www.wxyz.com Open in urlscan Pro
18.66.112.109 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://wxyz.com/
Effective URL:
https://www.wxyz.com/
Submission: On February 11 via manual (February 11th 2022, 4:06:38 pm UTC) from US — Scanned from DE

Summary HTTP 238 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 85 IPs in 9 countries across 74 domains to perform 238 HTTP transactions. The main IP is 18.66.112.109, located in United States and belongs to AMAZON-02, US. The main domain is www.wxyz.com. The Cisco Umbrella rank of the primary domain is 132210.
TLS certificate: Issued by Amazon on February 5th 2021. Valid for: a year.

This is the only time www.wxyz.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	52.222.214.97 52.222.214.97	16509 (AMAZON-02) (AMAZON-02)
6	18.66.112.109 18.66.112.109	16509 (AMAZON-02) (AMAZON-02)
17	18.66.112.97 18.66.112.97	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:223... 2600:9000:223e:ac00:13:a391:88c0:21	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6810:9540	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a03:5f80:a::... 2a03:5f80:a::b212:e7d1	50952 (DATAIX-AS...) (DATAIX-AS Peering Ltd.)
3	2606:4700:303... 2606:4700:3037::6815:4e07	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	18.66.122.58 18.66.122.58	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
1	35.190.74.157 35.190.74.157	15169 (GOOGLE) (GOOGLE)
4	18.66.109.174 18.66.109.174	16509 (AMAZON-02) (AMAZON-02)
2	104.107.160.24 104.107.160.24	16625 (AKAMAI-AS) (AKAMAI-AS)
1 6	23.37.42.132 23.37.42.132	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	142.250.185.230 142.250.185.230	15169 (GOOGLE) (GOOGLE)
1	2a03:5f80:a::... 2a03:5f80:a::b212:e7c0	50952 (DATAIX-AS...) (DATAIX-AS Peering Ltd.)
7	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	18.66.100.58 18.66.100.58	16509 (AMAZON-02) (AMAZON-02)
2	13.32.121.95 13.32.121.95	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	35.227.203.93 35.227.203.93	15169 (GOOGLE) (GOOGLE)
1 3	2620:116:800d... 2620:116:800d:21:ee05:6a01:4b41:8c89	16509 (AMAZON-02) (AMAZON-02)
1 3	13.32.99.21 13.32.99.21	16509 (AMAZON-02) (AMAZON-02)
1	66.155.71.25 66.155.71.25	13768 (COGECO-PEER1) (COGECO-PEER1)
1	2600:9000:224... 2600:9000:2240:3c00:10:618e:d880:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:223... 2600:9000:223c:5000:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	34.96.74.203 34.96.74.203	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c03::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	54.144.144.142 54.144.144.142	14618 (AMAZON-AES) (AMAZON-AES)
5 9	185.33.220.241 185.33.220.241	29990 (ASN-APPNEX) (ASN-APPNEX)
2	34.149.20.76 34.149.20.76	15169 (GOOGLE) (GOOGLE)
2	18.156.195.47 18.156.195.47	16509 (AMAZON-02) (AMAZON-02)
2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
2	18.202.206.42 18.202.206.42	16509 (AMAZON-02) (AMAZON-02)
1	2a02:fa8:8806... 2a02:fa8:8806:20::2100	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 6	165.227.252.242 165.227.252.242	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2602:803:c003... 2602:803:c003:200::21	26667 (RUBICONPR...) (RUBICONPROJECT)
1	52.28.154.195 52.28.154.195	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
2	18.66.139.122 18.66.139.122	16509 (AMAZON-02) (AMAZON-02)
2	18.185.214.32 18.185.214.32	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:303... 2606:4700:3030::6815:251b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	78.159.97.6 78.159.97.6	28753 (LEASEWEB-...) (LEASEWEB-DE-FRA-10)
1	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
7 14	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
4 6	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
9	2a00:1450:400... 2a00:1450:4001:812::2006	15169 (GOOGLE) (GOOGLE)
1 2	66.155.71.150 66.155.71.150	13768 (COGECO-PEER1) (COGECO-PEER1)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1	34.96.105.8 34.96.105.8	15169 (GOOGLE) (GOOGLE)
1	54.156.164.26 54.156.164.26	14618 (AMAZON-AES) (AMAZON-AES)
2 3	37.157.4.40 37.157.4.40	198622 (ADFORM) (ADFORM)
2	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1 1	167.172.1.14 167.172.1.14	() ()
1	205.185.216.42 205.185.216.42	() ()
2 6	76.223.111.18 76.223.111.18	() ()
2	67.202.105.23 67.202.105.23	() ()
2	151.101.1.108 151.101.1.108	() ()
2	51.89.21.30 51.89.21.30	() ()
2	15.197.193.217 15.197.193.217	() ()
4	69.173.144.138 69.173.144.138	() ()
1 1	185.29.134.244 185.29.134.244	() ()
3 3	69.173.144.165 69.173.144.165	() ()
1	2a00:1288:80:... 2a00:1288:80:800::7000	() ()
2 3	2a05:d018:d29... 2a05:d018:d29:3601:b73:5e1d:a8b6:5551	() ()
2 2	151.101.194.49 151.101.194.49	() ()
1	35.244.174.68 35.244.174.68	() ()
1 1	34.102.163.6 34.102.163.6	() ()
1	2620:1ec:21::14 2620:1ec:21::14	() ()
1	2620:1ec:c11:... 2620:1ec:c11::200	() ()
1 2	52.46.154.242 52.46.154.242	() ()
1	18.194.224.200 18.194.224.200	() ()
1 1	64.74.236.127 64.74.236.127	() ()
2	2.18.233.180 2.18.233.180	() ()
1	35.227.252.103 35.227.252.103	() ()
2 2	18.196.139.111 18.196.139.111	() ()
1 1	3.126.56.137 3.126.56.137	() ()
1	72.251.249.9 72.251.249.9	() ()
1	104.18.99.194 104.18.99.194	() ()
1	198.47.127.19 198.47.127.19	() ()
1	178.250.2.151 178.250.2.151	() ()
1	162.55.120.196 162.55.120.196	() ()
1	195.5.165.20 195.5.165.20	() ()
1	2606:4700:20:... 2606:4700:20::ac43:4a81	() ()
1 1	188.165.137.78 188.165.137.78	() ()
6	185.64.189.110 185.64.189.110	() ()
1	169.50.137.184 169.50.137.184	() ()
238	85

2 52.222.214.97 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-97.fra56.r.cloudfront.net

wxyz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.66.112.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-109.fra56.r.cloudfront.net

www.wxyz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 18.66.112.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-97.fra56.r.cloudfront.net

ewscripps.brightspotcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:223e:ac00:13:a391:88c0:21 (United States)

ASN16509 (AMAZON-02, US)

d3plfjw9uod7ab.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:5f80:a::b212:e7d1 (Russian Federation)

ASN50952 (DATAIX-AS Peering Ltd., RU)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3037::6815:4e07 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.122.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-58.fra60.r.cloudfront.net

assets.scrippsdigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.74.157 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 157.74.190.35.bc.googleusercontent.com

encouragingvase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.66.109.174 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-109-174.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.107.160.24 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-107-160-24.deploy.static.akamaitechnologies.com

hbx.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hblg.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.37.42.132 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com

ads.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.230 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f6.1e100.net

4394967.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:5f80:a::b212:e7c0 (Russian Federation)

ASN50952 (DATAIX-AS Peering Ltd., RU)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.100.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-100-58.fra56.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.121.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-95.fra60.r.cloudfront.net

api.ewscloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.203.93 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 93.203.227.35.bc.googleusercontent.com

pymx5.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:ee05:6a01:4b41:8c89 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.99.21 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-21.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)

pixel.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2240:3c00:10:618e:d880:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.ewscloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:5000:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.74.203 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 203.74.96.34.bc.googleusercontent.com

api.pymx5.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c03::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.144.144.142 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-144-144-142.compute-1.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 185.33.220.241 (Amsterdam, Netherlands) 5 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com

ssc.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.195.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

ewscripps-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.202.206.42 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-206-42.eu-west-1.compute.amazonaws.com

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:20::2100 (Singapore)

ASN41041 (VCLK-EU-SE, US)

web.hb.ad.cpe.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 165.227.252.242 (North Bergen, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

e.serverbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c003:200::21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.28.154.195 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-154-195.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

33c1d505435fa271922dd80f669878db.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.139.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-122.fra60.r.cloudfront.net

videoads.ewscloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.185.214.32 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-214-32.eu-central-1.compute.amazonaws.com

prebid-a.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3030::6815:251b (United States)

ASN13335 (CLOUDFLARENET, US)

analyticssystems.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 78.159.97.6 (Germany)

ASN28753 (LEASEWEB-DE-FRA-10, DE)
PTR: hosted-by.leaseweb.com

servedbyadbutler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.186.98 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2.18.234.21 (Frankfurt am Main, Germany) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.155.71.150 (Portsmouth, United Kingdom) 1 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.156.164.26 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-164-26.compute-1.amazonaws.com

sync.adaptv.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.4.40 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.172.1.14 (None, ) 1 redirects

ASN- ()

sync.serverbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.216.42 (None, )

ASN- ()

serverbid-sync.nyc3.cdn.digitaloceanspaces.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 76.223.111.18 (None, ) 2 redirects

ASN- ()

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.202.105.23 (None, )

ASN- ()

ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.1.108 (None, )

ASN- ()

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.21.30 (None, )

ASN- ()

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (None, )

ASN- ()

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.138 (None, )

ASN- ()

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.244 (None, ) 1 redirects

ASN- ()

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.165 (None, ) 3 redirects

ASN- ()

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:800::7000 (None, )

ASN- ()

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a05:d018:d29:3601:b73:5e1d:a8b6:5551 (None, ) 2 redirects

ASN- ()

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.194.49 (None, ) 2 redirects

ASN- ()

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (None, )

ASN- ()

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.163.6 (None, ) 1 redirects

ASN- ()

ad.mrtnsvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (None, )

ASN- ()

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (None, )

ASN- ()

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.154.242 (None, ) 1 redirects

ASN- ()

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.194.224.200 (None, )

ASN- ()

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.74.236.127 (None, ) 1 redirects

ASN- ()

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.233.180 (None, )

ASN- ()

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (None, )

ASN- ()

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.196.139.111 (None, ) 2 redirects

ASN- ()

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.126.56.137 (None, ) 1 redirects

ASN- ()

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.249.9 (None, )

ASN- ()

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.99.194 (None, )

ASN- ()

p.adsymptotic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.19 (None, )

ASN- ()

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.151 (None, )

ASN- ()

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.55.120.196 (None, )

ASN- ()

matching.truffle.bid	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.5.165.20 (None, )

ASN- ()

core.iprom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4a81 (None, )

ASN- ()

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.165.137.78 (None, ) 1 redirects

ASN- ()

green.erne.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.64.189.110 (None, )

ASN- ()

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.50.137.184 (None, )

ASN- ()

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	doubleclick.net 8 redirects 4394967.fls.doubleclick.net — Cisco Umbrella Rank: 44217 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159 stats.g.doubleclick.net — Cisco Umbrella Rank: 67 googleads.g.doubleclick.net — Cisco Umbrella Rank: 37 cm.g.doubleclick.net — Cisco Umbrella Rank: 175 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 276	201 KB
19	googlesyndication.com 33c1d505435fa271922dd80f669878db.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 92 tpc.googlesyndication.com — Cisco Umbrella Rank: 120	99 KB
17	brightspotcdn.com ewscripps.brightspotcdn.com — Cisco Umbrella Rank: 24541	5 MB
16	rubiconproject.com 4 redirects ads.rubiconproject.com — Cisco Umbrella Rank: 2508 fastlane.rubiconproject.com — Cisco Umbrella Rank: 436 prebid-a.rubiconproject.com — Cisco Umbrella Rank: 3614 eus.rubiconproject.com pixel.rubiconproject.com token.rubiconproject.com secure-assets.rubiconproject.com pixel-us-east.rubiconproject.com Failed	137 KB
11	adnxs.com 5 redirects ib.adnxs.com — Cisco Umbrella Rank: 210 acdn.adnxs.com secure.adnxs.com	26 KB
9	pubmatic.com ads.pubmatic.com image6.pubmatic.com simage2.pubmatic.com Failed image2.pubmatic.com Failed image4.pubmatic.com Failed	27 KB
9	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 246	964 KB
8	wxyz.com 2 redirects wxyz.com — Cisco Umbrella Rank: 130436 www.wxyz.com — Cisco Umbrella Rank: 132210	422 KB
7	3lift.com 2 redirects tlx.3lift.com — Cisco Umbrella Rank: 532 eb2.3lift.com	3 KB
7	serverbid.com 2 redirects e.serverbid.com — Cisco Umbrella Rank: 2568 sync.serverbid.com	1 KB
7	yahoo.com 3 redirects c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 654 ads.yahoo.com pr-bh.ybp.yahoo.com ups.analytics.yahoo.com	4 KB
6	casalemedia.com 4 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 488 ssum-sec.casalemedia.com	5 KB
6	amazon-adsystem.com 1 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 263 s.amazon-adsystem.com	41 KB
5	ewscloud.com api.ewscloud.com — Cisco Umbrella Rank: 32618 static.ewscloud.com — Cisco Umbrella Rank: 43815 videoads.ewscloud.com — Cisco Umbrella Rank: 161265	301 KB
5	typekit.net use.typekit.net — Cisco Umbrella Rank: 399 p.typekit.net — Cisco Umbrella Rank: 510	52 KB
4	servedbyadbutler.com servedbyadbutler.com — Cisco Umbrella Rank: 12358	43 KB
4	33across.com ssc.33across.com — Cisco Umbrella Rank: 1312 ssc-cms.33across.com	476 B
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	21 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 126	197 KB
4	google.com adservice.google.com — Cisco Umbrella Rank: 59 analytics.google.com — Cisco Umbrella Rank: 861 www.google.com — Cisco Umbrella Rank: 2	2 KB
3	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 529	2 KB
3	advertising.com 2 redirects sync.adaptv.advertising.com — Cisco Umbrella Rank: 13788 pixel.advertising.com	641 B
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 146	114 KB
3	openx.net ewscripps-d.openx.net — Cisco Umbrella Rank: 34550 u.openx.net rtb.openx.net	820 B
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	640 B
3	sitescout.com 1 redirects pixel.sitescout.com — Cisco Umbrella Rank: 2837 pixel-sync.sitescout.com — Cisco Umbrella Rank: 542	718 B
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 129	2 KB
3	quantserve.com 1 redirects secure.quantserve.com — Cisco Umbrella Rank: 829 pixel.quantserve.com — Cisco Umbrella Rank: 374	11 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 9027 www.google.de — Cisco Umbrella Rank: 6342	1 KB
3	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 800	132 KB
3	cloudfront.net d3plfjw9uod7ab.cloudfront.net	78 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net	630 B
2	adsrvr.org match.adsrvr.org	529 B
2	id5-sync.com id5-sync.com	2 KB
2	analyticssystems.net analyticssystems.net — Cisco Umbrella Rank: 9722	900 B
2	gumgum.com g2.gumgum.com — Cisco Umbrella Rank: 1367	2 KB
2	pymx5.com pymx5.com — Cisco Umbrella Rank: 26941 api.pymx5.com — Cisco Umbrella Rank: 28488	10 KB
2	parsely.com cdn.parsely.com — Cisco Umbrella Rank: 2498 p1.parsely.com — Cisco Umbrella Rank: 1996	24 KB
2	media.net hbx.media.net — Cisco Umbrella Rank: 1292 hblg.media.net — Cisco Umbrella Rank: 1389	100 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	111 KB
2	scrippsdigital.com assets.scrippsdigital.com — Cisco Umbrella Rank: 32427	106 KB
2	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 443	8 KB
1	simpli.fi um.simpli.fi	612 B
1	erne.co 1 redirects green.erne.co	327 B
1	ad4m.at ad4m.at	877 B
1	iprom.net core.iprom.net	281 B
1	truffle.bid matching.truffle.bid
1	criteo.com dis.criteo.com	362 B
1	adsymptotic.com p.adsymptotic.com
1	lijit.com ap.lijit.com	277 B
1	zemanta.com 1 redirects b1sync.zemanta.com	301 B
1	bidswitch.net x.bidswitch.net	220 B
1	bing.com c.bing.com	592 B
1	linkedin.com px.ads.linkedin.com	703 B
1	mrtnsvr.com 1 redirects ad.mrtnsvr.com	250 B
1	rlcdn.com id.rlcdn.com
1	mathtag.com 1 redirects sync.mathtag.com	656 B
1	digitaloceanspaces.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com	5 KB
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 2590	173 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 36433	511 B
1	dotomi.com web.hb.ad.cpe.dotomi.com — Cisco Umbrella Rank: 1974 pubmatic-match.dotomi.com Failed	484 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 770	1 KB
1	encouragingvase.com encouragingvase.com — Cisco Umbrella Rank: 35962
0	playground.xyz Failed ads.playground.xyz Failed
0	bidtheatre.com Failed match.adsby.bidtheatre.com Failed
0	mookie1.com Failed odr.mookie1.com Failed
0	crwdcntrl.net Failed sync.crwdcntrl.net Failed
0	adgrx.com Failed cm.adgrx.com Failed
0	1rx.io Failed sync.1rx.io Failed
0	tribalfusion.com Failed a.tribalfusion.com Failed
0	bidr.io Failed match.prod.bidr.io Failed
0	stackadapt.com Failed sync.srv.stackadapt.com Failed
0	sonobi.com Failed sync.go.sonobi.com Failed
0	netmng.com Failed google2waycm.netmng.com Failed
238	74

	Domain	Requested by
17	ewscripps.brightspotcdn.com	www.wxyz.com
14	cm.g.doubleclick.net	7 redirects googleads.g.doubleclick.net 33c1d505435fa271922dd80f669878db.safeframe.googlesyndication.com eb2.3lift.com
11	pagead2.googlesyndication.com	securepubads.g.doubleclick.net 33c1d505435fa271922dd80f669878db.safeframe.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
9	s0.2mdn.net	www.wxyz.com 33c1d505435fa271922dd80f669878db.safeframe.googlesyndication.com s0.2mdn.net
8	ib.adnxs.com	5 redirects ads.rubiconproject.com googleads.g.doubleclick.net acdn.adnxs.com
7	securepubads.g.doubleclick.net	www.wxyz.com securepubads.g.doubleclick.net www.googletagservices.com
6	image2.pubmatic.com	ads.pubmatic.com
6	eb2.3lift.com	2 redirects ads.rubiconproject.com eb2.3lift.com
6	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 33c1d505435fa271922dd80f669878db.safeframe.googlesyndication.com
6	e.serverbid.com	1 redirects ads.rubiconproject.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com ads.pubmatic.com
6	www.wxyz.com	www.wxyz.com ewscripps.brightspotcdn.com
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
4	pixel.rubiconproject.com
4	eus.rubiconproject.com	ads.rubiconproject.com eus.rubiconproject.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com
4	servedbyadbutler.com	www.wxyz.com servedbyadbutler.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.wxyz.com
4	connect.facebook.net	www.wxyz.com connect.facebook.net
4	c.amazon-adsystem.com	www.wxyz.com c.amazon-adsystem.com
4	use.typekit.net	www.wxyz.com use.typekit.net
3	pr-bh.ybp.yahoo.com	2 redirects ads.pubmatic.com
3	token.rubiconproject.com	3 redirects
3	c1.adform.net	2 redirects ads.pubmatic.com
3	www.googletagservices.com	securepubads.g.doubleclick.net 33c1d505435fa271922dd80f669878db.safeframe.googlesyndication.com
3	www.facebook.com	www.wxyz.com
3	sb.scorecardresearch.com	1 redirects www.wxyz.com
3	use.fontawesome.com	www.wxyz.com use.fontawesome.com
3	d3plfjw9uod7ab.cloudfront.net	www.wxyz.com securepubads.g.doubleclick.net 33c1d505435fa271922dd80f669878db.safeframe.googlesyndication.com
2	pixel.advertising.com	2 redirects
2	ads.pubmatic.com	serverbid-sync.nyc3.cdn.digitaloceanspaces.com ads.pubmatic.com
2	s.amazon-adsystem.com	1 redirects eb2.3lift.com
2	sync-tm.everesttech.net	2 redirects
2	match.adsrvr.org	eb2.3lift.com
2	id5-sync.com
2	acdn.adnxs.com	ads.rubiconproject.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com
2	ssc-cms.33across.com	ads.rubiconproject.com
2	googleads4.g.doubleclick.net	www.wxyz.com
2	pixel-sync.sitescout.com	1 redirects 33c1d505435fa271922dd80f669878db.safeframe.googlesyndication.com
2	googleads.g.doubleclick.net	33c1d505435fa271922dd80f669878db.safeframe.googlesyndication.com
2	analyticssystems.net	www.wxyz.com 33c1d505435fa271922dd80f669878db.safeframe.googlesyndication.com
2	prebid-a.rubiconproject.com	ads.rubiconproject.com
2	videoads.ewscloud.com	securepubads.g.doubleclick.net
2	33c1d505435fa271922dd80f669878db.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	pixel.quantserve.com	1 redirects www.wxyz.com
2	g2.gumgum.com	ads.rubiconproject.com
2	c2shb.ssp.yahoo.com	ads.rubiconproject.com
2	ssc.33across.com	ads.rubiconproject.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	api.ewscloud.com	ewscripps.brightspotcdn.com
2	adservice.google.de	adservice.google.com securepubads.g.doubleclick.net
2	adservice.google.com	4394967.fls.doubleclick.net securepubads.g.doubleclick.net
2	4394967.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.googletagmanager.com	www.wxyz.com www.googletagmanager.com
2	assets.scrippsdigital.com	www.wxyz.com
2	cdn.cookielaw.org	www.wxyz.com cdn.cookielaw.org
2	wxyz.com	2 redirects
1	um.simpli.fi	ads.pubmatic.com
1	green.erne.co	1 redirects
1	ad4m.at	ads.pubmatic.com
1	core.iprom.net	ads.pubmatic.com
1	matching.truffle.bid	ads.pubmatic.com
1	dis.criteo.com	ads.pubmatic.com
1	image6.pubmatic.com	ads.pubmatic.com
1	secure.adnxs.com	acdn.adnxs.com
1	p.adsymptotic.com	serverbid-sync.nyc3.cdn.digitaloceanspaces.com
1	ap.lijit.com	serverbid-sync.nyc3.cdn.digitaloceanspaces.com
1	ssum-sec.casalemedia.com	1 redirects
1	ups.analytics.yahoo.com	1 redirects
1	rtb.openx.net	serverbid-sync.nyc3.cdn.digitaloceanspaces.com
1	secure-assets.rubiconproject.com	1 redirects
1	b1sync.zemanta.com	1 redirects
1	x.bidswitch.net	eb2.3lift.com
1	c.bing.com	eb2.3lift.com
1	px.ads.linkedin.com	eb2.3lift.com
1	ad.mrtnsvr.com	1 redirects
1	id.rlcdn.com
1	ads.yahoo.com
1	sync.mathtag.com	1 redirects
1	u.openx.net	ads.rubiconproject.com
1	serverbid-sync.nyc3.cdn.digitaloceanspaces.com	ads.rubiconproject.com
1	sync.serverbid.com	1 redirects
1	sync.adaptv.advertising.com	33c1d505435fa271922dd80f669878db.safeframe.googlesyndication.com
1	tr.blismedia.com	33c1d505435fa271922dd80f669878db.safeframe.googlesyndication.com
1	gcm.ctnsnet.com	1 redirects
1	www.google.com	tpc.googlesyndication.com
1	tlx.3lift.com	ads.rubiconproject.com
1	fastlane.rubiconproject.com	ads.rubiconproject.com
1	web.hb.ad.cpe.dotomi.com	ads.rubiconproject.com
1	ewscripps-d.openx.net	ads.rubiconproject.com
1	p1.parsely.com	www.wxyz.com
1	www.google.de	www.wxyz.com
1	analytics.google.com	www.googletagmanager.com
1	api.pymx5.com	pymx5.com
1	rules.quantcount.com	secure.quantserve.com
1	static.ewscloud.com	www.wxyz.com
1	hblg.media.net	www.wxyz.com
1	pixel.sitescout.com	www.wxyz.com
1	secure.quantserve.com	www.wxyz.com
1	pymx5.com	www.googletagmanager.com
1	cdn.parsely.com	www.wxyz.com
1	p.typekit.net	use.typekit.net
1	ads.rubiconproject.com	www.wxyz.com
1	hbx.media.net	www.wxyz.com
1	encouragingvase.com	www.wxyz.com
0	ads.playground.xyz Failed	ads.pubmatic.com
0	match.adsby.bidtheatre.com Failed	ads.pubmatic.com
0	pubmatic-match.dotomi.com Failed	ads.pubmatic.com
0	odr.mookie1.com Failed	ads.pubmatic.com
0	sync.crwdcntrl.net Failed	ads.pubmatic.com
0	image4.pubmatic.com Failed	ads.pubmatic.com
0	cm.adgrx.com Failed	ads.pubmatic.com
0	sync.1rx.io Failed	ads.pubmatic.com
0	a.tribalfusion.com Failed	ads.pubmatic.com
0	match.prod.bidr.io Failed	ads.pubmatic.com
0	sync.srv.stackadapt.com Failed	ads.pubmatic.com
0	simage2.pubmatic.com Failed	ads.pubmatic.com
0	pixel-us-east.rubiconproject.com Failed	eus.rubiconproject.com
0	sync.go.sonobi.com Failed	serverbid-sync.nyc3.cdn.digitaloceanspaces.com
0	google2waycm.netmng.com Failed	33c1d505435fa271922dd80f669878db.safeframe.googlesyndication.com
238	118

This site contains links to these domains. Also see Links.

