fbc243e351166ca35f12d3d4a00dd978a6000bd673
8ff003adee31acb3f7990c0e589466bf05d4f7570bd747b2380163173b7d7f92
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c
92b1898dfaca91774710b1b658a19ed5db304cdf8f029cccfbfcac7b65b654bc
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
95adfbce20b8f852f86df6223fbd9f57cfa659ffdcae5f2ff95c524aaa2bc9cd
973fe12f5130be123a73261e3956030b8a1c380f8cd8234e319b51bda6892898
97c74d78f4f2ebb9045bd495787fcaa9ae9fd6d0d755b1a689a4e7874875e4e3
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
9e20eb6cc267880b06f424fbf419634df65e2507e5257747c8d3642e539f8282
9e54df99fb4bf0d574f14d9b099f37aaa02823b1767f09505877fbae29f86daf
9e73f2f89081c70fd95c04342942dc33140323644a575ccc8ceb290f1aaf885a
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a262609407cbb70bd44a89eda0853d7ba07d3f98880841fccd71c30238d2d255
a31c751b0ef7619b3dea3585bb13184d3721a05958288bdf4f6df63d57407fc1
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a83079124373d924ad1402fbc08d2e24d0043234d4c26565f1c368745f55f5d9
a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95
adfb421fb669d0bc6f5fda9035563b5b83c7e6d650a6c1e24282bd47c2b26fe8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b16916d8b6df8c1acec5fe749e18006d6ac052af249367015f97c2db11dca359
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b24914259251d062eddc8f6e9e4c01ca30fad06e709d049c8dfcf119636d9357
b5a4ee93e1379a85fe56c16769e11eb203372c1a230a5150c7ae4f4f542147f5
b892a4f1538b1d989eeb5cf2e84c9dbbf191c6b2e2fa0db012c68c6b52f7166b
ba8e38c6c85b0384447b0174b6e16c72c56acbd084c40db40abedf89036f080c
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
bf7f02da77004df544f9bca4a08409d1406f981cd7e96718f1cc4bf004fc6069
c5a90e8bf01ccadf59f8078428407bc084c98f22f0918f7d7c3483287083a775
c6420ab9ec6ebff1cd61333dade6ba9ac879d3617a59334148672dee6af12fec
cb2f89e554453cd1e53c403748945f0fc04314a5395c72160f06367d49cb9d26
cb7d2c1252cba35c68a89362b1cf9a6242bbfa93cbd87b403fb49f57feb08ab1
cdb63d55a5fe9574b557864313b4926d91691568773d39d44c537d2988930faa
ce91e2144ea27f82292ef2c87c5d9e1d0b9994df63836130293865aca18fc550
ced547787cfaa69b2cdc2082480a1b75be7afd19067879d38628cb0f97897831
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfcf3066f6f44ee446d0ecf54cc497c774b8c37d6827d7af4d0da77ee5ab31d1
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d47b0a558d4b3c185baeca529965752d946921f4a10cb7c442b9bbee6985c4a5
d63fa770adfd344ffffd30e315719e539d341a6f71d0d6ad6a5c312a85e95fed
d66c157e60a88623fc6bb87393d303096b3a2db235ad33c1cdb80ed71ee38c42
d9317eccc74c9de7348ee6a5b965f04a6e1c4ea60d8f9edb79a0c33997bbf346
da4a85b624e7a71b4aa3827935dae699f7e8769e172ce18dc1ec395967863fbd
dbc76e7c6de4311c68299d1dcffd74af09abfb906c28cd6ff3bc6558a2157b2c
e085396f14259508b9e8fd68f97b35ecd80ca1fa5759094c3f0c2fef43324493
e0d9d93e3f8e572c6a1d8dbb0a11e5ab04df9363747d42929bf3dd17babc81a1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3feb016374130f322d545f888f59bceb80667989dd11d9b5953f5cb1c04d1e0
e4447831baf6690d632168390edfd95679cb7b5a09aec2c54d47b0a2343e54aa
e5fe4bfdc13b08bcb1f102edd51d21e453bb7acdf9b913ca5ff91177ee8a2959
ed4df6238ca64b99aa06ef11cab960ba98cc5e85185836408c375dcde34380ff
edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2dcd9cd8327f9a74903074baf5a2af793df8d8a706c220e2ab4516e775596eb
f33ddcfd3fe82be25a6acdfef8849c6af4317c9fb8fd37507df70747cec2fe46
f3be6ad457ba5d4425f4d105688e9cf5a32595ff156bd290c8ccbe0e6ca3a68a
f3e24ac0b49f099ddbb00e219447f8d4aa4cd7021f38bd4c94c77747dc58ed2b
f465e6c5fafce95c55ae16e9323349b0e064e612a479cd34a3446229f695b694
f8957910f9a887e298f5c082685e139255d095ec819e8b8cc6469b0006ef204b
fbbc45aee6c23f17d07220ede528f0216aaf05b2b6238d47038ab3f9f0a6b374
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fe873ea96b8b3ad704c4d5cf4a6fc3422ba3664b58a993aa9ff33c05a61c3f91
feb49fae7fd245f703b2fbeb29c41f136a34ee8bccfa2cc7c8a5a6fbfa4439ce
ff0ea6ee4e4ee277f03a0df99cc1308500aaf0df8d9f3883ecb99f3d8944115e
ff82bb92f844829b285f937ba9b8cd3c168c702fe5190117593ed5cb05b78a24

www.wrtv.com Open in urlscan Pro 18.66.112.109 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

367 Requests

78 %HTTPS

28 %IPv6

85 Domains

137 Subdomains

92 IPs

9 Countries

6926 kBTransfer

11261 kBSize

67 Cookies

18 Outgoing links

Page URL History

Redirected requests

367 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.wrtv.com Open in urlscan Pro
18.66.112.109 Public Scan

Screenshot
Live screenshot

Full Image

367
Requests

78 %
HTTPS

28 %
IPv6

85
Domains

137
Subdomains

92
IPs

9
Countries

6926 kB
Transfer

11261 kB
Size

67
Cookies

367 HTTP transactions
3 data transactions