Domain
chevydetroit.com
reviews.wxyz.com
www.scripps.com
www.laff.com
scripps.wd5.myworkdayjobs.com
www.dontwasteyourmoney.com
support.wxyz.com
assets.scrippsdigital.com
scripps.com
publicfiles.fcc.gov
www.facebook.com
www.instagram.com
twitter.com

Subject Issuer	Validity	Valid
*.scrippsnationalnews.com Amazon	`2021-02-05` - `2022-03-06`	a year	crt.sh
ewscripps.brightspotcdn.com Amazon	`2021-05-30` - `2022-06-28`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2021-06-01` - `2022-05-31`	a year	crt.sh
use.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2021-08-16` - `2022-08-16`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-07` - `2022-07-06`	a year	crt.sh
*.scrippsdigital.com Amazon	`2021-08-08` - `2022-09-06`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
encouragingvase.com R3	`2022-01-01` - `2022-04-01`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2021-04-12` - `2022-04-20`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-01` - `2022-04-04`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-11-20` - `2022-02-18`	3 months	crt.sh
*.parsely.com Amazon	`2021-07-05` - `2022-08-03`	a year	crt.sh
*.ewscloud.com DigiCert TLS RSA SHA256 2020 CA1	`2021-08-19` - `2022-09-19`	a year	crt.sh
*.pymx5.com Go Daddy Secure Certificate Authority - G2	`2021-09-12` - `2022-09-10`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
*.sitescout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-15` - `2023-01-15`	a year	crt.sh
www.google.de GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
ssc.33across.com GTS CA 1D4	`2022-01-23` - `2022-04-23`	3 months	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-14` - `2022-04-06`	6 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.gumgum.com Amazon	`2021-06-05` - `2022-07-04`	a year	crt.sh
ad.cpe.dotomi.com GlobalSign RSA OV SSL CA 2018	`2021-07-13` - `2022-06-25`	a year	crt.sh
e.serverbid.com R3	`2022-01-17` - `2022-04-17`	3 months	crt.sh
*.3lift.com Amazon	`2021-06-12` - `2022-07-11`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.analyticssystems.net E1	`2022-02-05` - `2022-05-06`	3 months	crt.sh
servedbyadbutler.com Sectigo RSA Domain Validation Secure Server CA	`2022-01-28` - `2023-01-11`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
tr.blismedia.com GTS CA 1D4	`2021-12-23` - `2022-03-23`	3 months	crt.sh
*.v.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-19` - `2022-04-13`	6 months	crt.sh
*.nyc3.cdn.digitaloceanspaces.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-30`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-23` - `2022-09-30`	a year	crt.sh
cdn.adnxs.com GlobalSign Organization Validated CA - SHA256 - G4	`2021-05-10` - `2022-06-11`	a year	crt.sh
*.id5-sync.com R3	`2021-12-20` - `2022-03-20`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2021-12-06` - `2022-06-06`	6 months	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2021-12-22` - `2022-06-22`	6 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-03`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2021-03-11` - `2022-04-12`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-04` - `2022-05-03`	3 months	crt.sh
truffle.bid R3	`2022-01-17` - `2022-04-17`	3 months	crt.sh
*.iprom.net R3	`2021-12-29` - `2022-03-29`	3 months	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2021-10-27` - `2022-11-27`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-01-18` - `2022-07-13`	6 months	crt.sh

This page contains 42 frames:

Primary Page: https://www.wxyz.com/
Frame ID: 81E601F1489F14B3520D20557D933991
Requests: 97 HTTP requests in this frame

Frame: https://4394967.fls.doubleclick.net/activityi;dc_pre=CO2R2_-D-PUCFRj-GwodftcKMQ;src=4394967;type=wxyz;cat=pc_tt0;ord=4315754994325;gtm=2wg290;auiddc=1122585686.1644595590;u1=WXYZ%20Homepage;u2=WXYZ%20Channel%207%3A%20Detroit%20news%2C%20weather%2C%20traffic%20and%20more;~oref=https%3A%2F%2Fwww.wxyz.com%2F
Frame ID: 975BE72223C36F26BDE7E0DFDDE90559
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CO2R2_-D-PUCFRj-GwodftcKMQ;src=4394967;type=wxyz;cat=pc_tt0;ord=4315754994325;gtm=2wg290;auiddc=1122585686.1644595590;u1=WXYZ%20Homepage;u2=WXYZ%20Channel%207%3A%20Detroit%20news%2C%20weather%2C%20traffic%20and%20more;~oref=https%3A%2F%2Fwww.wxyz.com%2F
Frame ID: 98F87599054AE7D571E4F6A4801016D9
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CO2R2_-D-PUCFRj-GwodftcKMQ;src=4394967;type=wxyz;cat=pc_tt0;ord=4315754994325;gtm=2wg290;auiddc=1122585686.1644595590;u1=WXYZ%20Homepage;u2=WXYZ%20Channel%207%3A%20Detroit%20news%2C%20weather%2C%20traffic%20and%20more;~oref=https%3A%2F%2Fwww.wxyz.com%2F
Frame ID: D0457D72585D5A4E1383033C5D52C760
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 27FC35273D10C3230AF882086D2B78E2
Requests: 1 HTTP requests in this frame

Frame: https://33c1d505435fa271922dd80f669878db.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A60A4580506BD55C3E707D871D615029
Requests: 1 HTTP requests in this frame

Frame: https://33c1d505435fa271922dd80f669878db.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: CD494CE38DD6C8C46D62D043DE884C91
Requests: 17 HTTP requests in this frame

Frame: https://videoads.ewscloud.com/agency/retention/wallpaper/js/scripps_wallpaper_driver_v3.js
Frame ID: 2A43B4664676A8A6677054A9B386077A
Requests: 4 HTTP requests in this frame

Frame: https://d3plfjw9uod7ab.cloudfront.net/ad/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Frame ID: 5E2AB96B74ED9FBC94911D9DAEC9F970
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 681267BE8517D09D23F19E1DBB079F3A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5CB0FCEDFE6CCEABC9A6C81D283E02F9
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ4KTvAhjZv9K7ATAB&v=APEucNV7ZUE8naOlWLNpN7tbYIYlW_DhH3GRXEvTTU5h9Lsi2ksYH4c7SHDdwJakA1prKviFwRGoUBkTr6gdfVwwdyQJaiPwDg1plr9yXKBZzsdEBSqndS8ohVsNm0O99Ik_lmr2tcMD56a7o_baJ_C2dzfURd5vd6H_tpaqZJHhe02an1AsPJY
Frame ID: E4ACA734FE92C5684279C8F4BE8B56F8
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 062301D7B510E33673F4B94C5968A053
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 7630602A309329CF987F88638C334982
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/3630430972408758272/index.html
Frame ID: 4284CC3E1BE8F45F536FAEEBB57777D7
Requests: 7 HTTP requests in this frame

Frame: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Frame ID: 26F338F1EC6A6C004440C061E74743FA
Requests: 8 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 59623220BA78F2A7529F347175129CD9
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: CFF4839520EECFBE0E0FEF3BF5C2E040
Requests: 11 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=d9YbK4Bymr67OuaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 5254A15FE2B8EB2B8FC38358F8281166
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 2851F003B18D526705FE77131F38B8DD
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 5D16E04A62B66AE9CABD2B7B9F240B75
Requests: 2 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=d6EtcQBymr67OuaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 7F5AB7029970E709F7F3E861F0EEEC53
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Frame ID: 43D1244A2068EBB560C578618E357365
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Frame ID: 3B9BABDA75194FA16116B25C2E5924A6
Requests: 20 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 53F8BB4D3E22904C6558F39A049BDA1F
Requests: 2 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=785289FF-4DC7-4F0D-A2D4-3D0A4682189A
Frame ID: 818B527B651F4E7FDFF7523DD64307C2
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:951e6206-898d-4700-bdbf-c847d066ea98&gdpr=0&gdpr_consent=
Frame ID: 4B351E48B7E91FBC42F576FD9690B6C6
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2183734418379314449
Frame ID: 03ED6EF89CBAC1CD036B4AD05BAAA239
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 97E00CD320F7DE695ECCE5505215509D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7063484308557199505
Frame ID: 79FB68373B363E6C92FD2479BD218C7C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YgaJjQAFZEFxewAy&gdpr=0&gdpr_consent=
Frame ID: FCFE92FEA38663FE67BEAAA42639016B
Requests: 1 HTTP requests in this frame

Frame: https://sync.srv.stackadapt.com/sync?nid=11
Frame ID: 1560A58E10036B8C66FE253A9BCF785D
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
Frame ID: 3858118A72CD0B6683E62A26328E910A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Frame ID: 6097C1D630C5523ACC7B3FC2F92AEEE8
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 1CC2878319FEFF2D6741D9BBC5207B8A
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 6A5F279E19D7A46750FE8ACBE3519C88
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync
Frame ID: 81C3DC21C529D5A9062FFC90BDAE5B76
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: 5404F654D035F6CAE52A1E8249D29F64
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=rBbFHYbiC4U6mQ5hhwV4YTjG
Frame ID: 0D528D96A830A8E8B4C2B6A4BD055692
Requests: 1 HTTP requests in this frame

Frame: https://sync.1rx.io/usersync/tradedesk/f4d6283b-b80b-419b-97e5-a7becc9fb8c5
Frame ID: 57054D8AB3FA4ED2D5F31A3D5395ABAE
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 25E16E9B6F3475B11137CF6008A32819
Requests: 1 HTTP requests in this frame

Frame: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=4&userId=785289FF-4DC7-4F0D-A2D4-3D0A4682189A
Frame ID: 99B444F3F15485D56510F65559991FCC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

WXYZ Channel 7: Detroit news, weather, traffic and more

Page URL History Show full URLs

http://wxyz.com/ HTTP 301
https://wxyz.com/ HTTP 301
https://www.wxyz.com/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

238
Requests

77 %
HTTPS

33 %
IPv6

74
Domains

118
Subdomains

85
IPs

9
Countries

8252 kB
Transfer

12101 kB
Size

35
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://chevydetroit.com/in-the-d?utm_source=WXYZ&utm_medium=Nav-ITD&utm_campaign=WXYZ-WS-Story
Title: In the D

Search URL Search Domain Scan URL

URL: https://reviews.wxyz.com/
Title: Buying Guide

Search URL Search Domain Scan URL

URL: http://www.scripps.com/careers/find-a-job
Title: Station Jobs

Search URL Search Domain Scan URL

URL: https://www.laff.com/
Title: Laff - Channel 7.3

Search URL Search Domain Scan URL

URL: https://scripps.wd5.myworkdayjobs.com/Scripps_Careers
Title: Careers Search

Search URL Search Domain Scan URL

URL: https://www.dontwasteyourmoney.com/
Title: Don't Waste Your Money

Search URL Search Domain Scan URL

URL: http://support.wxyz.com/support/home
Title: Support

Search URL Search Domain Scan URL

URL: https://assets.scrippsdigital.com/docs/journalism-ethics-guidelines.pdf
Title: Journalism Ethics Guidelines

Search URL Search Domain Scan URL

URL: https://scripps.com/careers/find-a-job/
Title: Careers

Search URL Search Domain Scan URL

URL: https://publicfiles.fcc.gov/tv-profile/WXYZ-TV
Title: FCC Public File

Search URL Search Domain Scan URL

URL: https://www.facebook.com/wxyzdetroit
Title: wxyzdetroit

Search URL Search Domain Scan URL

URL: https://www.instagram.com/wxyzdetroit/
Title: wxyzdetroit

Search URL Search Domain Scan URL

URL: https://twitter.com/wxyzdetroit
Title: wxyzdetroit

Search URL Search Domain Scan URL

URL: https://scripps.com/our-brands/local-media/
Title: Scripps Local Media

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://wxyz.com/ HTTP 301
https://wxyz.com/ HTTP 301
https://www.wxyz.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16

https://4394967.fls.doubleclick.net/activityi;src=4394967;type=wxyz;cat=pc_tt0;ord=4315754994325;gtm=2wg290;auiddc=1122585686.1644595590;u1=WXYZ%20Homepage;u2=WXYZ%20Channel%207%3A%20Detroit%20news%2C%20weather%2C%20traffic%20and%20more;~oref=https%3A%2F%2Fwww.wxyz.com%2F HTTP 302
https://4394967.fls.doubleclick.net/activityi;dc_pre=CO2R2_-D-PUCFRj-GwodftcKMQ;src=4394967;type=wxyz;cat=pc_tt0;ord=4315754994325;gtm=2wg290;auiddc=1122585686.1644595590;u1=WXYZ%20Homepage;u2=WXYZ%20Channel%207%3A%20Detroit%20news%2C%20weather%2C%20traffic%20and%20more;~oref=https%3A%2F%2Fwww.wxyz.com%2F

Request Chain 63

https://sb.scorecardresearch.com/b?c1=2&c2=6036471&ns__t=1644595591193&ns_c=UTF-8&cv=3.5&c8=WXYZ%20Channel%207%3A%20Detroit%20news%2C%20weather%2C%20traffic%20and%20more&c7=https%3A%2F%2Fwww.wxyz.com%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=6036471&ns__t=1644595591193&ns_c=UTF-8&cv=3.5&c8=WXYZ%20Channel%207%3A%20Detroit%20news%2C%20weather%2C%20traffic%20and%20more&c7=https%3A%2F%2Fwww.wxyz.com%2F&c9=

Request Chain 127

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIFkwz8NDYrAcreyjBlvUTQ&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIFkwz8NDYrAcreyjBlvUTQ&google_cver=1&C=1

Request Chain 128

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YgaJichptJx6.-zV-ky1pgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIFkwz8NDYrAcreyjBlvUTQ&google_cver=1&google_hm=2

Request Chain 129

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEMu8TmKn0gK3qFJThzwhL6E&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEMu8TmKn0gK3qFJThzwhL6E%26google_cver%3D1

Request Chain 130

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzExMTQzOTc5NDg0MDU5NjU4NQ%3D%3D

Request Chain 144

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEBV0Fb60t0V_JXb8gqsqvpU&google_cver=1&google_push=AYg5qPLVWTmFzo8-NAgsixyzNK9wKrIl1iAwEGBlkCkFzsRahUgEVi0q5Os5Bmu7nMeNHFDtT_zoig8HY_Og9D7FOBbWRAH1jms HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPLVWTmFzo8-NAgsixyzNK9wKrIl1iAwEGBlkCkFzsRahUgEVi0q5Os5Bmu7nMeNHFDtT_zoig8HY_Og9D7FOBbWRAH1jms&google_hm=n5LTamLhTZ-xjLTcVqKQtwU

Request Chain 148

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOPCmcweOa7Aadncryh9y04&google_cver=1&google_push=AYg5qPLZ14W7_L6BDBSZuRlJmLv7qlCAmSMqZHsn1IF4-DK6sNIchAXK3nBDsP3WXLJXlZX4l9sU-bwkcbywfQL1K_jf_vQZfco HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEOPCmcweOa7Aadncryh9y04&google_cver=1&google_push=AYg5qPLZ14W7_L6BDBSZuRlJmLv7qlCAmSMqZHsn1IF4-DK6sNIchAXK3nBDsP3WXLJXlZX4l9sU-bwkcbywfQL1K_jf_vQZfco HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTE0NDc0MTQ4MTA1OTUzNTMzOQ&google_push=AYg5qPLZ14W7_L6BDBSZuRlJmLv7qlCAmSMqZHsn1IF4-DK6sNIchAXK3nBDsP3WXLJXlZX4l9sU-bwkcbywfQL1K_jf_vQZfco

Request Chain 162

https://sync.serverbid.com/ss/2000248.html HTTP 302
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html

Request Chain 164

https://eb2.3lift.com/sync HTTP 302
https://eb2.3lift.com/sync?&ld=1

Request Chain 174

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELo6hJ79EtOvbNnpAghknVk&google_cver=1

Request Chain 175

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=951e6206-898d-4700-bdbf-c847d066ea98

Request Chain 176

https://token.rubiconproject.com/token?pid=26594 HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZILR44S-8-MAGK&sigv=1&esig=2~48f5d65f5e948708bb174eb136906fc176c791f3

Request Chain 177

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/uJJotu0YAqtzGG_bPZXNpw?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7265893088205772743

Request Chain 178

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YgaJjQAFZEFxewAy HTTP 302
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YgaJjQAFZEFxewAy&_test=YgaJjQAFZEFxewAy

Request Chain 179

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pJTFI0NFMtOC1NQUdL

Request Chain 182

https://ad.mrtnsvr.com/sync/triplelift HTTP 302
https://eb2.3lift.com/xuidmid=7976&xuid=wOL_seN4M&dongle=u6nf

Request Chain 184

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjgxMjQyNjY2MTY3NjM5MzE3NjczOA%3D%3D

Request Chain 186

https://pr-bh.ybp.yahoo.com/sync/triplelift/2812426661676393176738?gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2662&xuid=y-jBYf4F5E2oTj9gUdjYvnHxpJudlASDCoWQ0g4KWIHg--~A&dongle=0883

Request Chain 188

https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=2812426661676393176738 HTTP 302
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=2812426661676393176738&dcc=t

Request Chain 190

https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1

Request Chain 191

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17632&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east

Request Chain 195

https://ib.adnxs.com/getuid?https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D28%26userId%3D%24UID HTTP 302
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=7111439794840596585

Request Chain 196

https://pixel.advertising.com/ups/56621/occ HTTP 302
https://pixel.advertising.com/ups/56621/occ?verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/56621/occ?apid=UP979f83e1-8b54-11ec-8b7a-02b27134b580 HTTP 302
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP979f83e1-8b54-11ec-8b7a-02b27134b580

Request Chain 197

https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D HTTP 302
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YgaJichptJx6.-zV-ky1pgAA%261105

Request Chain 200

https://e.serverbid.com/udb/9969/match?redir=https://p.adsymptotic.com/d/px/?_pid=15964%26_rand=0.9632533500153251%26_psign=7af0e337a8b79b30c2c8126809252942%26_puuid= HTTP 302
https://p.adsymptotic.com/d/px/ue1-sb1-e22f9239-15da-49ab-bc10-9cd817694288

Request Chain 206

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:951e6206-898d-4700-bdbf-c847d066ea98&gdpr=0&gdpr_consent=

Request Chain 207

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2183734418379314449

Request Chain 209

https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7063484308557199505

Request Chain 210

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YgaJjQAFZEFxewAy&gdpr=0&gdpr_consent=

Request Chain 212

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1

Request Chain 213

https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent= HTTP 307
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0

Request Chain 218

https://green.erne.co/pubmatic/cm HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=rBbFHYbiC4U6mQ5hhwV4YTjG

Request Chain 219

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1644595598140 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8821062739 HTTP 302
https://sync.1rx.io/usersync/tradedesk/f4d6283b-b80b-419b-97e5-a7becc9fb8c5

Request Chain 222

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=eFKJ_03HTw2i1D0KRoIYmg%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 223

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=951e6206-898d-4700-bdbf-c847d066ea98

Request Chain 224

https://pixel.onaudience.com/?partner=214&mapped=785289FF-4DC7-4F0D-A2D4-3D0A4682189A HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D

Request Chain 225

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Nzg1Mjg5RkYtNERDNy00RjBELUEyRDQtM0QwQTQ2ODIxODlB&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 226

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMli4k7vustTUQu62slOGlg&google_cver=1

Request Chain 228

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1144741481059535339

Request Chain 229

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=f4d6283b-b80b-419b-97e5-a7becc9fb8c5

Request Chain 230

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7111439794840596585&gdpr=0&gdpr_consent=

Request Chain 231

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=VIRZiFqPUYlPj1vdUoZE31CED49PjwyKVoCQoQ1N

Request Chain 233

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=785289FF-4DC7-4F0D-A2D4-3D0A4682189A&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-4hKSvu1E2uVJHxc80tx0E7hAK.aZ9yA-~A&gdpr=0&gdpr_consent=

Request Chain 234

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=098cf55b-3b5e-4871-ad67-90752b33669b&ssp=pubmatic&gdpr=0&gdpr_consent=

Request Chain 235

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3092879072035206203&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 238

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=no-consent&gdpr=1&gdpr_consent=

238 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.wxyz.com/
Redirect Chain

http://wxyz.com/
https://wxyz.com/
https://www.wxyz.com/

358 KB
78 KB

631ms
60ms

Document
text/html

18.66.112.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wxyz.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-109.fra56.r.cloudfront.net
Software: N/A / Brightspot
Resource Hash: 44f8df585c00989ebcd87d33a7ee4a71f3ea2492a1cdcb59099e91884932e28c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=240
Content-Encoding: gzip
Date: Fri, 11 Feb 2022 16:03:23 GMT
Server: N/A
X-Powered-By: Brightspot
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 da9380f22ff2303fc2fd4652bf7ec7ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P5
X-Amz-Cf-Id: rAraCqOZwtLY0_9Yu-_-WfYnFabsBQp6q7Y8ciljGwV_6JeHxnNacw==
Age: 186

Redirect headers

Content-Length: 0
Connection: keep-alive
Cache-Control: max-age=240
Date: Fri, 11 Feb 2022 16:06:28 GMT
Location: https://www.wxyz.com/
Server: N/A
X-Cache: Miss from cloudfront
Via: 1.1 456733511c088f8435091e663b2c5430.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P3
X-Amz-Cf-Id: enbmT4BTFUxR1T2Zy330E2PRPCO2Z0junJiI1-4cXWdMcVWq6KSXwg==

GET
H/1.1 200
OK All.min.7623cd6846ce2cc26a6b9a0486d3ed0e.gz.css
ewscripps.brightspotcdn.com/resource/0000017e-9d0d-d68e-a57e-ff2f26f40000/styleguide/ 116 KB
22 KB 122ms
22ms Stylesheet
text/css 18.66.112.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ewscripps.brightspotcdn.com/resource/0000017e-9d0d-d68e-a57e-ff2f26f40000/styleguide/All.min.7623cd6846ce2cc26a6b9a0486d3ed0e.gz.css
Requested by: Host: www.wxyz.com
URL: https://www.wxyz.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-97.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d14b002fff2f922f5ed84f30a59af2f86d8e65b926d0af5dcefaa1a78a37cede

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 19:39:55 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Thu, 27 Jan 2022 19:39:54 GMT
Server: AmazonS3
Age: 1283195
ETag: "24ed0050481a8b9c563dbb5ce9224bdf"
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: FRA56-P5
Accept-Ranges: bytes
Content-Length: 21566
X-Amz-Cf-Id: Yhtzq4TATuR0VviK-1-ELoCyqy_CAVO5jAFRoi8jPMGSxpJ2psrBWQ==

GET
H2 200 6d6d25e3-5be4-444b-82ae-a8f0bb892234.js Show response
d3plfjw9uod7ab.cloudfront.net/ 108 KB
30 KB 113ms
26ms Script
application/javascript 2600:9000:223e:ac00:13:a391:88c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Requested by: Host: www.wxyz.com
URL: https://www.wxyz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:ac00:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1b29295e6a99520af2b7ea35ba09c91c93d00e85983db46c3e81d4839dd395c1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: _xYGoppoDA8WJbrDOyZs9UD0htkihIJn
content-encoding: gzip
last-modified: Mon, 07 Feb 2022 16:30:30 GMT
server: AmazonS3
age: 3301
etag: W/"14f0bea6aa6e5415051410157135f274"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 e37b7824685046c107e13d08c43993fc.cloudfront.net (CloudFront)
cache-control: max-age=3600, public
date: Fri, 11 Feb 2022 15:11:29 GMT
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: iR-3swxn0uZF9od0wYOgk7zxXTQ7HEExK7AplcCOQGmSvq-EWEPTaw==

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 19 KB
7 KB 189ms
56ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.wxyz.com
URL: https://www.wxyz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d2a74d8b25e1ccd4b1294b0b937804bc24aeea7f46edad3f3c1f91604d2708c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 11 Feb 2022 16:06:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: BXRr8anumVFsMvgN5QlueA==
age: 4693
vary: Accept-Encoding
content-length: 6508
x-ms-lease-status: unlocked
last-modified: Thu, 10 Feb 2022 10:47:27 GMT
server: cloudflare
etag: 0x8D9EC82BAD17F94
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: bf6d019d-701e-0070-2f6b-1eab22000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6dbed324ef0ee8ff-MXP

GET
H2 200 tsu4adm.css
use.typekit.net/ 21 KB
2 KB 451ms
145ms Stylesheet
text/css 2a03:5f80:a::b212:e7d1
DATAIX-AS Peering...

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/tsu4adm.css

Requested by

Host: www.wxyz.com
URL: https://www.wxyz.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:5f80:a::b212:e7d1 , Russian Federation, ASN50952 (DATAIX-AS Peering Ltd., RU),

Reverse DNS

Software

nginx /

Resource Hash

3cba1ddcab8a7a99cb45b1c4d5dfe4ea14aeba44ef8d032a797c687f6220287a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Fri, 11 Feb 2022 16:06:30 GMT
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1726

GET
H2 200 all.css
use.fontawesome.com/releases/v5.1.0/css/ 45 KB
10 KB 165ms
57ms Stylesheet
text/css 2606:4700:3037::6815:4e07
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.1.0/css/all.css
Requested by: Host: www.wxyz.com
URL: https://www.wxyz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce91e2144ea27f82292ef2c87c5d9e1d0b9994df63836130293865aca18fc550

Request headers

Referer: https://www.wxyz.com/
Origin: https://www.wxyz.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 16:06:29 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9361206
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 9VKXS4CZX8FKAQ1T
x-amz-id-2: ERK81TVuDODlwqzv7GfowCFW5S1M2N4gvJk5rYr1+j/xk/HG4/7NG/W0myv1m+oGRgoJDUETrlo=
last-modified: Wed, 30 Jun 2021 15:30:31 GMT
server: cloudflare
etag: W/"826c57385f3d35cfed5478ba7b1f5c03"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jhelT73U8QPfUWbuCdFgjN3YrJF1yA%2F5z%2F5ptmmGoXR1%2FA4i0uXxo6%2FW9DQXYu3yYJ7gJD%2B4naH1%2F6XP35R3UCa8jJdoiB8hQDHZ3tgGpa1RQmvBGL5FpMBlxhkNNy6123IJwx%2Fm2vALncm3VeeAfTmE"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 6dbed3251e267447-LHR

GET
H/1.1 200
OK square--144.png
assets.scrippsdigital.com/cms/images/color_schemes/wxyz/ 101 KB
102 KB 63ms
10ms Image
image/png 18.66.122.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.scrippsdigital.com/cms/images/color_schemes/wxyz/square--144.png
Requested by: Host: www.wxyz.com
URL: https://www.wxyz.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-58.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7bad7c3b3f116ae59297912b997e7a18d2bd60e4a24eb0d462002c0b777eb504

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: P5avBz819NJc3YawEvT.IQpZ3Gf0APcd
Via: 1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
Last-Modified: Thu, 15 Sep 2016 18:21:27 GMT
Server: AmazonS3
Age: 48589
ETag: "e7ae5a8eecf59a5e84e6af9c9b4b189b"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
Date: Fri, 11 Feb 2022 02:36:42 GMT
X-Amz-Cf-Pop: FRA60-P2
Accept-Ranges: bytes
Content-Length: 103931
X-Amz-Cf-Id: tsdWd0mOMXOIDpoVGLndvVh60CZZte3suBCfsLRbTW4Eqif8sBmsiQ==

GET
H/1.1 200
OK /
ewscripps.brightspotcdn.com/dims4/default/1894ad8/2147483647/strip/true/crop/600x200+0+0/resize/400x133!/quality/90/ 27 KB
28 KB 11ms
11ms Image
image/png 18.66.112.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewscripps.brightspotcdn.com/dims4/default/1894ad8/2147483647/strip/true/crop/600x200+0+0/resize/400x133!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2Ff7%2F91%2F8b2f704945148886140bd1cccb87%2Fwxyz-geographic-locator-600x200.png
Requested by: Host: www.wxyz.com
URL: https://www.wxyz.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-97.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 59cecdcb671cb5027bc86c50d79c534d3258e6213b2e5d01deb5a257f39b3a76

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 19 Oct 2021 01:53:41 GMT
Via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache
Age: 9987169
ETag: 7c931707194ecc6fe61b57360aa0b4a8
X-Cache: Hit from cloudfront
Content-Type: image/png
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
X-Amz-Cf-Pop: FRA56-P5
X-Robots-Tag: nofollow
Content-Length: 27857
X-Amz-Cf-Id: Fq03MCgMNXAlDoYhPfBD16G9QIBTm4jUyBUvrJ-U9EYXCqbNSsu_-Q==
Expires: Wed, 19 Oct 2022 01:53:41 GMT

GET
H/1.1 200
OK Blank.gif
www.wxyz.com/styleguide/assets/ 57 B
460 B 8ms
7ms Image
image/gif 18.66.112.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wxyz.com/styleguide/assets/Blank.gif
Requested by: Host: www.wxyz.com
URL: https://www.wxyz.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-109.fra56.r.cloudfront.net
Software: N/A /
Resource Hash: e4447831baf6690d632168390edfd95679cb7b5a09aec2c54d47b0a2343e54aa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 30 Jan 2022 05:40:44 GMT
Via: 1.1 da9380f22ff2303fc2fd4652bf7ec7ba.cloudfront.net (CloudFront)
Connection: keep-alive
Server: N/A
Age: 1074346
X-Cache: Hit from cloudfront
Content-Type: image/gif;charset=UTF-8
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: FRA56-P5
Content-Length: 57
X-Amz-Cf-Id: 53wqI-ITOq96V0bkmhLWv6nM13gfuDLK3lVVN9Rf1iLMO8YX8Kb29w==

GET
H/1.1 200
OK logo-scripps.png
assets.scrippsdigital.com/cms/images/ 3 KB
4 KB 8ms
8ms Image
image/png 18.66.122.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.scrippsdigital.com/cms/images/logo-scripps.png
Requested by: Host: www.wxyz.com
URL: https://www.wxyz.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-58.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d66c157e60a88623fc6bb87393d303096b3a2db235ad33c1cdb80ed71ee38c42

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: 8lNexGmb6tKD4SPVOeXslwnzBtFWYJoV
Via: 1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
Last-Modified: Mon, 23 Oct 2017 14:04:11 GMT
Server: AmazonS3
Age: 50018
ETag: "f46791d665054bf21da09492d448e1d2"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
Date: Fri, 11 Feb 2022 02:13:58 GMT
x-amz-replication-status: COMPLETED
X-Amz-Cf-Pop: FRA60-P2
Accept-Ranges: bytes
Content-Length: 3532
X-Amz-Cf-Id: k4UhvTQKx9e79oxuzplfbnihoQndNkLowEE3FLEF5pbByIrPAL7KGQ==

GET
H/1.1 200
OK All.min.9656e89e5a03da06d3ee6f4b6fbf717b.gz.js Show response
ewscripps.brightspotcdn.com/resource/0000017e-9d0d-d68e-a57e-ff2f26f40000/styleguide/ 427 KB
99 KB 8ms
8ms Script
text/javascript 18.66.112.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ewscripps.brightspotcdn.com/resource/0000017e-9d0d-d68e-a57e-ff2f26f40000/styleguide/All.min.9656e89e5a03da06d3ee6f4b6fbf717b.gz.js
Requested by: Host: www.wxyz.com
URL: https://www.wxyz.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-97.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: da4a85b624e7a71b4aa3827935dae699f7e8769e172ce18dc1ec395967863fbd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 19:39:55 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Thu, 27 Jan 2022 19:39:54 GMT
Server: AmazonS3
Age: 1283196
ETag: "e9115ed9ae76a1acab3581c3c5fe8c6a"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: FRA56-P5
Accept-Ranges: bytes
Content-Length: 101117
X-Amz-Cf-Id: cX50pC-teMXHnQbEy300nrVdSNC6Iz5tWGqa6TXs0QmRefHjAqRZgw==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 146 KB
49 KB 50ms
25ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-R48P

Requested by

Host: www.wxyz.com
URL: https://www.wxyz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dabfd75821c856511b69cc96ff7bca909af16a80e963244b15731c4ef98a082b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 16:06:30 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49601
x-xss-protection: 0
last-modified: Fri, 11 Feb 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 11 Feb 2022 16:06:30 GMT

GET
H2 404 000000.json Show response
cdn.cookielaw.org/consent/000000/ 215 B
653 B 286ms
204ms XHR
application/xml 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/000000/000000.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a81dff15f532f603b041e58c55385c065df8dc6669e5adcbed97e2dc69221435

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 16:06:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: EXPIRED
vary: Accept-Encoding
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/xml
access-control-allow-origin: *
x-ms-request-id: 45f752d7-401e-017c-6f61-1f0386000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
cf-ray: 6dbed325df530f6e-MXP
expires: Fri, 11 Feb 2022 20:06:30 GMT

GET
H2 404 00000
encouragingvase.com/ 0
0 215ms
44ms Script
text/plain 35.190.74.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://encouragingvase.com/00000
Requested by: Host: www.wxyz.com
URL: https://www.wxyz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.74.157 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 157.74.190.35.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 134 KB
36 KB 147ms
42ms Script
application/javascript 18.66.109.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.wxyz.com
URL: https://www.wxyz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-109-174.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 784acd540b5fcfb87c47dfe12e5311084ce692366a2ac196fd5cc8eb28ff4c23

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: GtBleBshAfJx9KFXwg43LDlo50FXi9le
content-encoding: gzip
etag: c1da564f59b83b9805e8df92eca012f5
age: 870
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 1A1D1C37D35QXM6MS6K0
date: Fri, 11 Feb 2022 15:52:00 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: BAv9SetHlPOnNWxRgAe8lcWIYShHMaZVZsHXa31ZFhryPy-mhcS6pg==

GET
H2 200 bidexchange.js Show response
hbx.media.net/ 436 KB
100 KB 250ms
130ms Script
text/javascript 104.107.160.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hbx.media.net/bidexchange.js?cid=8CU6Q6626&version=5.1&dn=www.wxyz.com

Requested by

Host: www.wxyz.com
URL: https://www.wxyz.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.107.160.24 Berlin, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-107-160-24.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

8ff0a8aa2368a2498e0744d8f4439fca8aa7394c7356c404911773826af2a435

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
date: Fri, 11 Feb 2022 16:06:30 GMT
vary: Accept-Encoding
x-mnet-h: E
content-type: text/javascript; charset=utf-8
cache-control: max-age=1800
timing-allow-origin: *
expires: Fri, 11 Feb 2022 16:36:30 GMT

GET
H2 200 5776_Scripps_Local_Stations.js Show response
ads.rubiconproject.com/prebid/ 581 KB
112 KB 381ms
229ms Script
text/javascript 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Requested by: Host: www.wxyz.com
URL: https://www.wxyz.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 0163325bcce85a4929a762f1a4d0825a9b8e800a0d6aec3ff8947ff7c4e2f299

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 16:06:30 GMT
content-encoding: gzip
last-modified: Wed, 15 Dec 2021 19:29:02 GMT
server: Apache
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=12224
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 114640
expires: Fri, 11 Feb 2022 19:30:14 GMT

GET
H2

200

activityi;dc_pre=CO2R2_-D-PUCFRj-GwodftcKMQ;src=4394967;type=wxyz;cat=pc_tt0;ord=4315754994325;gtm=2wg290;auiddc=1122585686.1644595590;u1=WXYZ%20Homepage;u2=WXYZ%20Channel%207%3A%20Detroit%20news%2... Show response
4394967.fls.doubleclick.net/ Frame 975B
Redirect Chain

https://4394967.fls.doubleclick.net/activityi;src=4394967;type=wxyz;cat=pc_tt0;ord=4315754994325;gtm=2wg290;auiddc=1122585686.1644595590;u1=WXYZ%20Homepage;u2=WXYZ%20Channel%207%3A%20Detroit%20news...
https://4394967.fls.doubleclick.net/activityi;dc_pre=CO2R2_-D-PUCFRj-GwodftcKMQ;src=4394967;type=wxyz;cat=pc_tt0;ord=4315754994325;gtm=2wg290;auiddc=1122585686.1644595590;u1=WXYZ%20Homepage;u2=WXYZ...

575 B
616 B

70ms
69ms

Document
text/html

142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4394967.fls.doubleclick.net/activityi;dc_pre=CO2R2_-D-PUCFRj-GwodftcKMQ;src=4394967;type=wxyz;cat=pc_tt0;ord=4315754994325;gtm=2wg290;auiddc=1122585686.1644595590;u1=WXYZ%20Homepage;u2=WXYZ%20Channel%207%3A%20Detroit%20news%2C%20weather%2C%20traffic%20and%20more;~oref=https%3A%2F%2Fwww.wxyz.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-R48P

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

cafe /

Resource Hash

c7d81aeb982c6ed5e169b39627b8014574447e899d3ec274dc56b40f1e81785f

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 11 Feb 2022 16:06:30 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 439
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 11 Feb 2022 16:06:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://4394967.fls.doubleclick.net/activityi;dc_pre=CO2R2_-D-PUCFRj-GwodftcKMQ;src=4394967;type=wxyz;cat=pc_tt0;ord=4315754994325;gtm=2wg290;auiddc=1122585686.1644595590;u1=WXYZ%20Homepage;u2=WXYZ%20Channel%207%3A%20Detroit%20news%2C%20weather%2C%20traffic%20and%20more;~oref=https%3A%2F%2Fwww.wxyz.com%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 p.css
p.typekit.net/ 5 B
181 B 499ms
136ms Stylesheet
text/css 2a03:5f80:a::b212:e7c0
DATAIX-AS Peering...

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=tsu4adm&ht=tk&f=137.138.139.140.169.170.171.172.175.176.141.142.143.144.147.148.151.152.153.154.155.156.157.160.161.162.165.166.167.168&a=15199297&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/tsu4adm.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:5f80:a::b212:e7c0 , Russian Federation, ASN50952 (DATAIX-AS Peering Ltd., RU),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 16:06:30 GMT
last-modified: Fri, 10 Sep 2021 23:46:21 GMT
server: nginx
etag: "613bee4d-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 303ms
172ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.wxyz.com
URL: https://www.wxyz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

b85a8522b694640eedc3984d83f84afb72c1cbc688c9602a4a676d05cbc854af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 16:06:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27260
x-xss-protection: 0
server: sffe
etag: "1128 / 833 of 1000 / last-modified: 1644581237"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 11 Feb 2022 16:06:30 GMT

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
309 B 41ms
41ms XHR
text/plain 18.66.109.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3295&u=https%3A%2F%2Fwww.wxyz.com
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-109-174.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 13:43:31 GMT
via: 1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
server: Server
age: 8578
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.wxyz.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: b7B0ZOn4fp-S0lHcDZQhTFbgLkwTPXWB6A-jG3_tZaEvsfRcmC5c9A==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 126ms
48ms XHR
application/javascript 18.66.109.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-109-174.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: eaU6ir6qmGswM2SGRmLi7PKhBcBrRdvn
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 27176
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 21 Jan 2022 02:54:57 GMT
server: AmazonS3
date: Fri, 11 Feb 2022 13:45:50 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: SN8jRDgIcbgungT3gtl69vOXFodh7f9G-zyCDDrnfIUhog8fw0PfIQ==

GET
H2 200 dc_pre=CO2R2_-D-PUCFRj-GwodftcKMQ;src=4394967;type=wxyz;cat=pc_tt0;ord=4315754994325;gtm=2wg290;auiddc=1122585686.1644595590;u1=WXYZ%20Homepage;u2=WXYZ%20Channel%207%3A%20Detroit%20news%2C%20weathe... Show response
adservice.google.com/ddm/fls/i/ Frame 98F8 574 B
908 B 195ms
87ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CO2R2_-D-PUCFRj-GwodftcKMQ;src=4394967;type=wxyz;cat=pc_tt0;ord=4315754994325;gtm=2wg290;auiddc=1122585686.1644595590;u1=WXYZ%20Homepage;u2=WXYZ%20Channel%207%3A%20Detroit%20news%2C%20weather%2C%20traffic%20and%20more;~oref=https%3A%2F%2Fwww.wxyz.com%2F

Requested by

Host: 4394967.fls.doubleclick.net
URL: https://4394967.fls.doubleclick.net/activityi;dc_pre=CO2R2_-D-PUCFRj-GwodftcKMQ;src=4394967;type=wxyz;cat=pc_tt0;ord=4315754994325;gtm=2wg290;auiddc=1122585686.1644595590;u1=WXYZ%20Homepage;u2=WXYZ%20Channel%207%3A%20Detroit%20news%2C%20weather%2C%20traffic%20and%20more;~oref=https%3A%2F%2Fwww.wxyz.com%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

054243219d1435d1d87fc4a0e668b32bf3eb956dee935b51bb7c42950d729463

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://4394967.fls.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 11 Feb 2022 16:06:30 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 439
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 dc_pre=CO2R2_-D-PUCFRj-GwodftcKMQ;src=4394967;type=wxyz;cat=pc_tt0;ord=4315754994325;gtm=2wg290;auiddc=1122585686.1644595590;u1=WXYZ%20Homepage;u2=WXYZ%20Channel%207%3A%20Detroit%20news%2C%20weathe... Show response
adservice.google.de/ddm/fls/i/ Frame D045 194 B
870 B 236ms
100ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CO2R2_-D-PUCFRj-GwodftcKMQ;src=4394967;type=wxyz;cat=pc_tt0;ord=4315754994325;gtm=2wg290;auiddc=1122585686.1644595590;u1=WXYZ%20Homepage;u2=WXYZ%20Channel%207%3A%20Detroit%20news%2C%20weather%2C%20traffic%20and%20more;~oref=https%3A%2F%2Fwww.wxyz.com%2F

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CO2R2_-D-PUCFRj-GwodftcKMQ;src=4394967;type=wxyz;cat=pc_tt0;ord=4315754994325;gtm=2wg290;auiddc=1122585686.1644595590;u1=WXYZ%20Homepage;u2=WXYZ%20Channel%207%3A%20Detroit%20news%2C%20weather%2C%20traffic%20and%20more;~oref=https%3A%2F%2Fwww.wxyz.com%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://adservice.google.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 11 Feb 2022 16:06:30 GMT
expires: Fri, 11 Feb 2022 16:06:30 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 177
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 189ms
75ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.wxyz.com
URL: https://www.wxyz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5df12841c6715824a34b4231cd3da7eaf29d04ea34a7b807098892cc95b2da65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: Y6gzZGLFc+BEINaW9/tawg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: 5b/TDdvBtBfUPHJN/QMuxK5yN5BIJl3ZQD8gUNgDBeH7dEYisq9SucBaAskqk9zUclpD9a97KUDCLY8JSiduVQ==
x-fb-trip-id: 686109401
x-fb-content-md5: 3716a9050c018c3172c802c4d8a349ac
x-frame-options: DENY
date: Fri, 11 Feb 2022 16:06:30 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "5968c1bda456417120cd0bf29c5338e7"
timing-allow-origin: *
priority: u=3,i
expires: Fri, 11 Feb 2022 16:09:21 GMT

GET
H2 200 p.js Show response
cdn.parsely.com/keys/wxyz.com/ 66 KB
23 KB 584ms
84ms Script
application/javascript 18.66.100.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/wxyz.com/p.js
Requested by: Host: www.wxyz.com
URL: https://www.wxyz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.100.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-100-58.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 54043aec94a8eb89b42fd11b81e743bf7153d4704578d4e614ffd43ff8dda626

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Fri, 11 Feb 2022 06:45:16 GMT
content-encoding: gzip
last-modified: Tue, 02 Feb 2021 21:16:59 GMT
server: nginx
age: 34061
etag: W/"6019c14b-1070d"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 80a51c83bb9479e2a3aa1ea59b366458.cloudfront.net (CloudFront)
cache-control: max-age=86400, public
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: C7se8truHy0gc8Cm1KANM_47AfuFEJM4US5mze7GPO8-Ix_8amfLlg==
expires: Sat, 12 Feb 2022 06:38:50 GMT

GET
H/1.1 200
OK /
ewscripps.brightspotcdn.com/dims4/default/789cf6b/2147483647/strip/true/crop/1498x527+0+52/resize/1280x450!/quality/90/ 558 KB
559 KB 66ms
65ms Image
image/png 18.66.112.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewscripps.brightspotcdn.com/dims4/default/789cf6b/2147483647/strip/true/crop/1498x527+0+52/resize/1280x450!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2Fd5%2Fa2%2Fd9e27865461dbb3380436bb67f39%2Fscreen-shot-2022-02-10-at-5.51.06%20AM.png
Requested by: Host: www.wxyz.com
URL: https://www.wxyz.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-97.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 7802406f59d4f328009e62255b00d44136538f7aaf0c4ae79ecf60f719b8f237

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 10 Feb 2022 12:09:08 GMT
Via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache
Age: 100642
ETag: bc5933063aad2f7ceef9198d5b55b35e
X-Cache: Hit from cloudfront
Content-Type: image/png
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
X-Amz-Cf-Pop: FRA56-P5
X-Robots-Tag: nofollow
Content-Length: 571419
X-Amz-Cf-Id: 6QWMacB_sHu05ZnipkFcdBiGhxbJbVzShjo3lJcaOBQRXK1mJEHh2g==
Expires: Fri, 10 Feb 2023 12:09:08 GMT

GET
H/1.1 200
OK /
ewscripps.brightspotcdn.com/dims4/default/5668c56/2147483647/strip/true/crop/1280x450+0+135/resize/1280x450!/quality/90/ 86 KB
87 KB 282ms
151ms Image
image/jpeg 18.66.112.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewscripps.brightspotcdn.com/dims4/default/5668c56/2147483647/strip/true/crop/1280x450+0+135/resize/1280x450!/quality/90/?url=https%3A%2F%2Fx-default-stgec.uplynk.com%2Fausw%2Fslices%2Fb30%2Fbe88c4e651db4a7dbe102614d7272948%2Fb308c85c001c4d488ba40c9224c015a5%2Fposter_406b7f1a05fa4d0980e96d7abb97ed93.jpg
Requested by: Host: www.wxyz.com
URL: https://www.wxyz.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-97.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: ccfd1de92f095ee33f6d212821add438bee4a30091b15e90df17599d9d1e7836

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 10 Feb 2022 23:39:13 GMT
Via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache
Age: 59237
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
X-Amz-Cf-Pop: FRA56-P5
X-Robots-Tag: nofollow
Content-Length: 88501
X-Amz-Cf-Id: _HtapiyuZ0wXNNiX9R77-lE9cZrVnjEK1KDQ4ozvAGC8AHZDwn9dfw==
Expires: Fri, 10 Feb 2023 23:39:13 GMT

GET
H/1.1 200
OK /
ewscripps.brightspotcdn.com/dims4/default/ad221f0/2147483647/strip/true/crop/1280x450+0+135/resize/1280x450!/quality/90/ 60 KB
60 KB 276ms
145ms Image
image/jpeg 18.66.112.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewscripps.brightspotcdn.com/dims4/default/ad221f0/2147483647/strip/true/crop/1280x450+0+135/resize/1280x450!/quality/90/?url=https%3A%2F%2Fx-default-stgec.uplynk.com%2Fausw%2Fslices%2Fcf8%2Fbe88c4e651db4a7dbe102614d7272948%2Fcf8c24d55f5f4a57816825b00377da50%2Fposter_10fee52537fd4fcc9be446c2cc613aa8.jpg
Requested by: Host: www.wxyz.com
URL: https://www.wxyz.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-97.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 0d235ad890492000475aec5aaa43697039a0d6b9860909bc5217ba7b50b50d63

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 00:50:11 GMT
Via: 1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache
Age: 54979
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
X-Amz-Cf-Pop: FRA56-P5
X-Robots-Tag: nofollow
Content-Length: 60940
X-Amz-Cf-Id: Y0JYyAhVBvKwYrjYROVhqC72X8qOKhuaiUgfIg4DlkF6hXcRVffHGw==
Expires: Sat, 11 Feb 2023 00:50:11 GMT

GET
H/1.1 200
OK /
ewscripps.brightspotcdn.com/dims4/default/ea7c9bd/2147483647/strip/true/crop/1280x450+0+135/resize/1280x450!/quality/90/ 40 KB
41 KB 235ms
62ms Image
image/jpeg 18.66.112.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewscripps.brightspotcdn.com/dims4/default/ea7c9bd/2147483647/strip/true/crop/1280x450+0+135/resize/1280x450!/quality/90/?url=https%3A%2F%2Fx-default-stgec.uplynk.com%2Fausw%2Fslices%2Fa59%2Fbe88c4e651db4a7dbe102614d7272948%2Fa59a162b1a7e4662940ba1af5459a27c%2Fposter_b2cbbbbb999e44db89fbc25370ffba87.jpg
Requested by: Host: www.wxyz.com
URL: https://www.wxyz.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-97.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: ed2a7d1ea2ab128d9fdf26582706bac2b4976a96ef8695b8ede2ef4d98f1da05

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 10 Feb 2022 23:39:14 GMT
Via: 1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache
Age: 59236
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
X-Amz-Cf-Pop: FRA56-P5
X-Robots-Tag: nofollow
Content-Length: 41046
X-Amz-Cf-Id: 4kWrzs2q2qbwNZvESXUkEqhChLcS9tlWs5fLATueAYJxHz0l_R6Igw==
Expires: Fri, 10 Feb 2023 23:39:14 GMT

GET
H/1.1 200
OK /
ewscripps.brightspotcdn.com/dims4/default/5c5dc3e/2147483647/strip/true/crop/1280x450+0+135/resize/1280x450!/quality/90/ 59 KB
60 KB 373ms
88ms Image
image/jpeg 18.66.112.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewscripps.brightspotcdn.com/dims4/default/5c5dc3e/2147483647/strip/true/crop/1280x450+0+135/resize/1280x450!/quality/90/?url=https%3A%2F%2Fx-default-stgec.uplynk.com%2Fausw%2Fslices%2F22e%2Fbe88c4e651db4a7dbe102614d7272948%2F22e8949f70a9413f9c1bc0cee1d2bcf0%2Fposter_0b07abc89be0494b90c63b20f0f5a298.jpg
Requested by: Host: www.wxyz.com
URL: https://www.wxyz.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-97.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 12e1a63c61b7bad66cde2c612847f9e611beb32004e6baf104963fb3924f906c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 10 Feb 2022 23:39:14 GMT
Via: 1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache
Age: 59237
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
X-Amz-Cf-Pop: FRA56-P5
X-Robots-Tag: nofollow
Content-Length: 60532
X-Amz-Cf-Id: uaTCpFKV7EPy8svdiItd1z5MzYm0qnFG-pQgha4EEwnpj78TWf0azA==
Expires: Fri, 10 Feb 2023 23:39:14 GMT

GET
H/1.1 200
OK /
ewscripps.brightspotcdn.com/dims4/default/ab0c782/2147483647/strip/true/crop/2503x1408+15+0/resize/1280x720!/quality/90/ 613 KB
613 KB 233ms
149ms Image
image/png 18.66.112.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewscripps.brightspotcdn.com/dims4/default/ab0c782/2147483647/strip/true/crop/2503x1408+15+0/resize/1280x720!/quality/90/?url=https%3A%2F%2Fewscripps.brightspotcdn.com%2F38%2F79%2F0716914344c2b968c7f72c56ada5%2Fscreen-shot-2021-05-03-at-11.35.26%20AM.png
Requested by: Host: www.wxyz.com
URL: https://www.wxyz.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-97.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 5baa557750c0dc3d1c36b5abf69a46136140e1b498108c5a807daa6e093b3dff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 02 Feb 2022 21:30:23 GMT
Via: 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache
Age: 758166
ETag: 8218d445abbce7458e332cb70c9a946e
X-Cache: Hit from cloudfront
Content-Type: image/png
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
X-Amz-Cf-Pop: FRA56-P5
X-Robots-Tag: nofollow
Content-Length: 627550
X-Amz-Cf-Id: Nt5oLGINzDf1ce83dZi2tYNEeyAh0bLMQNkXHgyX4nHCxdBtn-Shxg==
Expires: Thu, 02 Feb 2023 21:30:24 GMT

GET
H/1.1 200
OK /
ewscripps.brightspotcdn.com/dims4/default/bee96ea/2147483647/strip/true/crop/1121x631+377+0/resize/1280x720!/quality/90/ 691 KB
691 KB 150ms
65ms Image
image/png 18.66.112.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewscripps.brightspotcdn.com/dims4/default/bee96ea/2147483647/strip/true/crop/1121x631+377+0/resize/1280x720!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2Fd5%2Fa2%2Fd9e27865461dbb3380436bb67f39%2Fscreen-shot-2022-02-10-at-5.51.06%20AM.png
Requested by: Host: www.wxyz.com
URL: https://www.wxyz.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-97.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: a3af54f50cf210dee579bf544bd6029b5688e7af8557fb03b3d83a24bbd1928a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 10 Feb 2022 10:56:32 GMT
Via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache
Age: 104998
ETag: 949823aed5f02f27c8b1670aed3025f9
X-Cache: Hit from cloudfront
Content-Type: image/png
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
X-Amz-Cf-Pop: FRA56-P5
X-Robots-Tag: nofollow
Content-Length: 707175
X-Amz-Cf-Id: ZgTuqHtOKa3kguUS21N2bxn3-lqT70WtVrQ1J4WFyQeJ-iJosiKKgA==
Expires: Fri, 10 Feb 2023 10:56:32 GMT

GET
H/1.1 200
OK /
ewscripps.brightspotcdn.com/dims4/default/9962e48/2147483647/strip/true/crop/1280x720+0+0/resize/1280x720!/quality/90/ 42 KB
43 KB 88ms
87ms Image
image/jpeg 18.66.112.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewscripps.brightspotcdn.com/dims4/default/9962e48/2147483647/strip/true/crop/1280x720+0+0/resize/1280x720!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2F34%2F40%2Fe252383b4e85a0b65cddab5b2876%2Fposter-image.jpg
Requested by: Host: www.wxyz.com
URL: https://www.wxyz.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-97.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: adc8713b28f1422f937ad42965aa3cc3aadf189385c74cd03b39e7222004ef11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 11:57:50 GMT
Via: 1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache
Age: 14921
ETag: b853edd23390a2b97e0eda984da09f5e
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
X-Amz-Cf-Pop: FRA56-P5
X-Robots-Tag: nofollow
Content-Length: 43442
X-Amz-Cf-Id: 4XcjvFvM1HdYkVbHmYI_Q9Nj8y2d5LslPPEuTrPg76mFhGfj3qj4fw==
Expires: Sat, 11 Feb 2023 11:57:50 GMT

GET
H/1.1 200
OK /
ewscripps.brightspotcdn.com/dims4/default/62fef81/2147483647/strip/true/crop/1280x720+0+0/resize/1280x720!/quality/90/ 69 KB
69 KB 61ms
60ms Image
image/jpeg 18.66.112.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewscripps.brightspotcdn.com/dims4/default/62fef81/2147483647/strip/true/crop/1280x720+0+0/resize/1280x720!/quality/90/?url=https%3A%2F%2Fx-default-stgec.uplynk.com%2Fausw%2Fslices%2F7ce%2Fbe88c4e651db4a7dbe102614d7272948%2F7ce282dab7e94b2cb285699519875ae6%2Fposter_186bea649f2c44d8ad4e7bbcfa58fbbd.jpg
Requested by: Host: www.wxyz.com
URL: https://www.wxyz.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-97.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 893408524c726d086c14032cd5cc2099f34fad56df521df5252ae92d805ddec9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 10:45:47 GMT
Via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache
Age: 19244
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
X-Amz-Cf-Pop: FRA56-P5
X-Robots-Tag: nofollow
Content-Length: 70215
X-Amz-Cf-Id: x_9vHcx-3092RkQT5Kwzj_fL_Sar2nywtrrPpQx8y-LONQKoRPq83A==
Expires: Sat, 11 Feb 2023 10:45:47 GMT

GET
H/1.1 200
OK /
ewscripps.brightspotcdn.com/dims4/default/f85b917/2147483647/strip/true/crop/1100x619+0+57/resize/1280x720!/quality/90/ 130 KB
131 KB 64ms
64ms Image
image/jpeg 18.66.112.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewscripps.brightspotcdn.com/dims4/default/f85b917/2147483647/strip/true/crop/1100x619+0+57/resize/1280x720!/quality/90/?url=https%3A%2F%2Fewscripps.brightspotcdn.com%2F83%2F51%2F5eed0c094ad6858466c5e6153364%2Fvaccine.jpg
Requested by: Host: www.wxyz.com
URL: https://www.wxyz.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-97.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 873d2ad31b07d3f195ff0f4b68730a06e80232b854525bb35d0a469c4514afe8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 12 Oct 2021 16:55:48 GMT
Via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache
Age: 10537843
ETag: d5057882b65b5c723537cc4583146500
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
X-Amz-Cf-Pop: FRA56-P5
X-Robots-Tag: nofollow
Content-Length: 133370
X-Amz-Cf-Id: FxTh1z8eVtIXlmfuJVl8kYZ-zcTgpjqguS3xetEZZSCBibgELaTJUg==
Expires: Wed, 12 Oct 2022 16:55:48 GMT

GET
H/1.1 200
OK /
ewscripps.brightspotcdn.com/dims4/default/0506378/2147483647/strip/true/crop/960x540+173+0/resize/1280x720!/quality/90/ 1 MB
1 MB 77ms
76ms Image
image/png 18.66.112.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewscripps.brightspotcdn.com/dims4/default/0506378/2147483647/strip/true/crop/960x540+173+0/resize/1280x720!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2Fa7%2Fc3%2F27f4e54f483784af9ac9ffa0c5f5%2Fscreen-shot-2022-02-11-at-6.12.16%20AM.png
Requested by: Host: www.wxyz.com
URL: https://www.wxyz.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-97.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 7837a92dd3b201ac34b025ab57dd0c145bfac32243e95ad5d76528f568b3ab9f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 11:23:57 GMT
Via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache
Age: 16953
ETag: ce81461d00a8a53adcc82cf5570e13f0
X-Cache: Hit from cloudfront
Content-Type: image/png
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
X-Amz-Cf-Pop: FRA56-P5
X-Robots-Tag: nofollow
Content-Length: 1076098
X-Amz-Cf-Id: -WlzzWKe2BySPW8AG5i8S3I6HznXWNjU_K7aRhuBipzOOr6Bwr6TUw==
Expires: Sat, 11 Feb 2023 11:23:58 GMT

GET
H/1.1 200
OK /
ewscripps.brightspotcdn.com/dims4/default/af806cd/2147483647/strip/true/crop/1920x1080+0+0/resize/1280x720!/quality/90/ 1 MB
1 MB 155ms
154ms Image
image/png 18.66.112.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewscripps.brightspotcdn.com/dims4/default/af806cd/2147483647/strip/true/crop/1920x1080+0+0/resize/1280x720!/quality/90/?url=https%3A%2F%2Fewscripps.brightspotcdn.com%2F48%2F65%2Fbcf4e04141328f69f39aea2b1a87%2Funtitled-design-100.png
Requested by: Host: www.wxyz.com
URL: https://www.wxyz.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-97.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: e695f937b9895029d54b8e47c9ad0b4154a3879db93ef6208275e2d002e98b60

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 03:41:24 GMT
Via: 1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache
Age: 44706
ETag: 2aed83a579c9cbffff3a47b990027836
X-Cache: Hit from cloudfront
Content-Type: image/png
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
X-Amz-Cf-Pop: FRA56-P5
X-Robots-Tag: nofollow
Content-Length: 1192490
X-Amz-Cf-Id: EoWhvTWF1LGtF3IzjzWm5TReRPKlK2qyDkOVsFAE_NthMmUufrNGaw==
Expires: Sat, 11 Feb 2023 03:41:25 GMT

GET
H/1.1 200
OK /
ewscripps.brightspotcdn.com/dims4/default/b2466ec/2147483647/strip/true/crop/1000x563+0+0/resize/1280x720!/quality/90/ 152 KB
152 KB 34ms
34ms Image
image/jpeg 18.66.112.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewscripps.brightspotcdn.com/dims4/default/b2466ec/2147483647/strip/true/crop/1000x563+0+0/resize/1280x720!/quality/90/?url=https%3A%2F%2Fewscripps.brightspotcdn.com%2Fa0%2F98%2Ffa6a566046b9a2b1c1914c1e7009%2Fgettyimages-138940062.jpg
Requested by: Host: www.wxyz.com
URL: https://www.wxyz.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-97.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 6cf45589e49e24e1c2c7ecd649592b0c0bc969f9440a70d71dcd45da74c64119

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 11:02:03 GMT
Via: 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache
Age: 18268
ETag: 213650b85df846f940869e89e00a645f
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
X-Amz-Cf-Pop: FRA56-P5
X-Robots-Tag: nofollow
Content-Length: 155159
X-Amz-Cf-Id: XQW7zOix7CcCSBV42Wz83IlbfBe7rkAUEiGUkV32n0x5BkmzPMQmoQ==
Expires: Sat, 11 Feb 2023 11:02:03 GMT

GET
H/1.1 200
OK /
ewscripps.brightspotcdn.com/dims4/default/bedc0f7/2147483647/strip/true/crop/0x0+0+0/resize/1280x720!/quality/90/ 138 KB
138 KB 35ms
35ms Image
image/jpeg 18.66.112.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewscripps.brightspotcdn.com/dims4/default/bedc0f7/2147483647/strip/true/crop/0x0+0+0/resize/1280x720!/quality/90/?url=https%3A%2F%2Fwww.simplemost.com%2Fwp-content%2Fuploads%2F2022%2F01%2FAdobeStock_132886952-500x333.jpeg
Requested by: Host: www.wxyz.com
URL: https://www.wxyz.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-97.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 63ba928e89694c180ffcbdf55a3932a5b5c67106f5068ab327aa94e2b4f6873d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 26 Jan 2022 19:33:05 GMT
Via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache
Age: 1370006
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
X-Amz-Cf-Pop: FRA56-P5
X-Robots-Tag: nofollow
Content-Length: 141046
X-Amz-Cf-Id: C4_EO0UuxNof-cvHexUrD4mBgZuH-7ZU07YvwFyQrEAJUevyi7OvMg==
Expires: Thu, 26 Jan 2023 19:33:05 GMT

GET
H3 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.1.0/webfonts/ 58 KB
59 KB 205ms
112ms Font
font/woff2 2606:4700:3037::6815:4e07
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.1.0/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.1.0/css/all.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a83079124373d924ad1402fbc08d2e24d0043234d4c26565f1c368745f55f5d9

Request headers

Referer: https://use.fontawesome.com/releases/v5.1.0/css/all.css
Origin: https://www.wxyz.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 16:06:30 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18991889
cf-ray: 6dbed32b4efd3a81-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 59572
x-amz-id-2: Ad4HPiDPVYYgNQtSe85VbthyCBmTkz6IqAmkOdldZ0thQQujM5QafmhHpSfP+adhbzF0b/b9FhE=
last-modified: Wed, 30 Jun 2021 15:30:49 GMT
server: cloudflare
etag: "18d2347ab2a9f40ca2247cdb03303d84"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3aSBIXoS9xZIGDs%2BsbFLFHHbiy5reHLt9bN9BvBcogH9YcEXVwmUojARQkaFfwrqFWtkjWdGWdwYD2KNa%2Fgl31PGHWX2snD4fKsx58a2C6QVI3h3U2jHCl71d4BsNkBrrHq8WPdE99H%2F3Hu9d7VOlB%2Bb"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: ZDMDW8VNK3WTXRVQ
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
content-type: font/woff2

GET
H2 200 l
use.typekit.net/af/efe4a5/00000000000000007735e609/30/ 16 KB
16 KB 584ms
161ms Font
application/font-woff2 2a03:5f80:a::b212:e7d1
DATAIX-AS Peering...

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/efe4a5/00000000000000007735e609/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/tsu4adm.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:5f80:a::b212:e7d1 , Russian Federation, ASN50952 (DATAIX-AS Peering Ltd., RU),
Reverse DNS
Software: nginx /
Resource Hash: 6134c69a4499afd5f1c8aa273268c18604922248782917819d91e9cdfdf22995

Request headers

Referer: https://use.typekit.net/tsu4adm.css
Origin: https://www.wxyz.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 16:06:31 GMT
server: nginx
etag: "ef52ad3657e4d4a42c21db6c00d5c7ccc649bc94"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 16564

GET
H2 200 l
use.typekit.net/af/8738d8/00000000000000007735e611/30/ 16 KB
17 KB 618ms
195ms Font
application/font-woff2 2a03:5f80:a::b212:e7d1
DATAIX-AS Peering...

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/8738d8/00000000000000007735e611/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n8&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/tsu4adm.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:5f80:a::b212:e7d1 , Russian Federation, ASN50952 (DATAIX-AS Peering Ltd., RU),
Reverse DNS
Software: nginx /
Resource Hash: d63fa770adfd344ffffd30e315719e539d341a6f71d0d6ad6a5c312a85e95fed

Request headers

Referer: https://use.typekit.net/tsu4adm.css
Origin: https://www.wxyz.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 16:06:31 GMT
server: nginx
etag: "a5565f97e4389f39e94f7880b2c8088023e4d88a"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 16884

GET
H2 200 l
use.typekit.net/af/2555e1/00000000000000007735e603/30/ 16 KB
17 KB 601ms
179ms Font
application/font-woff2 2a03:5f80:a::b212:e7d1
DATAIX-AS Peering...

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/2555e1/00000000000000007735e603/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/tsu4adm.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:5f80:a::b212:e7d1 , Russian Federation, ASN50952 (DATAIX-AS Peering Ltd., RU),
Reverse DNS
Software: nginx /
Resource Hash: cb2f89e554453cd1e53c403748945f0fc04314a5395c72160f06367d49cb9d26

Request headers

Referer: https://use.typekit.net/tsu4adm.css
Origin: https://www.wxyz.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 16:06:31 GMT
server: nginx
etag: "96c7595dad6bb306bf9cc4c7a3b3d28654c7d636"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 16832

GET
H3 200 fa-brands-400.woff2
use.fontawesome.com/releases/v5.1.0/webfonts/ 62 KB
63 KB 294ms
202ms Font
font/woff2 2606:4700:3037::6815:4e07
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.1.0/webfonts/fa-brands-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.1.0/css/all.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62b5e7ae9e2ed60dcd7cb2e0823dd0884575f2176aff629f2df1e912dfae20e1

Request headers

Referer: https://use.fontawesome.com/releases/v5.1.0/css/all.css
Origin: https://www.wxyz.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 16:06:30 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7568786
cf-ray: 6dbed32b4f033a81-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 63376
x-amz-id-2: 4JXBW16x2R0HbE5/9mnR+MQapXlLbKjkVPX8BJcZjwdmrLzQYejXsLIZ5F/LUJqni7WwWVW9pH4=
last-modified: Wed, 30 Jun 2021 15:30:49 GMT
server: cloudflare
etag: "f319eac1c755f9929fd856720ce1695e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bqu6wgcPtqjKItrguYzntDUzH%2BM3E4%2FDtyvcoP4lflOX61ZX8x0y02glzd2xttUaAcGy60U%2FP0jwPCC6WndUm6T2OYRNnGlAlVyLyC%2FlEl3rbBuNBBPHK%2F4JbIBW7jky2Chz2E8wqCviRSzwlCs3EZnH"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: RTWB464WJXJ5HRNH
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
content-type: font/woff2

OPTIONS
H2 200 /
api.ewscloud.com/prod/scheduler/v1/com.wxyz/schedules/current/ Frame 0
0 532ms
344ms Preflight
application/json 13.32.121.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ewscloud.com/prod/scheduler/v1/com.wxyz/schedules/current/?type=web
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-95.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Origin: https://www.wxyz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
date: Fri, 11 Feb 2022 16:06:31 GMT
x-amzn-requestid: 501abf4a-4baf-4f99-85d8-4092a34ab15d
access-control-allow-origin: *
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id: NYptLGYhoAMFvmQ=
access-control-allow-methods: GET,OPTIONS
x-amzn-trace-id: Root=1-62068987-2569cebc47320dc967c4b292
x-cache: Miss from cloudfront
via: 1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: ifH9R_4TAP_OoMfIgSnPNYqM0t41zEkZgIj8V1c84XrMcLs0Reu6jA==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 167 KB
62 KB 155ms
76ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-VR1EJSK21G&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-R48P

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2e458cdd5ca41bd13ad7a3fbc0a3339f62da92ab89a9c0b3059b27dc808f245a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 16:06:30 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63052
x-xss-protection: 0
expires: Fri, 11 Feb 2022 16:06:30 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 282ms
87ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-R48P

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 99
date: Fri, 11 Feb 2022 16:04:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 11 Feb 2022 18:04:52 GMT

GET
H2 200 load_tags.js Show response
pymx5.com/scripts/ 9 KB
9 KB 285ms
87ms Script
application/javascript 35.227.203.93
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pymx5.com/scripts/load_tags.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-R48P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.203.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 93.203.227.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 492f490d3a8cae053f8ab9f525210cfcd792987a02d65783aa81ce4edf926fa2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 15:43:13 GMT
age: 1398
x-guploader-uploadid: ADPycdtBybOro0Qk9FtmOWt3V75aukZFGAjBynjTNWI_JFV746CIB4Sxe5F5lTbuQVUKT_xx0JcDOzcUpsx42GjEqr0
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8946
last-modified: Wed, 02 Feb 2022 11:24:50 GMT
server: UploadServer
etag: "f6b06694767e707999eecbe9538b403a"
x-goog-hash: crc32c=xz4nKQ==, md5=9rBmlHZ+cHmZ7svpU4tAOg==
x-goog-generation: 1637826900127272
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 8946
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 11 Feb 2022 16:43:13 GMT

GET
H/1.1 200
OK weather Show response
www.wxyz.com/ 102 KB
102 KB 81ms
81ms Fetch
application/json 18.66.112.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wxyz.com/weather?_renderer=json
Requested by: Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/0000017e-9d0d-d68e-a57e-ff2f26f40000/styleguide/All.min.9656e89e5a03da06d3ee6f4b6fbf717b.gz.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-109.fra56.r.cloudfront.net
Software: N/A / Brightspot
Resource Hash: c43e824422494053ca451474852915b24d7df1276fb6a42fdd71f4bc6636c1aa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 16:05:22 GMT
Via: 1.1 da9380f22ff2303fc2fd4652bf7ec7ba.cloudfront.net (CloudFront)
Connection: keep-alive
Server: N/A
Age: 67
X-Powered-By: Brightspot
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: application/json;charset=UTF-8
Cache-Control: max-age=240
X-Amz-Cf-Pop: FRA56-P5
X-Robots-Tag: nofollow
X-Amz-Cf-Id: 99TUYY2a58MI90f2rpr_fn6IlDKqoG2sMdWzzy3FKCUbe1Tt1InmJw==

GET
H/1.1 200
OK breaking-news-alerts Show response
www.wxyz.com/ 76 KB
76 KB 205ms
74ms Fetch
application/json 18.66.112.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wxyz.com/breaking-news-alerts?_renderer=json
Requested by: Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/0000017e-9d0d-d68e-a57e-ff2f26f40000/styleguide/All.min.9656e89e5a03da06d3ee6f4b6fbf717b.gz.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-109.fra56.r.cloudfront.net
Software: N/A / Brightspot
Resource Hash: 8d52965491f525042696253c25b525954d221bef41ab1caf33f2000724a17de2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 16:04:40 GMT
Via: 1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
Connection: keep-alive
Server: N/A
Age: 110
X-Powered-By: Brightspot
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: application/json;charset=UTF-8
Cache-Control: max-age=240
X-Amz-Cf-Pop: FRA56-P5
X-Robots-Tag: nofollow
X-Amz-Cf-Id: S9237XQk133INVlAQzOJVq9f2hgyk6_-bAWvixj8EXWwQJ6VkQoO_Q==

GET
H/1.1 200
OK alerts Show response
www.wxyz.com/weather/ 81 KB
82 KB 222ms
84ms Fetch
application/json 18.66.112.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wxyz.com/weather/alerts?_renderer=json
Requested by: Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/0000017e-9d0d-d68e-a57e-ff2f26f40000/styleguide/All.min.9656e89e5a03da06d3ee6f4b6fbf717b.gz.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-109.fra56.r.cloudfront.net
Software: N/A / Brightspot
Resource Hash: b691df67285b5dbec7dce4eac05d7e7be640f110492637d56a46614d752bdffb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 16:04:46 GMT
Via: 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
Connection: keep-alive
Server: N/A
Age: 104
X-Powered-By: Brightspot
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: application/json;charset=UTF-8
Cache-Control: max-age=240
X-Amz-Cf-Pop: FRA56-P5
X-Robots-Tag: nofollow
X-Amz-Cf-Id: aV_d2s3AzuCumFTLUXXzBM7tMG_ZR7aFg0t2r7-qWWJIwWIeySKbFg==

GET
H/1.1 200
OK school-closings-delays Show response
www.wxyz.com/weather/ 82 KB
82 KB 223ms
85ms Fetch
application/json 18.66.112.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wxyz.com/weather/school-closings-delays?_renderer=json
Requested by: Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/0000017e-9d0d-d68e-a57e-ff2f26f40000/styleguide/All.min.9656e89e5a03da06d3ee6f4b6fbf717b.gz.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-109.fra56.r.cloudfront.net
Software: N/A / Brightspot
Resource Hash: be0ff910cbe18da739b84946fc7781136e852ce786dfd4ddc31f2a82312394ce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 16:04:40 GMT
Via: 1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
Connection: keep-alive
Server: N/A
Age: 111
X-Powered-By: Brightspot
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: application/json;charset=UTF-8
Cache-Control: max-age=240
X-Amz-Cf-Pop: FRA56-P5
X-Robots-Tag: nofollow
X-Amz-Cf-Id: 9UCubvvBSX3MC0cMjcH-tjuzYm3KV0xz1rYZic__klXaBHoLcRW68w==

GET
H2 200 / Show response
api.ewscloud.com/prod/scheduler/v1/com.wxyz/schedules/current/ 5 KB
5 KB 338ms
336ms Fetch
application/json 13.32.121.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ewscloud.com/prod/scheduler/v1/com.wxyz/schedules/current/?type=web
Requested by: Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/0000017e-9d0d-d68e-a57e-ff2f26f40000/styleguide/All.min.9656e89e5a03da06d3ee6f4b6fbf717b.gz.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-95.fra60.r.cloudfront.net
Software: /
Resource Hash: 0d6b23ea45a4b63191d9f54bfd08310fda8b46b71c37175fcc373c8e2a1d7b88

Request headers

Authorization: Token bc22df1e0efb4dcb53f2438a4b71da118f05788c
Referer: https://www.wxyz.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 16:06:31 GMT
via: 1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amzn-requestid: 6e36e2d6-fe99-4b52-979d-4115e5d547eb
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-62068987-706a894437754b5b4908dfc7
x-amz-apigw-id: NYptOFoOIAMF6Aw=
content-length: 4950
x-amz-cf-id: NyIBW6DJFLb4_lZYnWCURB1FfLUgIyMu9w8RgTUWKvWHJDmrg_ZkQg==

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
10 KB 267ms
90ms Script
application/javascript 2620:116:800d:21:ee05:6a01:4b41:8c89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.wxyz.com
URL: https://www.wxyz.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:ee05:6a01:4b41:8c89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: b236dccee1a0d5280842bdff52b4005e2b0c9ee5d74a15db3e939c53306576d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 16:06:31 GMT
content-encoding: gzip
etag: "yoD6mq4JTyPdtDBolW+GUg=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Fri, 18 Feb 2022 16:06:31 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 262ms
88ms Script
application/javascript 13.32.99.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.wxyz.com
URL: https://www.wxyz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-21.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 06:20:12 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 35179
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: vcv0M4zWPFAPNIeTevRcMJVoCM9UfaREJs9y8oybCs9TRvQn0Z8xMA==

GET
H2 204 88f2a0fd9298a35d
pixel.sitescout.com/iap/ 0
191 B 279ms
101ms Image
text/plain 66.155.71.25
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sitescout.com/iap/88f2a0fd9298a35d
Requested by: Host: www.wxyz.com
URL: https://www.wxyz.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 16:06:30 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 72ms
71ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.wxyz.com
URL: https://www.wxyz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 26236
x-xss-protection: 0
pragma: public
x-fb-debug: dkAien1fD7yA9CQgLsrM6nMNMVDdVLZZkHbv8pDQ6liib4ncofb7mcxCd6L00YJyRljfoI3GG4uR1tI4I+YPJg==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Fri, 11 Feb 2022 16:06:30 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 log
hblg.media.net/ 35 B
194 B 86ms
73ms Image
image/gif 104.107.160.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hblg.media.net/log?logid=kfk&evtid=flog&itype=HB&adt=desktop&cid=8CU6Q6626&ct=FRANKFURT&cc=DE&ugd=4&app=0&pht=1200&pid=8PRL4E7N3&dn=wxyz.com&servname=ssp-serving-5df6ffdcc8-csbr7&svr=020809_321_020910_287_ssp&sc=HE&version=4&vh=1200&vw=1600&vsid=&vid=00001644595590903036448888322800&sspAbBucket=CONTROL&lw=1&dapp=green&itypeid=1&sd=1&adbd=0&npa=0&gdpr_enf=1&csex=0&gdfstr=Y-N&gdpr=1&csstr=&tcf_cmp=&tcf_status=&tcf_prp=&suc=0&tcf_api=0&usp_enf=1&usp_status=0&usp_ldf=&usp_string=&ufca=-1&coppa_status=&coppa_applied=&id_details=&abte=SSP_CLIENT&rtype=&lbr=1&mnkv=&pabte=&pc=&ccat=&floc_id=&floc_ver=&gfundl=700&gtd=&inid=&ngfundl=1000&rdl=700&a=0&r=209&lper=1&requrl=https%3A%2F%2Fwww.wxyz.com%2F&kwrf=
Requested by: Host: www.wxyz.com
URL: https://www.wxyz.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.107.160.24 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-107-160-24.deploy.static.akamaitechnologies.com
Software: Jetty(9.4.35.v20201120) /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 16:06:30 GMT
server: Jetty(9.4.35.v20201120)
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Fri, 11 Feb 2022 16:06:30 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 290 KB
82 KB 165ms
97ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=d34030c98ba14d537e7f3dc7a5278068

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6e07709c33930d50fcb07a46a296359c64c4aae538b3629fb290589362f182ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.wxyz.com/
Origin: https://www.wxyz.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: q3HPbnsEL7a6OV5s+N1C+A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 83544
x-fb-rlafr: 0
x-fb-debug: QeNbRnleECZQMJKcL4vQCEjATFBfd0YpQhQV8BAukvy0kfyl9YGToPZt79uvDFWOAyUqyPB3aH7mZb/eoFOEwg==
x-fb-content-md5: 9c49f6a6236005bc61e2ee0c7c68d155
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 11 Feb 2022 16:06:31 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "5aa94ef15c951533e8a5525397a3a975"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 11 Feb 2023 15:10:58 GMT

GET
H3 200 292820581178899 Show response
connect.facebook.net/signals/config/ 308 KB
88 KB 164ms
87ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/292820581178899?v=2.9.52&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6115e3a898ad9f379c5ef14408339a6ee87f09fa3e1bd54c66a914d156021ce0

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 89851
x-xss-protection: 0
pragma: public
x-fb-debug: Squ0z9uzR7CP/o74TXFQ0+/LuJgzohbK4SQDJA8XKWwthQzMzywtNzoOOpHtrfh5yHFJoOhvaIs3+EZYm7PBrw==
x-frame-options: DENY
date: Fri, 11 Feb 2022 16:06:31 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 pubads_impl_2022021001.js Show response
securepubads.g.doubleclick.net/gpt/ 358 KB
120 KB 237ms
145ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js?31064848

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

7b151c4e5fcb8f0c9d627ae90eee08ccb54786c8b80a9624ce4a58d385f4a4ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 15:49:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1030
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122668
x-xss-protection: 0
last-modified: Thu, 10 Feb 2022 09:35:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 11 Feb 2023 15:49:21 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 143 B
126 B 357ms
265ms XHR
application/json 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.wxyz.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

005589a1d1f39cc5a92452f5c381b0cc0c51fbdb924fa337bd5080466e8848f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Feb 2022 16:06:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 101
x-xss-protection: 0
expires: Fri, 11 Feb 2022 16:06:31 GMT

GET
H2 200 lightrain.png
static.ewscloud.com/weathercenter/prod/static/weathericons/daytime/ 3 KB
3 KB 635ms
431ms Image
image/png 2600:9000:2240:3c00:10:618e:d880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ewscloud.com/weathercenter/prod/static/weathericons/daytime/lightrain.png
Requested by: Host: www.wxyz.com
URL: https://www.wxyz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:3c00:10:618e:d880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 62e9716cc4c478347347188866b4ce050141e3cf8c061ce8317a8cd0b3f3c7b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: AWVu.WF5q1Ql54xmVof6FEwp5c7eKyfZ
via: 1.1 bc0a0f9f99d36a68240a31a25e39addc.cloudfront.net (CloudFront)
last-modified: Thu, 28 Oct 2021 15:57:10 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
etag: "17933a513015943902291f5216f25a37"
x-cache: RefreshHit from cloudfront
content-type: image/png
cache-control: max-age=86400
date: Fri, 11 Feb 2022 16:06:32 GMT
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 2978
x-amz-cf-id: hbvqjusJEhRZiHR8j8QRC_KiCdWphrmeQqSi6mZwEi9iIlbW0PQoFw==

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=6036471&ns__t=1644595591193&ns_c=UTF-8&cv=3.5&c8=WXYZ%20Channel%207%3A%20Detroit%20news%2C%20weather%2C%20traffic%20and%20more&c7=https%3A%2F%2Fwww.wxyz.c...
https://sb.scorecardresearch.com/b2?c1=2&c2=6036471&ns__t=1644595591193&ns_c=UTF-8&cv=3.5&c8=WXYZ%20Channel%207%3A%20Detroit%20news%2C%20weather%2C%20traffic%20and%20more&c7=https%3A%2F%2Fwww.wxyz....

0
225 B

86ms
85ms

Image
text/plain

13.32.99.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=6036471&ns__t=1644595591193&ns_c=UTF-8&cv=3.5&c8=WXYZ%20Channel%207%3A%20Detroit%20news%2C%20weather%2C%20traffic%20and%20more&c7=https%3A%2F%2Fwww.wxyz.com%2F&c9=
Requested by: Host: www.wxyz.com
URL: https://www.wxyz.com/
Protocol: H2
Server: 13.32.99.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-21.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 16:06:31 GMT
via: 1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: bgy_4LYvjOMvTw8c8A8ZcvDWyG_OpwQezB3vR_8_Akk8W3VIrDBv7w==
x-cache: Miss from cloudfront

Redirect headers

date: Fri, 11 Feb 2022 16:06:31 GMT
via: 1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=6036471&ns__t=1644595591193&ns_c=UTF-8&cv=3.5&c8=WXYZ%20Channel%207%3A%20Detroit%20news%2C%20weather%2C%20traffic%20and%20more&c7=https%3A%2F%2Fwww.wxyz.com%2F&c9=
content-length: 229
x-amz-cf-id: -HDmjgtfJRuydRm5bRhMsp00yjF3fnWxQF6OTdazbG95agfbGKJWqg==

GET
H2 200 rules-p-cfh7-Kj7hw4Cs.js Show response
rules.quantcount.com/ 1 KB
1 KB 231ms
69ms Script
application/javascript 2600:9000:223c:5000:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-cfh7-Kj7hw4Cs.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:5000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f2dcd9cd8327f9a74903074baf5a2af793df8d8a706c220e2ab4516e775596eb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 15:29:18 GMT
content-encoding: gzip
age: 2236
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
last-modified: Wed, 30 Aug 2017 16:19:22 GMT
server: AmazonS3
etag: W/"021b7e04f30cea21812673c831b1b679"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 0c688bb347bc402edc1209f13e04d88c.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: Dsr-joX6brZ1VBqgnF824V-gT6QVZoW0bfug6eIXPBmOU9rOIiveFw==

GET
H2 200 load_optional_tags Show response
api.pymx5.com/v1/sites/ 0
749 B 342ms
163ms Script
text/html 34.96.74.203
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pymx5.com/v1/sites/load_optional_tags

Requested by

Host: pymx5.com
URL: https://pymx5.com/scripts/load_tags.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.96.74.203 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

203.74.96.34.bc.googleusercontent.com

Software

nginx/1.13.7 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 16:06:31 GMT
via: 1.1 google
server: nginx/1.13.7
x-frame-options: SAMEORIGIN
allow: GET, HEAD, OPTIONS
content-type: text/html; charset=utf-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
884 B 172ms
85ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 15:08:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3491
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 11 Feb 2022 16:08:20 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
346 B 224ms
65ms Ping
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-VR1EJSK21G&gtm=2oe290&_p=326039548&sr=1600x1200&_gaz=1&ul=en-us&cid=721668734.1644595591&_s=1&dl=https%3A%2F%2Fwww.wxyz.com%2F&dt=WXYZ%20Channel%207%3A%20Detroit%20news%2C%20weather%2C%20traffic%20and%20more&sid=1644595590&sct=1&seg=0&en=page_view&_fv=1&_ss=1&ep.Date_Published=&ep.Author=&ep.Editor=&ep.Category=WXYZ%20Homepage&ep.Sub_Category=&ep.isPremium=false&ep.Days_Since_Published=&ep.isStory=false&ep.Is_Gallery=false&ep.Logged_In=
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VR1EJSK21G&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 16:06:31 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.wxyz.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
346 B 257ms
79ms Ping
text/plain 2a00:1450:400c:c03::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-VR1EJSK21G&cid=721668734.1644595591&gtm=2oe290&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VR1EJSK21G&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c03::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 16:06:31 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.wxyz.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 245ms
84ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-VR1EJSK21G&cid=721668734.1644595591&gtm=2oe290&aip=1&z=1052935249

Requested by

Host: www.wxyz.com
URL: https://www.wxyz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 16:06:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
408 B 407ms
12ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=292820581178899&ev=PageView&dl=https%3A%2F%2Fwww.wxyz.com%2F&rl=&if=false&ts=1644595591325&sw=1600&sh=1200&v=2.9.52&r=stable&ec=0&o=30&fbp=fb.1.1644595591324.1809869769&it=1644595590980&coo=false&rqm=GET

Requested by

Host: www.wxyz.com
URL: https://www.wxyz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 16:06:31 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Fri, 11 Feb 2022 16:06:31 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
214 B 380ms
13ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=292820581178899&ev=ViewContent&dl=https%3A%2F%2Fwww.wxyz.com%2F&rl=&if=false&ts=1644595591326&sw=1600&sh=1200&v=2.9.52&r=stable&ec=1&o=30&fbp=fb.1.1644595591324.1809869769&it=1644595590980&coo=false&rqm=GET

Requested by

Host: www.wxyz.com
URL: https://www.wxyz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 16:06:31 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Fri, 11 Feb 2022 16:06:31 GMT

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
257 B 552ms
105ms Image
image/gif 54.144.144.142
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1644595591403&plid=20416113&idsite=wxyz.com&url=https%3A%2F%2Fwww.wxyz.com%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.wxyz.com%2F&sref=&sts=1644595591381&slts=0&title=WXYZ+Channel+7%3A+Detroit+news%2C+weather%2C+traffic+and+more&date=Fri+Feb+11+2022+16%3A06%3A31+GMT%2B0000+(GMT)&action=pageview&pvid=64230557&u=pid%3Dbb71a77ff04fa4427574dbc1239e5933
Requested by: Host: www.wxyz.com
URL: https://www.wxyz.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.144.144.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-144-144-142.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 16:06:31 GMT
Cache-Control: no-cache
Last-Modified: Friday, 11-Feb-2022 16:06:31 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 47ms
46ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=326039548&t=pageview&_s=1&dl=https%3A%2F%2Fwww.wxyz.com%2F&ul=en-us&de=UTF-8&dt=WXYZ%20Channel%207%3A%20Detroit%20news%2C%20weather%2C%20traffic%20and%20more&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBACEAjBAAAAC~&jid=1868333791&gjid=1463183179&cid=721668734.1644595591&tid=UA-40066851-1&_gid=1182487701.1644595591&_r=1&gtm=2wg290R48P&cd20=&cd21=&cd22=&cd23=WXYZ%20Homepage&cd24=&cd25=false&cd26=&cd31=false&cd34=false&z=23535827

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wxyz.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 16:06:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.wxyz.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 116ms
65ms XHR
text/plain 2a00:1450:400c:c03::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-40537246-1&cid=721668734.1644595591&jid=2071700132&gjid=1080077785&_gid=1182487701.1644595591&_u=aGDAiEAjBAAAAG~&z=1306068973

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c03::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wxyz.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 11 Feb 2022 16:06:31 GMT
content-type: text/plain
access-control-allow-origin: https://www.wxyz.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 42ms
42ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=326039548&t=pageview&_s=1&dl=https%3A%2F%2Fwww.wxyz.com%2F&ul=en-us&de=UTF-8&dt=WXYZ%20Channel%207%3A%20Detroit%20news%2C%20weather%2C%20traffic%20and%20more&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAiEAjBAAAAC~&jid=2071700132&gjid=1080077785&cid=721668734.1644595591&tid=UA-40537246-1&_gid=1182487701.1644595591&cd20=&cd21=&cd22=&cd23=WXYZ%20Homepage&cd24=&cd25=false&cd26=&cd31=false&cd34=false&z=1588064752

Requested by

Host: www.wxyz.com
URL: https://www.wxyz.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 05:25:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 38481
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 64 B
532 B 90ms
89ms XHR
text/javascript 18.66.109.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=3295&u=https%3A%2F%2Fwww.wxyz.com%2F&pid=0ywcljEkfJTmG&cb=0&ws=1600x1200&v=7.73.0&t=1500&slots=%5B%7B%22sd%22%3A%22MAD_INVIEW%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%2C%7B%22sd%22%3A%22MAD_RIGHT_RAIL%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.109.174 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-109-174.fra56.r.cloudfront.net

Software

Server /

Resource Hash

d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 16:06:31 GMT
via: 1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P5
x-amz-rid: ZENVP2DGK89X616WARPY
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.wxyz.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 64
x-amz-cf-id: 9l0jytXBYahs_VgYR_9p1gMhvdgDuKeSUSCQPDspeSSVnFbGnDmQIw==

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
692 B 269ms
18ms XHR
application/json 185.33.220.241
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.241 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.wxyz.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 11 Feb 2022 16:06:31 GMT
X-Proxy-Origin: 217.64.151.5; 217.64.151.5; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 39fbd92d-464d-4f97-aae8-4f88dd01e4d2
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.wxyz.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 65 B
148 B 367ms
113ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=d9YbK4Bymr67OuaKj0P0Le
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: a519e51352eac9e357750fa571a7813a4ffea33c44e70bae60bd150a91bc2943

Request headers

Referer: https://www.wxyz.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 11 Feb 2022 16:06:31 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.wxyz.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 65 B
328 B 364ms
109ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=d6EtcQBymr67OuaKj0P0Le
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: c3acfb2457b1e815e013efba4650d288f41d26b8cfc4fb20f1efad84ea2b0014

Request headers

Referer: https://www.wxyz.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 11 Feb 2022 16:06:31 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.wxyz.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
291 B 332ms
79ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969c0301797961d75b6287b0650050&pos=8a969c0301797961d75b629240bd00ac&cmd=bid&secure=1
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 4ee5245a1b29590ed2d8b3c684abeefc085ea744a0b59f5442eb4e74a1b43d48

Request headers

Referer: https://www.wxyz.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 11 Feb 2022 16:06:31 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.wxyz.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 337ms
84ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969c0301797961d75b6287b0650050&pos=8a96941601797961e0d7629241c900af&cmd=bid&secure=1
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: ead7b8cf34ce60ef79ff04c946d745581c3f0ae46a221600e997b129f4d1da33

Request headers

Referer: https://www.wxyz.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 11 Feb 2022 16:06:31 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.wxyz.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 arj Show response
ewscripps-d.openx.net/w/1.0/ 73 B
378 B 269ms
23ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ewscripps-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.wxyz.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=cb8e31c6-7e87-4632-be8b-b72e58972413%2Cf4ccdab9-55d1-48df-8709-47efae4f6115&nocache=1644595591552&aus=728x90%7C300x600%2C300x250&divids=MAD_INVIEW%2CMAD_RIGHT_RAIL&aucs=%252F6088%252Fssp.wxyz%252Finview-bottom%2C%252F6088%252Fssp.wxyz%252Fhome%252Flanding&auid=544041453%2C544041451
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.1.0 /
Resource Hash: fa29414ee6f22f1a9ee25ab842e2fc1626214be118ed63133075d18318bfdf2b

Request headers

Referer: https://www.wxyz.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 16:06:31 GMT
content-encoding: gzip
server: OXGW/17.1.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.wxyz.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 419 B
925 B 294ms
43ms XHR
application/json 18.202.206.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?t=eqcei5f6&pi=3&maxw=728&maxh=90&si=112965&bf=728x90&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.wxyz.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%225.20.0%22%7D&ogu=https%3A%2F%2Fwww.wxyz.com%2F&ns=10240&gpid=%2F6088%2Fssp.wxyz%2Finview-bottom
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.202.206.42 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-202-206-42.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: fd8592df9b6c8285b838a8b2ce653907b259a0286dc50a31b2c9585828a726cb

Request headers

Referer: https://www.wxyz.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 16:06:31 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.wxyz.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 419 B
926 B 291ms
40ms XHR
application/json 18.202.206.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?t=eqcei5f6&pi=3&maxw=300&maxh=600&si=112964&bf=300x600%2C300x250&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.wxyz.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%225.20.0%22%7D&ogu=https%3A%2F%2Fwww.wxyz.com%2F&ns=10240&gpid=%2F6088%2Fssp.wxyz%2Fhome%2Flanding
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.202.206.42 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-202-206-42.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b3f5bd87996c889a9fb219004806fe3a1252782771a6687bf3f83fa4e2e451b5

Request headers

Referer: https://www.wxyz.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 16:06:31 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.wxyz.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

POST
H2 200 25 Show response
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 300 B
484 B 267ms
20ms XHR
application/json 2a02:fa8:8806:20::2100
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:20::2100 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: 8b298de2d29cc83cb5b22914f7e724c94252724602c0a9f313f301b4ba059cff

Request headers

Referer: https://www.wxyz.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 16:06:31 GMT
server: nginx
content-type: application/json
access-control-allow-origin: https://www.wxyz.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 300
expires: 0

POST
H2 200 v2 Show response
e.serverbid.com/api/ 711 B
982 B 375ms
106ms XHR
application/json 165.227.252.242
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://e.serverbid.com/api/v2
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 165.227.252.242 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 1385a4f55db1166435032cd0c1d542629ccc77f520fb0d3702e1d2da2f514a24

Request headers

Referer: https://www.wxyz.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.wxyz.com
date: Fri, 11 Feb 2022 16:06:31 GMT
access-control-allow-credentials: true
content-length: 711
vary: Origin
content-type: application/json

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 486 B
2 KB 426ms
148ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=5776&site_id=361740&zone_id=1953918%3B1953916&size_id=2%3B15&alt_size_ids=%3B10&rf=https%3A%2F%2Fwww.wxyz.com%2F&tg_i.aupname=%2F6088%2Fssp.wxyz%26mad_inview%3B%2F6088%2Fssp.wxyz%26mad_right_rail&tg_i.dfp_ad_unit_code=6088%2Fssp.wxyz%2Finview-bottom%3B6088%2Fssp.wxyz%2Fhome%2Flanding&tg_i.pbadslot=6088%2Fssp.wxyz%2Finview-bottom%3B6088%2Fssp.wxyz%2Fhome%2Flanding&tk_flint=dmpbjs_v5.20.0&x_source.tid=cb8e31c6-7e87-4632-be8b-b72e58972413%3Bf4ccdab9-55d1-48df-8709-47efae4f6115&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=2&rand=0.8035732329153009
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 0575415522a73899d6d44365c1b52d32ba6d404585e3ba553e30eeeca93132db

Request headers

Referer: https://www.wxyz.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 11 Feb 2022 16:06:31 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.wxyz.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 486
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
263 B 323ms
77ms XHR
application/json 52.28.154.195
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=5.20.0&referrer=https%3A%2F%2Fwww.wxyz.com%2F&tmax=2000

Requested by

Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.28.154.195 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-28-154-195.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.wxyz.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 16:06:31 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.wxyz.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 pixel;r=262533679;labels=Cracked.Article%20Title.Detroit%20breaking%20news%20%20school%20closings%20%20weather%20%20traffic%20%20%26%20sports%20-%20WXYZ%20%207%20Action%20News;rf=0;a=p-cfh7-Kj7hw4C...
pixel.quantserve.com/ 35 B
371 B 52ms
51ms Image
image/gif 2620:116:800d:21:ee05:6a01:4b41:8c89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=262533679;labels=Cracked.Article%20Title.Detroit%20breaking%20news%20%20school%20closings%20%20weather%20%20traffic%20%20%26%20sports%20-%20WXYZ%20%207%20Action%20News;rf=0;a=p-cfh7-Kj7hw4Cs;url=https%3A%2F%2Fwww.wxyz.com%2F;uht=2;fpan=1;fpa=P0-1924386197-1644595591583;pbc=;ns=0;ce=1;qjs=1;qv=b4915a16-20220201183321;cm=;gdpr=0;ref=;d=wxyz.com;je=0;sr=1600x1200x24;dst=0;et=1644595591583;tzo=0;ogl=title.Detroit%20breaking%20news%252C%20school%20closings%252C%20weather%252C%20traffic%252C%20%26%20sports%20-%20WXYZ%252C%207%20Act%2Curl.https%3A%2F%2Fwww%252Ewxyz%252Ecom%2F%2Cimage.https%3A%2F%2Fewscripps%252Ebrightspotcdn%252Ecom%2Fdims4%2Fdefault%2F4539134%2F2147483647%2Fstrip%2Ftrue%2F%2Cimage%3Aurl.https%3A%2F%2Fewscripps%252Ebrightspotcdn%252Ecom%2Fdims4%2Fdefault%2F4539134%2F2147483647%2Fstrip%2Ftrue%2F%2Cimage%3Asecure_url.https%3A%2F%2Fewscripps%252Ebrightspotcdn%252Ecom%2Fdims4%2Fdefault%2F4539134%2F2147483647%2Fstrip%2Ftrue%2F%2Cimage%3Awidth.1200%2Cimage%3Aheight.630%2Cimage%3Atype.image%2Fpng%2Cimage%3Aalt.7%20Action%20News%20Live%20slate%2Csite_name.WXYZ%2Ctype.website%2Cdescription.

Requested by

Host: www.wxyz.com
URL: https://www.wxyz.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:ee05:6a01:4b41:8c89 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 16:06:31 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 27FC 0
18 B 16ms
7ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.wxyz.com
URL: https://www.wxyz.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.wxyz.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.wxyz.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=0
date: Fri, 11 Feb 2022 16:06:31 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 83ms
49ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.wxyz.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js?31064848

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Feb 2022 16:06:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 94ms
62ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.wxyz.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js?31064848

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Feb 2022 16:06:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 56 KB
18 KB 468ms
467ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1190167126568333&correlator=1588206630950322&output=ldjh&eid=31060837%2C31064848&output=ldjh&gdfp_req=1&vrg=2022021001&ptt=17&impl=fifs&sc=1&sfv=1-0-38&ecs=20220211&iu_parts=6088%2Cssp.wxyz%2Cinview-bottom%2Chome%2Clanding&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2F4%2C%2F0%2F1%2F3%2F4&prev_iu_szs=728x90%2C994x30%7C10x1%2C300x600%7C300x250&prev_scp=kw%3Ddetroit%2520news%252Cdetroit%2520weather%252CDetroit%2520forecast%252CMichigan%2520probate%252CMichigan%2520Lottery%252CDetroit%2520snow%252CMichigan%2520Wolverines%252CChannel%25207%2520Detroit%252CMichigan%2520mental%2520health%252CDetroit%2520mental%2520health%26categories%3D%252Cwxyz%2520homepage%26pt%3Dlanding%252Cfalse%26fname%3Dhome%26site%3Dprod%26device%3Ddesktop%26pos%3Dabove%252C12%26au%3Dhome%252Flanding%26refresh%3D0%26temp%3D30-39%26amznbid%3D2%26amznp%3D2%7Ckw%3Ddetroit%2520news%252Cdetroit%2520weather%252CDetroit%2520forecast%252CMichigan%2520probate%252CMichigan%2520Lottery%252CDetroit%2520snow%252CMichigan%2520Wolverines%252CChannel%25207%2520Detroit%252CMichigan%2520mental%2520health%252CDetroit%2520mental%2520health%26categories%3D%252Cwxyz%2520homepage%26pt%3Dlanding%252Cfalse%26fname%3Dhome%26site%3Dprod%26device%3Ddesktop%26pos%3Dabove%252C1%26au%3Dhome%252Flanding%26refresh%3D0%26temp%3D30-39%7Ckw%3Ddetroit%2520news%252Cdetroit%2520weather%252CDetroit%2520forecast%252CMichigan%2520probate%252CMichigan%2520Lottery%252CDetroit%2520snow%252CMichigan%2520Wolverines%252CChannel%25207%2520Detroit%252CMichigan%2520mental%2520health%252CDetroit%2520mental%2520health%26categories%3D%252Cwxyz%2520homepage%26pt%3Dlanding%252Cfalse%26fname%3Dhome%26site%3Dprod%26device%3Ddesktop%26pos%3Dabove%252C1%26au%3Dhome%252Flanding%26refresh%3D0%26temp%3D30-39%26amznbid%3D2%26amznp%3D2&eri=1&cookie_enabled=1&bc=31&abxe=1&dt=1644595592056&lmt=1644595592&dlt=1644595589712&idt=1794&frm=20&biw=1600&bih=1200&oid=2&adxs=-12245933%2C-12245933%2C1050&adys=-12245933%2C-12245933%2C2978&adks=421683115%2C1690968830%2C1776026314&ucis=1%7C2%7C3&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.wxyz.com%2F&vis=1&scr_x=0&scr_y=0&psz=1600x0%7C1500x0%7C300x30&msz=1600x-1%7C994x0%7C300x30&ga_vid=721668734.1644595591&ga_sid=1644595592&ga_hid=326039548&ga_fc=true&ga_cid=1182487701.1644595591&fws=644%2C132%2C4&ohw=1600%2C1600%2C1500&btvi=-1%7C-1%7C1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js?31064848

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e060bee9180a214894253c97e6a1651cdd34a9d8980470b0b7c5cf89e1bde264

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 16:06:32 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17919
x-xss-protection: 0
google-lineitem-id: -1,5918291497,5908729337
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,138380780861,138248942967
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.wxyz.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
33c1d505435fa271922dd80f669878db.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A60A 6 KB
4 KB 171ms
39ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://33c1d505435fa271922dd80f669878db.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js?31064848

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 11 Feb 2022 16:06:32 GMT
expires: Sat, 11 Feb 2023 16:06:32 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
10 KB 134ms
57ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022021001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js?31064848

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50182182afc974ed88a0d8a1c1772881cb6409bd26270ca2d1c104151aa0f800

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Feb 2022 16:06:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9700
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 245ms
151ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js?31064848

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 16:06:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 11 Feb 2022 16:06:32 GMT

GET
H3 200 container.html Show response
33c1d505435fa271922dd80f669878db.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CD49 6 KB
3 KB 145ms
68ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://33c1d505435fa271922dd80f669878db.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js?31064848

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 11 Feb 2022 16:06:32 GMT
expires: Sat, 11 Feb 2023 16:06:32 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK scripps_wallpaper_driver_v3.js Show response
videoads.ewscloud.com/agency/retention/wallpaper/js/ Frame 2A43 3 KB
3 KB 348ms
92ms Script
application/javascript 18.66.139.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://videoads.ewscloud.com/agency/retention/wallpaper/js/scripps_wallpaper_driver_v3.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js?31064848
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-122.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a5e7bdeec32432f86e9a8349a1c2e359270a67e6b3a2b99a4058e2a977ff16a8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: xV3Yy3zwRNCozBwOBhgVxeQFeXhU6_Bd
Via: 1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
Last-Modified: Sat, 13 Mar 2021 01:12:33 GMT
Server: AmazonS3
Age: 1734
ETag: "03e4d7fd33600d00fb6034924ed4cd39"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
Date: Fri, 11 Feb 2022 15:40:07 GMT
x-amz-replication-status: COMPLETED
X-Amz-Cf-Pop: FRA60-P4
Accept-Ranges: bytes
Content-Length: 2692
X-Amz-Cf-Id: wlEeEq7CYhiZLjOfENi0wgmbwV5fW3Y7Vxjfozsrn-QVXyZDJI2kGA==

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2A43 124 KB
38 KB 245ms
94ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js?31064848

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

096ebe5196b95f66c1c0b9f3dcea9e6e3f40f2d55cd5933af5e4942adb232593

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 16:06:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38562
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644410386637351"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 11 Feb 2022 16:06:32 GMT

OPTIONS
H2 200 event
prebid-a.rubiconproject.com/ Frame 0
0 431ms
194ms Preflight 18.185.214.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-a.rubiconproject.com/event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.214.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-214-32.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.wxyz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 11 Feb 2022 16:06:32 GMT
content-length: 0
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
access-control-allow-origin: *
access-control-allow-methods: POST
access-control-allow-headers: content-type
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH

GET
H2 200 6d6d25e3-5be4-444b-82ae-a8f0bb892234.js Show response
d3plfjw9uod7ab.cloudfront.net/ad/ Frame 5E2A 90 KB
24 KB 73ms
73ms Script
application/javascript 2600:9000:223e:ac00:13:a391:88c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3plfjw9uod7ab.cloudfront.net/ad/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js?31064848
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:ac00:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ff06035c5d58225dd58995f3accc5907de175d5fa77a72e2c63f891c900cd98e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: mR0.ugUzhQrmAjTolsGXItpJqoh71t2o
content-encoding: gzip
last-modified: Mon, 07 Feb 2022 16:30:30 GMT
server: AmazonS3
age: 5557
etag: W/"7d58c0b93d2c2ff0c340e1adaa2b3ad4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 e37b7824685046c107e13d08c43993fc.cloudfront.net (CloudFront)
cache-control: max-age=7200, public
date: Fri, 11 Feb 2022 16:01:12 GMT
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: zzhQFPAXnoapreEOTt8YxJCSEY18hP5Wp42yd75IY26XP4GsmPPJYQ==

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5E2A 124 KB
38 KB 346ms
199ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js?31064848

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

096ebe5196b95f66c1c0b9f3dcea9e6e3f40f2d55cd5933af5e4942adb232593

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 16:06:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38562
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644410386637351"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 11 Feb 2022 16:06:32 GMT

POST
H2 202 event Show response
prebid-a.rubiconproject.com/ 61 B
236 B 69ms
69ms XHR
application/json 18.185.214.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-a.rubiconproject.com/event
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.214.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-214-32.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c

Request headers

Referer: https://www.wxyz.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Fri, 11 Feb 2022 16:06:33 GMT
content-length: 61
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/json;charset=UTF-8

GET
H2 202 6d6d25e3-5be4-444b-82ae-a8f0bb892234
analyticssystems.net/api/v2/ad/impression/ Frame 5E2A 0
290 B 548ms
345ms Image
text/plain 2606:4700:3030::6815:251b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analyticssystems.net/api/v2/ad/impression/6d6d25e3-5be4-444b-82ae-a8f0bb892234?rand=563053
Requested by: Host: www.wxyz.com
URL: https://www.wxyz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 16:06:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YuAotjFj77CE00TRhupuTUzOD4UWocaRFMLxkzi1K8mUacF6wXbRIMGBKb%2FNpNlncrLJArJwnFlbb8aymc933EM31WcTNpCJ70jdN4D3NBzR%2BbVp172qai%2Fcq6tf2uCq35docjSl619U9ZokVq%2BpCx6e7A%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
cf-ray: 6dbed337ca3021a5-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-request-id: FtLG-n-tLGBjkAIACawB

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5E2A 0
0 107ms
107ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstaezJm88FcJ0ouNb-jQwnI5lqaC3WPj7Bu89o9aVpMQV-e1jzEpn5xJOtit-ehQKBBVj0HwTMJ2wfPI41QUe6VsC0BE3534BXTFKnAbCMW_vTHkSasEZ0E1gL-Hk2q-N7pIsBWOZ__30jQto_PL_sMDmb_mDlAUGfusRN6rEKDg9WPmk8ayBGfANfC5gYApnoJJu80p5snFi7dmyh9WFXIdmdiQMeaAI9rCHbDtNUXsafUYPqvAFDlqgfdRG4J-yQh3PUaC9bfzjnYpK0Rc0HZeNMdjcZOGXycMhP_8Uvo4lBjDT7IRgGyDXA&sig=Cg0ArKJSzEAzpwluPyWqEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.wxyz.com
URL: https://www.wxyz.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Feb 2022 16:06:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 app.js Show response
servedbyadbutler.com/ Frame 5E2A 55 KB
11 KB 357ms
86ms Script
application/javascript 78.159.97.6
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://servedbyadbutler.com/app.js
Requested by: Host: www.wxyz.com
URL: https://www.wxyz.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.159.97.6 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx /
Resource Hash: cd3699476d188453684876ad11b8813508e578f49a02f4639fed3b3ce8a74a58

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 16:06:32 GMT
content-encoding: gzip
last-modified: Tue, 07 Dec 2021 18:29:00 GMT
server: nginx
etag: W/"61afa7ec-da59"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1800
expires: Fri, 11 Feb 2022 16:36:32 GMT

GET
BLOB 200
OK 9570280f-cc27-4cee-bd7f-c61d680e3081
https://www.wxyz.com/ Frame 5E2A 789 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.wxyz.com/9570280f-cc27-4cee-bd7f-c61d680e3081
Requested by: Host: www.wxyz.com
URL: https://www.wxyz.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a7c0110c9ba6f4134e3904ba01dc35ba3fbc491381962da9327bfe92c2267f77

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Length: 789
Content-Type: application/javascript

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6812 13 KB
5 KB 168ms
83ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 11 Feb 2022 15:54:25 GMT
expires: Sat, 11 Feb 2023 15:54:25 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 727
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5CB0 783 B
1 KB 270ms
92ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

794d7be20c2551aa00dce3822b3f38c8e8efc7cd0a86dae7c8f45a62b82535d5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-FsNwRb1+x2JvDsPXW/4i8g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Fri, 11 Feb 2022 16:06:32 GMT
date: Fri, 11 Feb 2022 16:06:32 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-FsNwRb1+x2JvDsPXW/4i8g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 6d6d25e3-5be4-444b-82ae-a8f0bb892234.js Show response
d3plfjw9uod7ab.cloudfront.net/ad/ Frame CD49 90 KB
24 KB 98ms
96ms Script
application/javascript 2600:9000:223e:ac00:13:a391:88c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3plfjw9uod7ab.cloudfront.net/ad/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Requested by: Host: 33c1d505435fa271922dd80f669878db.safeframe.googlesyndication.com
URL: https://33c1d505435fa271922dd80f669878db.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:ac00:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ff06035c5d58225dd58995f3accc5907de175d5fa77a72e2c63f891c900cd98e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://33c1d505435fa271922dd80f669878db.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: mR0.ugUzhQrmAjTolsGXItpJqoh71t2o
content-encoding: gzip
last-modified: Mon, 07 Feb 2022 16:30:30 GMT
server: AmazonS3
age: 5557
etag: W/"7d58c0b93d2c2ff0c340e1adaa2b3ad4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 e37b7824685046c107e13d08c43993fc.cloudfront.net (CloudFront)
cache-control: max-age=7200, public
date: Fri, 11 Feb 2022 16:01:12 GMT
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: UHFcypqR1tpCrcy3ZLnfOGtvO2qgshRChADwNBvI1W0ZbOyEKxk5Eg==

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame CD49 42 B
63 B 201ms
114ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C1UlYd7EkGD6gJ--VUO1TUMJV9wezEb3KCIFmZRnLivOx_cSggI6GVvgAixAyN7ZXgmy35VdPBvVcFmRNso_Pbv2PmEKNe7hrRYudITn7IqfgxY-U

Requested by

Host: 33c1d505435fa271922dd80f669878db.safeframe.googlesyndication.com
URL: https://33c1d505435fa271922dd80f669878db.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://33c1d505435fa271922dd80f669878db.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 16:06:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/ Frame CD49 2 KB
1 KB 94ms
94ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/window_focus_fy2019.js

Requested by

Host: 33c1d505435fa271922dd80f669878db.safeframe.googlesyndication.com
URL: https://33c1d505435fa271922dd80f669878db.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://33c1d505435fa271922dd80f669878db.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 16:01:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 304
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Feb 2022 16:01:28 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CD49 124 KB
38 KB 186ms
89ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 33c1d505435fa271922dd80f669878db.safeframe.googlesyndication.com
URL: https://33c1d505435fa271922dd80f669878db.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

096ebe5196b95f66c1c0b9f3dcea9e6e3f40f2d55cd5933af5e4942adb232593

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://33c1d505435fa271922dd80f669878db.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 16:06:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38562
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644410386637351"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 11 Feb 2022 16:06:32 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/ Frame CD49 15 KB
6 KB 88ms
88ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 33c1d505435fa271922dd80f669878db.safeframe.googlesyndication.com
URL: https://33c1d505435fa271922dd80f669878db.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1460e4ba5d8a29324c75f80802081c73d2143d8c9581a84ca3df707fbc6e477c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://33c1d505435fa271922dd80f669878db.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 15:59:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 414
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6367
x-xss-protection: 0
server: cafe
etag: 17798303060702513824
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Feb 2022 15:59:38 GMT

GET
H2 202 6d6d25e3-5be4-444b-82ae-a8f0bb892234
analyticssystems.net/api/v2/ad/impression/ Frame CD49 0
610 B 350ms
322ms Image
text/plain 2606:4700:3030::6815:251b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analyticssystems.net/api/v2/ad/impression/6d6d25e3-5be4-444b-82ae-a8f0bb892234?rand=901476
Requested by: Host: 33c1d505435fa271922dd80f669878db.safeframe.googlesyndication.com
URL: https://33c1d505435fa271922dd80f669878db.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://33c1d505435fa271922dd80f669878db.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 16:06:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nHsfkTmeO59sShe6Zg%2Fw9A1KfvCEM86T34hzNdeoZs51vVicKlLZH1Wu62GFIauv071K13mdZ2zruPJqSH7RHpg6HbbFL0dUapdt72EVlNzWrQEZAybBM2HcOqpsiDebOguTRLqcToJbt1E6Yi4VB9FsIw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
cf-ray: 6dbed337ca3621a5-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-request-id: FtLG-n4ZZMowQ1cGzXcR

GET
BLOB 200
OK 88cf4da9-019f-4bd8-8bf8-97de62657555
https://33c1d505435fa271922dd80f669878db.safeframe.googlesyndication.com/ Frame CD49 789 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://33c1d505435fa271922dd80f669878db.safeframe.googlesyndication.com/88cf4da9-019f-4bd8-8bf8-97de62657555
Requested by: Host: 33c1d505435fa271922dd80f669878db.safeframe.googlesyndication.com
URL: https://33c1d505435fa271922dd80f669878db.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a7c0110c9ba6f4134e3904ba01dc35ba3fbc491381962da9327bfe92c2267f77

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Length: 789
Content-Type: application/javascript

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame E4AC 624 B
733 B 266ms
81ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ4KTvAhjZv9K7ATAB&v=APEucNV7ZUE8naOlWLNpN7tbYIYlW_DhH3GRXEvTTU5h9Lsi2ksYH4c7SHDdwJakA1prKviFwRGoUBkTr6gdfVwwdyQJaiPwDg1plr9yXKBZzsdEBSqndS8ohVsNm0O99Ik_lmr2tcMD56a7o_baJ_C2dzfURd5vd6H_tpaqZJHhe02an1AsPJY

Requested by

Host: 33c1d505435fa271922dd80f669878db.safeframe.googlesyndication.com
URL: https://33c1d505435fa271922dd80f669878db.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://33c1d505435fa271922dd80f669878db.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 11 Feb 2022 16:06:33 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame CD49 75 KB
31 KB 312ms
129ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BM7VX9-1dkgKmvbDdorUvhOLnVyJHr3J1PRRfCWjwdM9jn8bvZHTou_XIb3Xx_Hc53wSSJdWYguDw_eyAwOgWdh5XuZAT9X6y_R0_wPYgJU8iBG4iqvwWiCmH8g4zamjzRXc1zE1DoyVcfHAVL3sj-WMcPMw&dbm_d=AKAmf-CMOURSu4-5JFCSyE-ilL_gTMeTBMJi7Nms0cYFJVTIJHI2i7NVRoZl6NxTc45QtJmUmpdbS6d9IqLhIb0ZYb6EHkXBJlvdCwt4WKbkQrQLa5HcHbKECbtpFylZnKp3J_Ipq8IXClsYjJFK_ozqJFP5XxdaHQS9NifPx1MYUCU85laBZRxSabOzQaMqfx7SPLndmR6lBi0F91-3kTDwscvZ4E-BG5kzyhSkJQYacEzzKaEHrHnFPMfFWzEyrfr_6W4R9nfl6HgZxvNq3lVLq9pIOaa1oFAs1SWTyhlXATYwnHwzu6axrK23MfTNijPvHdccVNcf8curuQWA7272k7a2JhwU_bQoerHB70lWoTHz9RmktXLOM1Oq7PXmNSCC5bYUZAmIXx9DgkGX0DtXqmGfw7gx8KCBqmnqear-kd1p1mMq2nkzCZFRDNdGbtuChZdRzQrelMnEQmYw2_CvFhXBiPv-MOGLRjnGWvV8e7NcUJz73As5l4DexPCAwAST-PO1BlnvLpUCEpixf2RA7qGeR17n4qTUCDzJCd6XveBre97D2Ye4RDyNthrgR1SV-iMYYrbYbcdpUkCYMZ5HImBHGHMe7yQaeewZC129ncZjovuUFS28kSoV5pXGqQ3bbtH7b0t27FP2KSE_9THxvzIjpx1kW_B8OjRrxHXigaqLw4C8OGTuifbXrHi0oZTftbgWIr1U9BVr8okdGV0bXKnHh_LNz5m8PJKJKK-DXNAlIlDc-gyWjtNrislWQ0bvJnnGwvBI3YqxzDRXIeOpAK2kn7eW7laqAllk93fQzLhJx0LHNDjMDv7j994waaeOnnwGAadZ38fKUOdeIZDhtQj6O-p4OLPUvOcm1AQriBqFyAI54vK5Airm-LIu0lxq0goti1EpfwZkQQi8546oU01n7CwkpaV4cIKu4QvgD6OmyYzYoJKr3huZXc70YskQnXI3pkg23TCcTzKhKVlzMz0X38AL9Al6O6nbPkX2-NtQzFkglfxWiyiI3YaENyZQeYkpdzGZFhdVsmYLN3CFfZD_J8-cJ4MEK9AI4FkRfCbbeSECmliOoWjLjRs9McL177Zt2fduLfYFOQzBVTA4xOPdXbqr9tM_ywqBskxDy6elng7JQBA4B1GzSljD9aKogOffHSyamkKNel9RhknNdEePFbQByxSD1aXp_5xXr8rQe9D_T7BLqHnS9tuwEG62kgHM4wFVco5TweUg5fESDUuqfamwDg_88bW3Iu6fYeQllX6ECvNjqk-kajrvVfo5uvOfDu_CW7h0qvigBigPN1R4NaX1dVZPRfJM9ouVC80dJkkEiAR09tDLsXjQnaWB4LQVUIEAXguqzvi1o4SqaowvUfsB7P3S5ea9jhBCraVL5jjz0yAUqagBm2lWgtjIZNUOOokzi3d7MGxkCRpEFn5d_vHsIPzyW5IYYRHdKyrdx6h5_YlXj25YhOn5oXzGpD_zOToKXlLrwGIi1QMw8XfSRvHQYTqjvSU2m30KYtE3VGZj2wWzdPITMoKhpqGNc1FH0Z2onqp8dGrSBfpZB566jRHk4hlM6Fpy9hZk8GUamzS636TqB4-1INKjGdxD7MHRnQyGliHZZ2zWiOJnUutIus3FytfghCWQ266Y10R4bu8HszFrj8jiqhFhDic3c7j4pRKPzR97Gs56iDouET1VJFwArCi-pmxUWnKz5-A5dpgeZpC-K_VU9BUp6TVzpNcbRi7hMMZOY1cwnwuPnF26fak0JxWORyDGhC3V5UJmoMAHrdxg422r5_9gVQ82_dvAIWYVTE9o7XX_QZY8PY2oR5LgZrXZToMIvDptkekoRnJy7JLPDZPlqiIabwv5jdSwYgCrdsJjrMIq7WuHZdA7VYpoXAi5VrT6c5aoWPGQHfSCOODpD6F2TpF6qHYLJ_ySPIpzawHUefY80KMF0srNvz1etb54OO8Hd_LXxyBfzYmrpUmrUYNxoY36cKAd4smYLig4cz1odZaScnB4f0kPbalCvtguXM5EIgjSsFsHmVkkey1EbmIM7pMn9dVOWlY4cx6mxIOahD0atXpLT00WyzJEE-H-lqRygA-_lYc-5j9a_lHZp5civW4RjrBMMd07PRcocG_GIpzKzMHPpB31f5ajuxQocsqsk0fHYcu9S_H5-tVt5Haq2cTu6fXzpDj_h6HiUrJSQbehTrVvxhuAS0I5qZ7oXR-FGtBD3UFJ76xwUgYYhAwFrHw3sbfMXAAFPxvtBfhLrYSp0RcCtMdTwWp6FWuVm2q7X8eTPyJ15FzWo3mWlAuez36_Ros-7xISOj1hw9XbiJhoGnmvMmjsRUN9Yac6AiYmdVlln0GwJJMUXHcUXNN81wu4Kj4t6CH_NCUzMy-YrPKnES32DvAvScjfDExp-MwOcbyrchS7UD4a99TP7geeqaHULrObw0jQEFpsiWcupBCyFCgnbFQrGualxeSoqbTFCSOM9MGbJ24wWC71Ejqljl6piqrH7zj70PBoC9K9ESBawP6Q0koMe0uZ13p4ohZEjgl8tZlQ8O9Or7Juv17udvAc-yDu8Ezi84Gcm3FkRSj72lXtPYiLXJwbIo3xg9Wud15YWrrSKIWzeJWaQLX6Pijl8LtEJUo9j9mOfc34goqo_DRYlUeMsHo_oxPF6LeG9gYmcjv7KU-e5J9-T-3md1m8Sz3ldxVysqOeZ4Lj2LnP7U5J_QLrePLU310PkRs6yc9erNF3pid5JIGApcmyOlee8VU5Go43jdm0V5Cc0qUcQ82NJCSaaXY2DZ34K5mw4m4ExBQOwGz8o1aFK1UoZcrmaYjR1cLIG85KgZBBO26Zv9JjMhuS6yylJa2zispIpAjX2Z6phAfbQY9UwSEehyliWsV7uXu2nomJnBW1YhkH_sNxEJjWTIhrFtlaOYYRCU4vZrfB9qtOgFDmfmsV28_DB3J0d6G1hOvkWBsyurke5pebGtoseX0gyPUGhI44pw6u8c6_fYwIs2u9ph3y3BbgMQ1ofK_r51ylzz0l96puPkWwJ1D-rDzqJtnTeptVVqs9VbJCB4-XaaPTd-2tOcN-XXN77uQphGUKqjO6xSYTVip6Q10HRWvHKD2LQIiNMaQumDnwGUg7b2NLcWQdoDkbhhTB7CFioJSIlPJ3WD6tGj3TnMhzDihLSscKRZiDWU7cETpUv2z0ifk&cid=CAASEuRoBxoHL4MLWB5mzGCUujmOuA&rfl=1%2Chttps%253A%252F%252Fwww.wxyz.com%252F%240

Requested by

Host: 33c1d505435fa271922dd80f669878db.safeframe.googlesyndication.com
URL: https://33c1d505435fa271922dd80f669878db.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

339e03bed3dd4b55e81eaa35c0aca8726c147d68b9f76080b4d94d78c4c34d39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://33c1d505435fa271922dd80f669878db.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 16:06:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31943
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 O0zcrAsc3s2SKI8Tuz5umMJoYZUI79PNRri5GeZhfeg.js Show response
pagead2.googlesyndication.com/bg/ Frame 6812 35 KB
13 KB 72ms
72ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/O0zcrAsc3s2SKI8Tuz5umMJoYZUI79PNRri5GeZhfeg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b4cdcac0b1cdecd92288f13bb3e6e98c268619508efd3cd46b8b919e6617de8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 15:22:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2642
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13545
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 16:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Feb 2023 15:22:30 GMT

GET
H/1.1 200
OK 51366_WXYZ_Chevy_Blazer_1920x1400.jpg
videoads.ewscloud.com/agency/dca_projects/50000_52000/51366_WXYZ_Chevy/ 289 KB
289 KB 458ms
457ms Image
image/jpeg 18.66.139.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://videoads.ewscloud.com/agency/dca_projects/50000_52000/51366_WXYZ_Chevy/51366_WXYZ_Chevy_Blazer_1920x1400.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-122.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 96fe26b367fd26cef67f5a9bf16e5ae7337f36bd142a0206b72a773f876addf5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: Ejx_f4cRQwRAnH4gnWyujba7Gz6t92HB
Via: 1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
Last-Modified: Wed, 09 Feb 2022 18:02:34 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P4
ETag: "db378da538c2a7ce5fe8f403b7f9ac8e"
X-Cache: RefreshHit from cloudfront
Content-Type: image/jpeg
Date: Fri, 11 Feb 2022 16:06:34 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 295472
X-Amz-Cf-Id: 2lGeWDQy0flSQypQ9DV96uF0W3yzwSMBHHom4PZdwfm6AcOLI-G53w==

GET
DATA 200
OK truncated
/ Frame 2A43 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 80c09a1e2d901cfff75823e1f864eff75b2bdc6fad4d20fa8e7c13e74a559692

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2A43 0
0 115ms
114ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstvYf8_pJuaCYK_jUcbSU7rf5M00g6SEWGq9pOs6VGFFzw9xGEjFnlMUOEdre6ACwQp2liDR4zoapK2zCG-wn_ifiqOrUG1f1ZVIsCimeRpz28uEaQe1CjoUdomICvnMYQ-t42RA9dEQP37TrZdTDesjcz1E6PPgqg1TV0be6Fk3HXcrjUPaisAaJkhrMJx3L8n5EPr7ONYMgaYmOzgOwvSThf6dS4izjKxf0q47sPP7NjP0lsFlCzLQB2SlhJ4jXCrLWuSiQAVJfOjQTnxZ48tijpEWcdHc8sq1DiHUfiZgMaMFGFp1nMfA9gFhg&sig=Cg0ArKJSzHIoB5IIj3oqEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Feb 2022 16:06:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 11 Feb 2022 16:06:33 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5CB0 0
0 110ms
110ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022021001&jk=1190167126568333&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 5E2A 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e805744df6275c5ed9793ad33d1a2d5abef55b908203ab16f69e934c921cd64c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 click Show response
servedbyadbutler.com/adserve/;ID=167898;size=300x250;setID=204964;type=async;domid=placement_204964_0;place=0;pid=6910458;sw=1600;sh=1200;spr=1;rnd=6910458;click=https://adclick.g.doubleclick.net/pcs/ Frame 5E2A 1 KB
2 KB 104ms
104ms Script
application/x-javascript 78.159.97.6
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://servedbyadbutler.com/adserve/;ID=167898;size=300x250;setID=204964;type=async;domid=placement_204964_0;place=0;pid=6910458;sw=1600;sh=1200;spr=1;rnd=6910458;click=https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsvmBg4uHLtO9j5sBvJgFWRWQ_zGtulM9byEyo0rYbE1bhb-Uky0E9cjnlHk05E3tEuqvShedK-x1fA9NLccz6VgykDZLgLabZo-kfqXIEalX4_0-K7ttvpiGCxO6ZkHnZp6eyjozV7FE1TGkLa_5IkRmcs9_68cV7qufG6LIfM3kD_mI40esk3sqDiEqkrSyXUR7jaeoNlgn4jq1hFJ4I4SpihswDR2JqjbjQvOYowiYWC3r365hN62CSEbzmujmhDkTsz0dv4ALbu9MdM_FRYCGx7y51H_-CGP9SVdhEAfm-drrc1vgys&sig=Cg0ArKJSzMH5IPhernE-EAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.159.97.6 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx /
Resource Hash: 7eb4f1e21dee1cae9e03b97e51e2929a146e95ca1c82f3c314d9ed4645f01dc0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 16:06:33 GMT
server: nginx
p3p: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
access-control-allow-origin: *
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
content-type: application/x-javascript
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET generate_204
tpc.googlesyndication.com/ Frame 6812 0
0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame E4AC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIFkwz8NDYrAcreyjBlvUTQ&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIFkwz8NDYrAcreyjBlvUTQ&google_cver=1&C=1

43 B
1014 B

56ms
56ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIFkwz8NDYrAcreyjBlvUTQ&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ4KTvAhjZv9K7ATAB&v=APEucNV7ZUE8naOlWLNpN7tbYIYlW_DhH3GRXEvTTU5h9Lsi2ksYH4c7SHDdwJakA1prKviFwRGoUBkTr6gdfVwwdyQJaiPwDg1plr9yXKBZzsdEBSqndS8ohVsNm0O99Ik_lmr2tcMD56a7o_baJ_C2dzfURd5vd6H_tpaqZJHhe02an1AsPJY
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 11 Feb 2022 16:06:33 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 11 Feb 2022 16:06:33 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 11 Feb 2022 16:06:33 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIFkwz8NDYrAcreyjBlvUTQ&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Fri, 11 Feb 2022 16:06:33 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame E4AC
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YgaJichptJx6.-zV-ky1pgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIFkwz8NDYrAcreyjBlvUTQ&google_cver=1&google_hm=2

43 B
894 B

58ms
58ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIFkwz8NDYrAcreyjBlvUTQ&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ4KTvAhjZv9K7ATAB&v=APEucNV7ZUE8naOlWLNpN7tbYIYlW_DhH3GRXEvTTU5h9Lsi2ksYH4c7SHDdwJakA1prKviFwRGoUBkTr6gdfVwwdyQJaiPwDg1plr9yXKBZzsdEBSqndS8ohVsNm0O99Ik_lmr2tcMD56a7o_baJ_C2dzfURd5vd6H_tpaqZJHhe02an1AsPJY
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 11 Feb 2022 16:06:33 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 11 Feb 2022 16:06:33 GMT

Redirect headers

pragma: no-cache
date: Fri, 11 Feb 2022 16:06:33 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIFkwz8NDYrAcreyjBlvUTQ&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame E4AC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEMu8TmKn0gK3qFJThzwhL6E&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEMu8TmKn0gK3qFJThzwhL6E%26google_cver%3D1

43 B
1 KB

41ms
41ms

Image
image/gif

185.33.220.241
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEMu8TmKn0gK3qFJThzwhL6E%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ4KTvAhjZv9K7ATAB&v=APEucNV7ZUE8naOlWLNpN7tbYIYlW_DhH3GRXEvTTU5h9Lsi2ksYH4c7SHDdwJakA1prKviFwRGoUBkTr6gdfVwwdyQJaiPwDg1plr9yXKBZzsdEBSqndS8ohVsNm0O99Ik_lmr2tcMD56a7o_baJ_C2dzfURd5vd6H_tpaqZJHhe02an1AsPJY

Protocol

HTTP/1.1

Server

185.33.220.241 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 11 Feb 2022 16:06:33 GMT
X-Proxy-Origin: 217.64.151.5; 217.64.151.5; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 9e339c9f-87f4-4f57-9c25-0c57a0f8879d
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 11 Feb 2022 16:06:33 GMT
X-Proxy-Origin: 217.64.151.5; 217.64.151.5; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 63b7a70d-939b-4e16-b558-2d3ec0a3a77f
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEMu8TmKn0gK3qFJThzwhL6E%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E4AC
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzExMTQzOTc5NDg0MDU5NjU4NQ%3D%3D

170 B
188 B

33ms
33ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzExMTQzOTc5NDg0MDU5NjU4NQ%3D%3D

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 16:06:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 11 Feb 2022 16:06:33 GMT
X-Proxy-Origin: 217.64.151.5; 217.64.151.5; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 819e636b-6cff-4201-b4af-60dc43ca275b
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzExMTQzOTc5NDg0MDU5NjU4NQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 89ms
88ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022021001&jk=1190167126568333&bg=!Q0ClQATNAAbAtJCDwLQ7ACkAdvg8WslQqKylwzc-DqGw7rBtlJRrnEaMH5KCVb-dkStP5zSLXZWEgAIAAAChUgAAAAJoAQeZArHGqULvBoNMJ_3v4MejXpTFZ9gHEB8VpQtebkRdqM5G8lHnKt9_Y2T4TqQsECfYcXqmeKuPLVVXMu861Zf4_zrCl9CEsuPwQzbQereOMWm-IaRmIO_5d5T0Mnpbqs8EPOzSVojPJLX8hS2mmqvN_Ci2Tdk8YLrIkIFir89zc_T6kkt0y0997Ex5BmU4cm3aIWiNohIV0UeEJ-oARNvgEiGPCwWY4l6AI1nkCVMd2n1ya_aCjZlXgQ_X6huQntiXnCVqv9SIhJMWFyZlnFvAo-sXgLzdn2samq6dNy8OMLyKmN0dfz0Pe_RqBg4kQUtp_Jvp9IdoBR2yYJeaZ3f-5KyaWSKz0l1CiJjf8NAFFPPNcO8pYQ6d3tDNh04NSX-1VZUi6EQd5hkYlOctvJPoNy180r6xyKPXlsyvqkF5SJBLGtJZV8KKB7VOUabuukQVhsZx8Q0vIS1qn9H0e_fKNJCQ-wfwJvI__VFL1k9n_HmU54RXdVZohEzEQ3gejCaY8A0btUYDDeHDvRZSWCf1-nCLdkmwgeBNOVs2BjUSrW3hoVItLgqIIiRZjhNk5lU3g1QP2JKNYOihqf8UqW9skODJcKQfzcucjdudm7ueopps8dVUiabZGiH6FjE9YJPVqC0wk2JdNTYZwJ4BTpQG4MqXj5NWG_qdVr2kO_Ynde3b_ibUn3vjSXu9YvyIhGcjPVfbpb2lq4UQUVe3nf_hM-O1lTjaS62NcQOLRCpOdqKYVU24sdVnn6hxT8sXaSYQeU8QwCF9DdrxT0AAVVgSSD5rbPGYHL3Yj19ixRWg4MzYGSfz8hTso-oZVs8GNR42OFiImZQuKOemQh2XZxlyXKHp_nAslDr1KlSfM0kBuOwcgtDfxBpCx7JToRTsN15aeGg6KtObmPFyOjXeYKmiGp8xtQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 16:06:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ;libID=3365872
servedbyadbutler.com/getad.img/ Frame 5E2A 30 KB
31 KB 73ms
72ms Image
image/jpeg 78.159.97.6
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servedbyadbutler.com/getad.img/;libID=3365872
Requested by: Host: www.wxyz.com
URL: https://www.wxyz.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.159.97.6 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx /
Resource Hash: 29c74708cc7b3cb6d5ef57377e2145055a1c171c3787c63e82b0651a346d31e1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 16:06:33 GMT
last-modified: Fri, 04 Feb 2022 15:52:34 GMT
server: nginx
etag: "61fd4bc2-798b"
content-type: image/jpeg
access-control-allow-origin: https://www.wxyz.com
cache-control: max-age=31536000
access-control-allow-credentials: true
content-disposition: inline; filename="blazer_300x250_feb2022.jpg"
accept-ranges: bytes
content-length: 31115
expires: Sat, 11 Feb 2023 08:06:33 PST

GET
H2 200 ;ID=167898;size=1x1;type=pixel;setID=204964;plid=1718498;BID=519703684;place=0;wt=1644595603;rnd=15002;v=0
servedbyadbutler.com/adserve/ Frame 5E2A 43 B
325 B 124ms
123ms Image
image/gif 78.159.97.6
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servedbyadbutler.com/adserve/;ID=167898;size=1x1;type=pixel;setID=204964;plid=1718498;BID=519703684;place=0;wt=1644595603;rnd=15002;v=0
Requested by: Host: www.wxyz.com
URL: https://www.wxyz.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.159.97.6 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx /
Resource Hash: a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 16:06:33 GMT
server: nginx
p3p: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
access-control-allow-origin: *
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
content-disposition: filename="blank.gif"
content-type: image/gif;charset=utf-8
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame CD49 106 KB
38 KB 178ms
44ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: www.wxyz.com
URL: https://www.wxyz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://33c1d505435fa271922dd80f669878db.safeframe.googlesyndication.com/
Origin: https://33c1d505435fa271922dd80f669878db.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 10:06:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21611
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 12 Feb 2022 10:06:22 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220209/r20110914/elements/html/ Frame CD49 8 KB
3 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220209/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BM7VX9-1dkgKmvbDdorUvhOLnVyJHr3J1PRRfCWjwdM9jn8bvZHTou_XIb3Xx_Hc53wSSJdWYguDw_eyAwOgWdh5XuZAT9X6y_R0_wPYgJU8iBG4iqvwWiCmH8g4zamjzRXc1zE1DoyVcfHAVL3sj-WMcPMw&dbm_d=AKAmf-CMOURSu4-5JFCSyE-ilL_gTMeTBMJi7Nms0cYFJVTIJHI2i7NVRoZl6NxTc45QtJmUmpdbS6d9IqLhIb0ZYb6EHkXBJlvdCwt4WKbkQrQLa5HcHbKECbtpFylZnKp3J_Ipq8IXClsYjJFK_ozqJFP5XxdaHQS9NifPx1MYUCU85laBZRxSabOzQaMqfx7SPLndmR6lBi0F91-3kTDwscvZ4E-BG5kzyhSkJQYacEzzKaEHrHnFPMfFWzEyrfr_6W4R9nfl6HgZxvNq3lVLq9pIOaa1oFAs1SWTyhlXATYwnHwzu6axrK23MfTNijPvHdccVNcf8curuQWA7272k7a2JhwU_bQoerHB70lWoTHz9RmktXLOM1Oq7PXmNSCC5bYUZAmIXx9DgkGX0DtXqmGfw7gx8KCBqmnqear-kd1p1mMq2nkzCZFRDNdGbtuChZdRzQrelMnEQmYw2_CvFhXBiPv-MOGLRjnGWvV8e7NcUJz73As5l4DexPCAwAST-PO1BlnvLpUCEpixf2RA7qGeR17n4qTUCDzJCd6XveBre97D2Ye4RDyNthrgR1SV-iMYYrbYbcdpUkCYMZ5HImBHGHMe7yQaeewZC129ncZjovuUFS28kSoV5pXGqQ3bbtH7b0t27FP2KSE_9THxvzIjpx1kW_B8OjRrxHXigaqLw4C8OGTuifbXrHi0oZTftbgWIr1U9BVr8okdGV0bXKnHh_LNz5m8PJKJKK-DXNAlIlDc-gyWjtNrislWQ0bvJnnGwvBI3YqxzDRXIeOpAK2kn7eW7laqAllk93fQzLhJx0LHNDjMDv7j994waaeOnnwGAadZ38fKUOdeIZDhtQj6O-p4OLPUvOcm1AQriBqFyAI54vK5Airm-LIu0lxq0goti1EpfwZkQQi8546oU01n7CwkpaV4cIKu4QvgD6OmyYzYoJKr3huZXc70YskQnXI3pkg23TCcTzKhKVlzMz0X38AL9Al6O6nbPkX2-NtQzFkglfxWiyiI3YaENyZQeYkpdzGZFhdVsmYLN3CFfZD_J8-cJ4MEK9AI4FkRfCbbeSECmliOoWjLjRs9McL177Zt2fduLfYFOQzBVTA4xOPdXbqr9tM_ywqBskxDy6elng7JQBA4B1GzSljD9aKogOffHSyamkKNel9RhknNdEePFbQByxSD1aXp_5xXr8rQe9D_T7BLqHnS9tuwEG62kgHM4wFVco5TweUg5fESDUuqfamwDg_88bW3Iu6fYeQllX6ECvNjqk-kajrvVfo5uvOfDu_CW7h0qvigBigPN1R4NaX1dVZPRfJM9ouVC80dJkkEiAR09tDLsXjQnaWB4LQVUIEAXguqzvi1o4SqaowvUfsB7P3S5ea9jhBCraVL5jjz0yAUqagBm2lWgtjIZNUOOokzi3d7MGxkCRpEFn5d_vHsIPzyW5IYYRHdKyrdx6h5_YlXj25YhOn5oXzGpD_zOToKXlLrwGIi1QMw8XfSRvHQYTqjvSU2m30KYtE3VGZj2wWzdPITMoKhpqGNc1FH0Z2onqp8dGrSBfpZB566jRHk4hlM6Fpy9hZk8GUamzS636TqB4-1INKjGdxD7MHRnQyGliHZZ2zWiOJnUutIus3FytfghCWQ266Y10R4bu8HszFrj8jiqhFhDic3c7j4pRKPzR97Gs56iDouET1VJFwArCi-pmxUWnKz5-A5dpgeZpC-K_VU9BUp6TVzpNcbRi7hMMZOY1cwnwuPnF26fak0JxWORyDGhC3V5UJmoMAHrdxg422r5_9gVQ82_dvAIWYVTE9o7XX_QZY8PY2oR5LgZrXZToMIvDptkekoRnJy7JLPDZPlqiIabwv5jdSwYgCrdsJjrMIq7WuHZdA7VYpoXAi5VrT6c5aoWPGQHfSCOODpD6F2TpF6qHYLJ_ySPIpzawHUefY80KMF0srNvz1etb54OO8Hd_LXxyBfzYmrpUmrUYNxoY36cKAd4smYLig4cz1odZaScnB4f0kPbalCvtguXM5EIgjSsFsHmVkkey1EbmIM7pMn9dVOWlY4cx6mxIOahD0atXpLT00WyzJEE-H-lqRygA-_lYc-5j9a_lHZp5civW4RjrBMMd07PRcocG_GIpzKzMHPpB31f5ajuxQocsqsk0fHYcu9S_H5-tVt5Haq2cTu6fXzpDj_h6HiUrJSQbehTrVvxhuAS0I5qZ7oXR-FGtBD3UFJ76xwUgYYhAwFrHw3sbfMXAAFPxvtBfhLrYSp0RcCtMdTwWp6FWuVm2q7X8eTPyJ15FzWo3mWlAuez36_Ros-7xISOj1hw9XbiJhoGnmvMmjsRUN9Yac6AiYmdVlln0GwJJMUXHcUXNN81wu4Kj4t6CH_NCUzMy-YrPKnES32DvAvScjfDExp-MwOcbyrchS7UD4a99TP7geeqaHULrObw0jQEFpsiWcupBCyFCgnbFQrGualxeSoqbTFCSOM9MGbJ24wWC71Ejqljl6piqrH7zj70PBoC9K9ESBawP6Q0koMe0uZ13p4ohZEjgl8tZlQ8O9Or7Juv17udvAc-yDu8Ezi84Gcm3FkRSj72lXtPYiLXJwbIo3xg9Wud15YWrrSKIWzeJWaQLX6Pijl8LtEJUo9j9mOfc34goqo_DRYlUeMsHo_oxPF6LeG9gYmcjv7KU-e5J9-T-3md1m8Sz3ldxVysqOeZ4Lj2LnP7U5J_QLrePLU310PkRs6yc9erNF3pid5JIGApcmyOlee8VU5Go43jdm0V5Cc0qUcQ82NJCSaaXY2DZ34K5mw4m4ExBQOwGz8o1aFK1UoZcrmaYjR1cLIG85KgZBBO26Zv9JjMhuS6yylJa2zispIpAjX2Z6phAfbQY9UwSEehyliWsV7uXu2nomJnBW1YhkH_sNxEJjWTIhrFtlaOYYRCU4vZrfB9qtOgFDmfmsV28_DB3J0d6G1hOvkWBsyurke5pebGtoseX0gyPUGhI44pw6u8c6_fYwIs2u9ph3y3BbgMQ1ofK_r51ylzz0l96puPkWwJ1D-rDzqJtnTeptVVqs9VbJCB4-XaaPTd-2tOcN-XXN77uQphGUKqjO6xSYTVip6Q10HRWvHKD2LQIiNMaQumDnwGUg7b2NLcWQdoDkbhhTB7CFioJSIlPJ3WD6tGj3TnMhzDihLSscKRZiDWU7cETpUv2z0ifk&cid=CAASEuRoBxoHL4MLWB5mzGCUujmOuA&rfl=1%2Chttps%253A%252F%252Fwww.wxyz.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://33c1d505435fa271922dd80f669878db.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 16:06:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Feb 2022 16:06:20 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220209/r20110914/ Frame CD49 24 KB
9 KB 59ms
59ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220209/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

406dae81a8e95037a3bca53ca771f446df097cf86084d76de62fd308e2bf32a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://33c1d505435fa271922dd80f669878db.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 16:05:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9577
x-xss-protection: 0
server: cafe
etag: 11201793935764353180
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Feb 2022 16:05:31 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame CD49 41 KB
15 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 33c1d505435fa271922dd80f669878db.safeframe.googlesyndication.com
URL: https://33c1d505435fa271922dd80f669878db.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://33c1d505435fa271922dd80f669878db.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 17:40:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80756
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Feb 2023 17:40:37 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0623 1 KB
749 B 45ms
45ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 33c1d505435fa271922dd80f669878db.safeframe.googlesyndication.com
URL: https://33c1d505435fa271922dd80f669878db.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://33c1d505435fa271922dd80f669878db.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
date: Fri, 11 Feb 2022 05:53:44 GMT
expires: Sat, 12 Feb 2022 05:53:44 GMT
cache-control: public, max-age=86400
age: 36769
etag: 48472445140208031
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame CD49 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 22af1f820f089b880060fa7caab3962749e9e296a2baff4ce8948118bc8b3032

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5E2A 0
0 79ms
78ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstvoUMtmmjz_nfBiCEZFekxREoZNCicbtt_ENeobWYZAu2XA3FR6D-0f4kaLAaMAfrW_5iKIdOY7Yuctw05RsFgXPooWg8UfAYTxzI3qjjwyRdfywA32VomC6503gWfL0q7nI-3dayX0Aho6GdGGXAQnovXFt0pF8dOUvzp60OJGt68v1YkQ1S_6QWdO8xseA9MqB6CMfFb__MD3dZd5fX_zRNY3gvRtlB2abrL39yibSzCok8u6ZfHn-kTuKB095nHkBT98x7DV43_otAC9TXG9sZnGBW-wY_Y5uuCWm3Nn0LbS1fp6Qbv7MgXiA&sig=Cg0ArKJSzM1mdAh-yi1bEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Feb 2022 16:06:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 11 Feb 2022 16:06:33 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 7630 22 KB
8 KB 41ms
40ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://33c1d505435fa271922dd80f669878db.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 10 Feb 2022 14:25:50 GMT
expires: Fri, 10 Feb 2023 14:25:50 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 92443
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET /
google2waycm.netmng.com/cm/ Frame 0623 0
0

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 0623 0
191 B 200ms
64ms Image
text/plain 66.155.71.150
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEC9A_51tSng017IZ0bpXRHg&google_cver=1&google_push=AYg5qPIQsNPBrwVch_OJy9z7GFuPsslIgYBr1RKkSm2TDbq9xuFMXpTeceAGN83dxNdVq33HddW6PkrRQ7Q-Z5ATKncvVU2GTA
Requested by: Host: 33c1d505435fa271922dd80f669878db.safeframe.googlesyndication.com
URL: https://33c1d505435fa271922dd80f669878db.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 16:06:32 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0623
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEBV0Fb60t0V_JXb8gqsqvpU&google_cver=1&google_push=AYg5qPLVWTmFzo8-NAgsixyzNK9wKrIl1iAwEGBlkCkFzsRahUgEVi0q5Os5Bmu7nMeNHFDtT_zoig8HY_O...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPLVWTmFzo8-NAgsixyzNK9wKrIl1iAwEGBlkCkFzsRahUgEVi0q5Os5Bmu7nMeNHFDtT_zoig8HY_Og9D7FOBbWRAH1jms&google_hm=n5LTamLhTZ-xjLTcVqKQtwU

170 B
188 B

36ms
36ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPLVWTmFzo8-NAgsixyzNK9wKrIl1iAwEGBlkCkFzsRahUgEVi0q5Os5Bmu7nMeNHFDtT_zoig8HY_Og9D7FOBbWRAH1jms&google_hm=n5LTamLhTZ-xjLTcVqKQtwU

Requested by

Host: 33c1d505435fa271922dd80f669878db.safeframe.googlesyndication.com
URL: https://33c1d505435fa271922dd80f669878db.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 16:06:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 11 Feb 2022 16:06:33 GMT
via: 1.1 google
server: Apache-Coyote/1.1
status: 302
p3p: CP="NOI DSP COR NID CUR OUR NOR"
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPLVWTmFzo8-NAgsixyzNK9wKrIl1iAwEGBlkCkFzsRahUgEVi0q5Os5Bmu7nMeNHFDtT_zoig8HY_Og9D7FOBbWRAH1jms&google_hm=n5LTamLhTZ-xjLTcVqKQtwU
cache-control: no-cache, must-revalidate
content-type: text/html;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 0623 0
173 B 125ms
44ms Image
text/plain 34.96.105.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEJcEqQ1MQeGRu99qxnYVfaY&google_cver=1&google_push=AYg5qPKzl3WvjJKsKvR2B5thyEiEUgZdGBsX9AMcS97rcFiQXPS3Qhp1XJraBWdBOZS_Ah_d3gwx7Ux3t56xWxcQNXBOr2FjYZw
Requested by: Host: 33c1d505435fa271922dd80f669878db.safeframe.googlesyndication.com
URL: https://33c1d505435fa271922dd80f669878db.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 16:06:33 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1 403
Forbidden gg_pixel
sync.adaptv.advertising.com/ Frame 0623 14 B
14 B 672ms
113ms Image
text/plain 54.156.164.26
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adaptv.advertising.com/gg_pixel?google_gid=CAESEFQ785hXhn3Zuw-dZ2kK7pY&google_cver=1&google_push=AYg5qPLWUXh3gE-385KN_PhHwjM1Scrs2lA599sGboH5PA7BOMjJiWSuwjBVAFQ0423d7wa6dkbzBYNc0AfuLtvRWW3fXSk76RU
Requested by: Host: 33c1d505435fa271922dd80f669878db.safeframe.googlesyndication.com
URL: https://33c1d505435fa271922dd80f669878db.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.156.164.26 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-156-164-26.compute-1.amazonaws.com
Software: ribs2.0 /
Resource Hash: 0db80e4ae35fcf307507f9ced66fe9ccb3147c1ea12a60ea034092e6aa3ebf40

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Server: ribs2.0
Connection: keep-alive
Content-Length: 14
Content-Type: text/plain

GET
H2 200 dot.gif
s0.2mdn.net/ Frame 0623 43 B
586 B 139ms
50ms Image
image/gif 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESEFCYATFYNPy6EyxJYtwH8Bo&google_cver=1&google_push=AYg5qPLNj9JsTPhULb5nXL6YPBFMhruhz_8nOor7o61985DLwXkNCw5-0YrxDGMZVJwEeJui281hdbq_aRktBvbaqoO8eofnZKs

Requested by

Host: 33c1d505435fa271922dd80f669878db.safeframe.googlesyndication.com
URL: https://33c1d505435fa271922dd80f669878db.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 16:06:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 12 Feb 2022 16:06:33 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0623
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOPCmcweOa7Aadncryh9y04&google_cver=1&google_push=AYg5qPLZ14W7_L6BDBSZuRlJmLv7qlCAmSMqZHsn1IF4-DK6sNIchAXK3nBDsP3WXLJXlZX4l9sU-bwk...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEOPCmcweOa7Aadncryh9y04&google_cver=1&google_push=AYg5qPLZ14W7_L6BDBSZuRlJmLv7qlCAmSMqZHsn1IF4-DK6sNIchAXK3nBDsP3WXLJXlZX4l9s...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTE0NDc0MTQ4MTA1OTUzNTMzOQ&google_push=AYg5qPLZ14W7_L6BDBSZuRlJmLv7qlCAmSMqZHsn1IF4-DK6sNIchAXK3nBDsP3WXLJXlZX4l9sU-b...

170 B
188 B

55ms
54ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTE0NDc0MTQ4MTA1OTUzNTMzOQ&google_push=AYg5qPLZ14W7_L6BDBSZuRlJmLv7qlCAmSMqZHsn1IF4-DK6sNIchAXK3nBDsP3WXLJXlZX4l9sU-bwkcbywfQL1K_jf_vQZfco

Requested by

Host: 33c1d505435fa271922dd80f669878db.safeframe.googlesyndication.com
URL: https://33c1d505435fa271922dd80f669878db.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 16:06:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 11 Feb 2022 16:06:33 GMT
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTE0NDc0MTQ4MTA1OTUzNTMzOQ&google_push=AYg5qPLZ14W7_L6BDBSZuRlJmLv7qlCAmSMqZHsn1IF4-DK6sNIchAXK3nBDsP3WXLJXlZX4l9sU-bwkcbywfQL1K_jf_vQZfco
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 0623 0
12 B 134ms
46ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IRBGxeHbT_U0G5ur3cP6l-Z0UrPtfX5L7Qw5iyJLsmX90836idHFbLxqrYmOmaHQE7XlVq

Requested by

Host: 33c1d505435fa271922dd80f669878db.safeframe.googlesyndication.com
URL: https://33c1d505435fa271922dd80f669878db.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 16:06:33 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 O0zcrAsc3s2SKI8Tuz5umMJoYZUI79PNRri5GeZhfeg.js Show response
pagead2.googlesyndication.com/bg/ Frame 7630 35 KB
13 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/O0zcrAsc3s2SKI8Tuz5umMJoYZUI79PNRri5GeZhfeg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b4cdcac0b1cdecd92288f13bb3e6e98c268619508efd3cd46b8b919e6617de8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 15:22:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2643
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13545
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 16:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Feb 2023 15:22:30 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/3630430972408758272/ Frame 4284 261 KB
31 KB 94ms
49ms Document
text/html 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3630430972408758272/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b6c5c61d31d9a294660a1999928903900aadb1eda143065f81b59e3c4770cfe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://33c1d505435fa271922dd80f669878db.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
content-length: 31830
date: Fri, 11 Feb 2022 13:52:42 GMT
expires: Sat, 11 Feb 2023 13:52:42 GMT
cache-control: public, max-age=31536000
age: 8031
last-modified: Thu, 20 Jan 2022 15:37:33 GMT
content-type: text/html
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame CD49 0
571 B 221ms
117ms Ping
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssPc31f-ahk7q4y1MwlcE4djDbqYxRTc3OmfWZJz3JqGRPmO8ib8TMEQbk0hG_katVt7ONB-wObqqrGCSl4oHOjEMxXgkjF4NiQa43ctVaDcpjPxbdgsVq46kSZl55C9ZuEGJ6huKEkJjNN-2FKltajHeu8zeL9p68SfVMlpOUA8W9hWkO5cM_9e4bR0aZlw7vdC-hGF8jAH1OHAD-9x2AvJrRpXakSrov9X-8iuddlupEbXVIjyS28gkGLn-OztNZZtV3BhD82UF8UEXE9WgAip1HT4imBnIJu8MVrrWeP_Kciwnu5xEveSYm4VCNVGpChMhIphgKgMtc-RzFulopu9CLzm0lsPNGUhKiu0dDWWJK4G2AvCAKEHO8QMPagcDLLZa8ZjURsDJjLveR9xw9wj29-vXBm1zvSEQT1EmfLfF8f-gXMbHxj-ACu8YzuHwJLqo0OUwhmzojEvE1Vi0P8IBLMdUlyDwSc0q1JV1pHsYxOtmZVYNtSWyRa5uM-3CdaBCEjeLAIzEglHYh97PpOwyoIvHikQHaOXKUahaMy6-JHGePPUs_82kN1PR4XaY-EtWzFognu0GgHABCg8PpsnEwtmAtPgd1P6jnLqAbJuE3n_z7Ky4Y-Xdr9fkTlrJmBSa-KHQ5eiTCmZSkk1wY_PhcP-NuURL9xML4xEfPf1Y29LwN85dcd8ptOr7wuTCQ3XVO7Gb0AX1AvtczwAzaBtLzUjW5TbIok6ZUHWB0fv8JD7khpr6ZmfxmJRZV8jDYraUrSF1Fusvb_E-buPRU8eUQn0OltKHXDrZwXgHx4wL8Cmeyit4u9Y31OJDTqtjE__FVGRqHj3qDxj-6Rb9U67MGoDVM6kZn6XQlVIxOOPQMyIXCVOPOcyQ-nLX7C-SEzUeIoV1z8-W7k9b-TGcbf2u3RTh89dlZkFbPe0DBVyXakUDAkrFsKOnvGER2JPiTS7lDWb3a8zRSZWi4y972ttbwyJzs-sos1ZYoqewFoxqPH0PDiDRgXflzViY0_uEaYUq7sOMp6IbA7uTZYXAbqDCxsX8_xgk48r8WDI2lb4aS-eA6-GixBaMradokID9KMsdTb3V_-wruTSJRk78rzYYI7uhp_te60uFws9UEje0M3S0NddvMlboMOGBS8bcStk2Wdm7eZss3LkS4tcQyntGiOtBHOksweOuPF9diQd0wELYW0jD_VC3Sb84xqOGexb1U4lilrS9JevOV64QTNOvPk5CpRHuBDvg&sai=AMfl-YSH2lO3b2z7IhpAcvxj9WaBA2KTVX_t5Rhar2yWU__AI3wb4Kme61i3M0snCPA540CsR4evWA59eIoDOf8lLVRnzmEKhJhNn_FHccKuHD5_BfEIZN1WFOkNYucvAJwR3AI9pdnPzZJZ5hBqxtSg-e1xXRvSFw&sig=Cg0ArKJSzOB45k3ur4SfEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=252&cbvp=1&cstd=249&cisv=r20220209.54588&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=

Requested by

Host: www.wxyz.com
URL: https://www.wxyz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://33c1d505435fa271922dd80f669878db.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Fri, 11 Feb 2022 16:06:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 4284 29 KB
10 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3630430972408758272/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3630430972408758272/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 12:53:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11600
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 12 Feb 2022 12:53:13 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7630 0
20 B 67ms
67ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B6GBaiYkGYqfTBZ6L3wPay4HgDQAAAAA4AeAEAg&bg=!lJell9PNAAbAtJCDwLQ7ACkAdvg8WtYzD7vJ_BkpCBXWbxus4Ylc6UF4fSj_NnWIMowxHNi6UdOAvQIAAABjUgAAAAFoAQeZAwbawvh0paKKXj6XWO1scahe_XzE3TpbsNXz1ei322oTa4VM7lUlTN-W3t2E7KLiviakkZYEk_t0Ls_uTwKw6jLqEJxuikXSpVi0frGmGAgh-Wo3XaR4870XqpGx3VJmoGCLjic5oLtDtsrnfZsuX_16onxQnexiRveUwmoXOya76zhSzCAZjt5lbFCMaVNxo0J_pD90kjt4uFh9ITdPpgudAF2gosNu9ogPiUD-iXehhM9EVx0VZyPVOkLwB8lTsz6LX6ZAsy8Bqqi2YLw3mSQUShvrrDjKYWPawh5h4j6blut97pZ0X6GeUDJlQl7aG8RatgU3XyWsvjMHyzy-aylycDkd9LXn6zToARw1LweskTvb97ELzoLftz7pEe9SR13C-shafSnr6ywwi26KD92BSN5gIg-yzoD2CqSI4zBVvUXt2SkUEEAzOqiw433nkxKxpdurrZgTnfj8_9aQr6kIsIXoNRoPlqVvzK-25koy9vF-pjXgPQmrr929LfpK7mvygSZS9O_qSB5km_eKktyClwccCJ2olnAcFuC1D8Zhl4v__-HFcjDqMzy9U4P4ZwYn3kz6N-0WauuBAr7QawcmHcJabaixdMklVgVyXkeSGu8P6cuHtaEji0cijpcOTnll1SfZaC2thQjE53EVSjzSWjxTXLkSwGJL8azABJUPjYPcz3f3LfKkF9f7BLchl0iOZrk_fB7bqZGOqe0qnWM6fTNlIkJ1B6f4RFozQOaQIOhiSUqvXHcUR0jgBSX32CfHILNLZYpVWsjjON3UUM-GjBQaAmw7dWMxo6z0mm9n2sfJhIqwkLjdFgpxY1mMAWbmDrcJBYq34T2GlvHsqvqqLta8dIlLERvriEd0meEHo0FoKAj4N4YYAu0kX_zdE2M8rw_g5LU8EgzFJtiDnlf7G36g5B0NJej_UWZ0Hwq-NW262u5LQWIWA4yb95ftg3ol-nmzJYjqPu4co2GFmq3Aoa8kLDqS13ykcguwqdGSer2pL6cJIalzroEvglYaVtop-rN3PH8

Requested by

Host: 33c1d505435fa271922dd80f669878db.safeframe.googlesyndication.com
URL: https://33c1d505435fa271922dd80f669878db.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 16:06:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 VolvoNovum-Medium.woff2
s0.2mdn.net/sadbundle/3630430972408758272/ Frame 4284 38 KB
38 KB 30ms
30ms Font
font/woff2 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3630430972408758272/VolvoNovum-Medium.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3630430972408758272/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2675ab1d1852f1aa30e272d7c2b1b9616e1f4771a94860e0d92bc7fca6c3c48a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/3630430972408758272/index.html
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 13:52:42 GMT
x-content-type-options: nosniff
age: 8031
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39068
x-xss-protection: 0
last-modified: Thu, 20 Jan 2022 15:37:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 11 Feb 2023 13:52:42 GMT

GET
H3 200 Volvo_Black.png
s0.2mdn.net/sadbundle/3630430972408758272/ Frame 4284 5 KB
5 KB 49ms
48ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3630430972408758272/Volvo_Black.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3630430972408758272/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5be30616d437d2baf9041a6648598542ae30fed30d261b002266e5d58969685

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3630430972408758272/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 13:52:42 GMT
x-content-type-options: nosniff
age: 8031
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4824
x-xss-protection: 0
last-modified: Thu, 20 Jan 2022 15:37:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 11 Feb 2023 13:52:42 GMT

GET
H3 200 Flash.png
s0.2mdn.net/sadbundle/3630430972408758272/ Frame 4284 3 KB
3 KB 48ms
47ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3630430972408758272/Flash.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3630430972408758272/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

baea5caffda9109fe3fe251376d60a25ea43c846fa7bb8dc4b15da44a78c6760

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3630430972408758272/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 13:52:42 GMT
x-content-type-options: nosniff
age: 8031
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3431
x-xss-protection: 0
last-modified: Thu, 20 Jan 2022 15:37:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 11 Feb 2023 13:52:42 GMT

GET
H3 200 Floor_extend2.png
s0.2mdn.net/sadbundle/3630430972408758272/ Frame 4284 56 KB
56 KB 50ms
49ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3630430972408758272/Floor_extend2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3630430972408758272/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f93264606087b4c1dd4e0bb8bf2ed92549c53fe8b5f095d214c4e72a765f5482

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3630430972408758272/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 13:52:42 GMT
x-content-type-options: nosniff
age: 8031
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57259
x-xss-protection: 0
last-modified: Thu, 20 Jan 2022 15:37:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 11 Feb 2023 13:52:42 GMT

GET
H3 200 Spritesheet_XC40_MY23_4.jpg
s0.2mdn.net/sadbundle/3630430972408758272/ Frame 4284 783 KB
783 KB 56ms
56ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3630430972408758272/Spritesheet_XC40_MY23_4.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3630430972408758272/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a082bfd96630ab857ec08e4e0055175aae987aea275d450f048ec3fee5de5383

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3630430972408758272/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 23:34:13 GMT
x-content-type-options: nosniff
age: 59540
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 801309
x-xss-protection: 0
last-modified: Thu, 20 Jan 2022 15:37:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 10 Feb 2023 23:34:13 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame CD49 0
23 B 71ms
48ms Ping
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssPc31f-ahk7q4y1MwlcE4djDbqYxRTc3OmfWZJz3JqGRPmO8ib8TMEQbk0hG_katVt7ONB-wObqqrGCSl4oHOjEMxXgkjF4NiQa43ctVaDcpjPxbdgsVq46kSZl55C9ZuEGJ6huKEkJjNN-2FKltajHeu8zeL9p68SfVMlpOUA8W9hWkO5cM_9e4bR0aZlw7vdC-hGF8jAH1OHAD-9x2AvJrRpXakSrov9X-8iuddlupEbXVIjyS28gkGLn-OztNZZtV3BhD82UF8UEXE9WgAip1HT4imBnIJu8MVrrWeP_Kciwnu5xEveSYm4VCNVGpChMhIphgKgMtc-RzFulopu9CLzm0lsPNGUhKiu0dDWWJK4G2AvCAKEHO8QMPagcDLLZa8ZjURsDJjLveR9xw9wj29-vXBm1zvSEQT1EmfLfF8f-gXMbHxj-ACu8YzuHwJLqo0OUwhmzojEvE1Vi0P8IBLMdUlyDwSc0q1JV1pHsYxOtmZVYNtSWyRa5uM-3CdaBCEjeLAIzEglHYh97PpOwyoIvHikQHaOXKUahaMy6-JHGePPUs_82kN1PR4XaY-EtWzFognu0GgHABCg8PpsnEwtmAtPgd1P6jnLqAbJuE3n_z7Ky4Y-Xdr9fkTlrJmBSa-KHQ5eiTCmZSkk1wY_PhcP-NuURL9xML4xEfPf1Y29LwN85dcd8ptOr7wuTCQ3XVO7Gb0AX1AvtczwAzaBtLzUjW5TbIok6ZUHWB0fv8JD7khpr6ZmfxmJRZV8jDYraUrSF1Fusvb_E-buPRU8eUQn0OltKHXDrZwXgHx4wL8Cmeyit4u9Y31OJDTqtjE__FVGRqHj3qDxj-6Rb9U67MGoDVM6kZn6XQlVIxOOPQMyIXCVOPOcyQ-nLX7C-SEzUeIoV1z8-W7k9b-TGcbf2u3RTh89dlZkFbPe0DBVyXakUDAkrFsKOnvGER2JPiTS7lDWb3a8zRSZWi4y972ttbwyJzs-sos1ZYoqewFoxqPH0PDiDRgXflzViY0_uEaYUq7sOMp6IbA7uTZYXAbqDCxsX8_xgk48r8WDI2lb4aS-eA6-GixBaMradokID9KMsdTb3V_-wruTSJRk78rzYYI7uhp_te60uFws9UEje0M3S0NddvMlboMOGBS8bcStk2Wdm7eZss3LkS4tcQyntGiOtBHOksweOuPF9diQd0wELYW0jD_VC3Sb84xqOGexb1U4lilrS9JevOV64QTNOvPk5CpRHuBDvg&sai=AMfl-YSH2lO3b2z7IhpAcvxj9WaBA2KTVX_t5Rhar2yWU__AI3wb4Kme61i3M0snCPA540CsR4evWA59eIoDOf8lLVRnzmEKhJhNn_FHccKuHD5_BfEIZN1WFOkNYucvAJwR3AI9pdnPzZJZ5hBqxtSg-e1xXRvSFw&sig=Cg0ArKJSzOB45k3ur4SfEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=621&vt=11&dtpt=369&dett=3&cstd=249&cisv=r20220209.54588&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=

Requested by

Host: www.wxyz.com
URL: https://www.wxyz.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://33c1d505435fa271922dd80f669878db.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Feb 2022 16:06:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CD49 42 B
64 B 232ms
139ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu4nyw4obGdipqMS7oWUOpkv-B_HrpHRDGUX8Y9ICMW06Jue9_2LfEgCy0ymAEt-ptGwj1XxWbjHcOBVoARgTI2ZeeHU9pi1rL9kHHsAzvU4oYaZbPQwg&sai=AMfl-YQiEalRcgODJpkogHDaop5GLZVpFY6xwuHiswIIfKozZcIHHLN67gm42ZHRs-tx2cZJlZQEY5S5ZWS2yNAOMsT-5zF3jGzxKpilPVfWtLsNLyO3OtRcbdhx24E&sig=Cg0ArKJSzF9GFC_xBKL6EAE&cid=CAASEuRoBxoHL4MLWB5mzGCUujmOuA&id=lidar2&mcvt=1003&p=1106,436,1196,1164&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20220209&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=421683115&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1644595592554&rpt=753&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://33c1d505435fa271922dd80f669878db.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 16:06:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

2000248.html Show response
serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/ Frame 26F3
Redirect Chain

https://sync.serverbid.com/ss/2000248.html
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html

4 KB
5 KB

186ms
30ms

Document
text/html

205.185.216.42

General

Check archive.org

Show headers Download Go to

Full URL

https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html

Requested by

Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.185.216.42 -, , ASN (),

Reverse DNS

Software

Resource Hash

d47b0a558d4b3c185baeca529965752d946921f4a10cb7c442b9bbee6985c4a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/

Response headers

Date: Fri, 11 Feb 2022 16:06:37 GMT
Connection: Keep-Alive
Cache-Control: max-age=2338
Content-Length: 4376
Content-Type: text/html
Last-Modified: Thu, 31 Jan 2019 14:12:06 GMT
Accept-Ranges: bytes
etag: "8ca299ba400101b6642362a2bceff771"
x-amz-request-id: tx000000000000026dde020-006205412f-d18d4c2-nyc3a
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 167
x-rgw-object-type: Normal
Vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW: 1644595597.dop132.fr8.t,1644595597.cds261.fr8.shn,1644595597.dop132.fr8.t,1644595597.cds267.fr8.c

Redirect headers

content-length: 0
location: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
cache-control: no-cache

GET
H2 200 pd Show response
u.openx.net/w/1.0/ Frame 5962 0
91 B 89ms
83ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/

Response headers

vary: Accept, Accept-Encoding
server: OXGW/17.1.0
date: Fri, 11 Feb 2022 16:06:37 GMT
content-type: text/html
content-length: 20
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2

200

sync Show response
eb2.3lift.com/ Frame CFF4
Redirect Chain

https://eb2.3lift.com/sync?
https://eb2.3lift.com/sync?&ld=1

1 KB
1 KB

43ms
43ms

Document
text/html

76.223.111.18

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?&ld=1
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e8ce569d817749f59cd47f750a647dc52577f85f7ca6fd2cbc6763f1b67afa3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/

Response headers

date: Fri, 11 Feb 2022 16:06:37 GMT
content-type: text/html; charset=utf-8
content-length: 458
content-encoding: gzip
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control: no-cache, no-store, must-revalidate

Redirect headers

date: Fri, 11 Feb 2022 16:06:37 GMT
content-length: 0
location: /sync?&ld=1
cache-control: no-cache, no-store, must-revalidate
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame 5254 0
0 552ms
169ms Document
text/plain 67.202.105.23

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=d9YbK4Bymr67OuaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.23 -, , ASN (),
Reverse DNS
Software: 33XP002 /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/

Response headers

x-33x-status: 2000208
server: 33XP002
date: Fri, 11 Feb 2022 16:06:36 GMT

GET
H2 200 usync.html Show response
eus.rubiconproject.com/ Frame 2851 281 B
410 B 89ms
76ms Document
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/

Response headers

server: Apache/2.2.15 (CentOS)
last-modified: Tue, 14 Dec 2021 23:07:59 GMT
etag: "402b2-119-5d32342a551c0"
accept-ranges: bytes
content-encoding: gzip
content-length: 233
content-type: text/html; charset=UTF-8
date: Fri, 11 Feb 2022 16:06:37 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 5D16 52 KB
17 KB 506ms
72ms Document
text/html 151.101.1.108

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 -, , ASN (),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Fri, 11 Feb 2022 04:03:13 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Fri, 11 Feb 2022 16:06:37 GMT
Age: 43404
X-Served-By: cache-lga21943-LGA, cache-hhn4083-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 1, 702665
X-Timer: S1644595598.516256,VS0,VE0
Vary: Accept-Encoding

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame 7F5A 0
0 550ms
169ms Document
text/plain 67.202.105.23

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=d6EtcQBymr67OuaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.23 -, , ASN (),
Reverse DNS
Software: 33XP004 /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/

Response headers

x-33x-status: 2000208
server: 33XP004
date: Fri, 11 Feb 2022 16:06:37 GMT

GET
H/1.1 200 9.gif
id5-sync.com/s/441/ 43 B
1009 B 576ms
56ms Image
image/gif 51.89.21.30

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/441/9.gif?puid=e_0e1f3ffb-34f1-40e9-82fd-2384f1c13282&gdpr=1&gdpr_consent=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.89.21.30 -, , ASN (),

Reverse DNS

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 16:06:36 GMT
Transfer-Encoding: chunked
Content-Type: image/gif;charset=UTF-8
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

GET
H/1.1 200 9.gif
id5-sync.com/s/441/ 43 B
1009 B 585ms
64ms Image
image/gif 51.89.21.30

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/441/9.gif?puid=e_d5f21ea5-db38-4f2f-9ae6-6f6ac5f6ae4e&gdpr=1&gdpr_consent=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.89.21.30 -, , ASN (),

Reverse DNS

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wxyz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 16:06:36 GMT
Transfer-Encoding: chunked
Content-Type: image/gif;charset=UTF-8
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

GET
H2 200 usync.js Show response
eus.rubiconproject.com/ Frame 2851 32 KB
10 KB 70ms
70ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 778cf0be0395f481130a6c102485a1dceb520d7b56b5cdac1f82f06b0ecf2011

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 16:06:37 GMT
content-encoding: gzip
last-modified: Wed, 15 Dec 2021 23:04:08 GMT
server: Apache/2.2.15 (CentOS)
x-powered-by: PHP/5.3.3
vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control: max-age=79091
content-type: text/html; charset=UTF-8
content-length: 9705
expires: Sat, 12 Feb 2022 14:04:48 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 5D16 0
729 B 65ms
65ms Script
text/html 185.33.220.241
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.241 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 11 Feb 2022 16:06:37 GMT
X-Proxy-Origin: 217.64.151.5; 217.64.151.5; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 925fb760-2993-4160-b2fc-bd537b49b59c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 2851 70 B
265 B 191ms
45ms Image
image/gif 15.197.193.217

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 16:06:37 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 2851
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELo6hJ79EtOvbNnpAghknVk&google_cver=1

0
239 B

120ms
25ms

Image
image/gif

69.173.144.138

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELo6hJ79EtOvbNnpAghknVk&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.144.138 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 11 Feb 2022 16:06:37 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELo6hJ79EtOvbNnpAghknVk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 2851
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=951e6206-898d-4700-bdbf-c847d066ea98

0
239 B

52ms
23ms

Image
image/gif

69.173.144.138

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=951e6206-898d-4700-bdbf-c847d066ea98
Protocol: HTTP/1.1
Server: 69.173.144.138 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Content-Type: image/gif

Redirect headers

Date: Fri, 11 Feb 2022 16:06:37 GMT
Server: MT3 4133 baa842e master cdg-pixel-x30 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=951e6206-898d-4700-bdbf-c847d066ea98
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 11 Feb 2022 16:06:36 GMT

GET
H2

204

v1
ads.yahoo.com/cms/ Frame 2851
Redirect Chain

https://token.rubiconproject.com/token?pid=26594
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZILR44S-8-MAGK&sigv=1&esig=2~48f5d65f5e948708bb174eb136906fc176c791f3

0
194 B

124ms
40ms

Image
text/plain

2a00:1288:80:800::7000

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZILR44S-8-MAGK&sigv=1&esig=2~48f5d65f5e948708bb174eb136906fc176c791f3

Protocol

Server

2a00:1288:80:800::7000 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 16:06:37 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZILR44S-8-MAGK&sigv=1&esig=2~48f5d65f5e948708bb174eb136906fc176c791f3
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 611afce88997db6fdd35eb213e662871
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 2851
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/uJJotu0YAqtzGG_bPZXNpw?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7265893088205772743

0
239 B

24ms
23ms

Image
image/gif

69.173.144.138

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7265893088205772743
Protocol: HTTP/1.1
Server: 69.173.144.138 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Content-Type: image/gif

Redirect headers

date: Fri, 11 Feb 2022 16:06:37 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7265893088205772743
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 2851
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YgaJjQAFZEFxewAy
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YgaJjQAFZEFxewAy&_test=YgaJjQAFZEFxewAy

0
239 B

22ms
21ms

Image
image/gif

69.173.144.138

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YgaJjQAFZEFxewAy&_test=YgaJjQAFZEFxewAy
Protocol: HTTP/1.1
Server: 69.173.144.138 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 11 Feb 2022 16:06:37 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1644595598.841462,VS0,VE0
x-served-by: cache-hhn4046-HHN
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YgaJjQAFZEFxewAy&_test=YgaJjQAFZEFxewAy
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2851
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pJTFI0NFMtOC1NQUdL

170 B
188 B

50ms
49ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pJTFI0NFMtOC1NQUdL

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 16:06:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pJTFI0NFMtOC1NQUdL
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 611afce88997db6fdd35eb213e662871
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 451 709414.gif
id.rlcdn.com/ Frame 2851 0
0 130ms
39ms Image
text/plain 35.244.174.68

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/709414.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame CFF4 70 B
264 B 128ms
53ms Image
image/gif 15.197.193.217

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 16:06:37 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

404

xuidmid=7976&xuid=wOL_seN4M&dongle=u6nf
eb2.3lift.com/ Frame CFF4
Redirect Chain

https://ad.mrtnsvr.com/sync/triplelift
https://eb2.3lift.com/xuidmid=7976&xuid=wOL_seN4M&dongle=u6nf

37 B
155 B

21ms
21ms

Image
image/gif

76.223.111.18

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuidmid=7976&xuid=wOL_seN4M&dongle=u6nf
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Server: 76.223.111.18 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 16:06:37 GMT
cache-control: no-cache, no-store, must-revalidate
x-error: Not Found
content-length: 37
content-type: image/gif

Redirect headers

location: https://eb2.3lift.com/xuidmid=7976&xuid=wOL_seN4M&dongle=u6nf
date: Fri, 11 Feb 2022 16:06:37 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 92
vary: Origin
content-type: text/html; charset=utf-8

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame CFF4 170 B
188 B 57ms
56ms Image
image/png 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 16:06:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CFF4
Redirect Chain

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjgxMjQyNjY2MTY3NjM5MzE3NjczOA%3D%3D

170 B
188 B

49ms
48ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjgxMjQyNjY2MTY3NjM5MzE3NjczOA%3D%3D

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 16:06:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjgxMjQyNjY2MTY3NjM5MzE3NjczOA%3D%3D
date: Fri, 11 Feb 2022 16:06:37 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 setuid
px.ads.linkedin.com/ Frame CFF4 0
703 B 213ms
144ms Image
text/plain 2620:1ec:21::14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2812426661676393176738&dbredirect=true&gdpr=1&consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 16:06:36 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 1C8672BA391D48139EF001D830F3772A Ref B: FRAEDGE1320 Ref C: 2022-02-11T16:06:37Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXXwEBoK0cAD9Npfaktww==

GET
H2

200

xuid
eb2.3lift.com/ Frame CFF4
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/triplelift/2812426661676393176738?gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2662&xuid=y-jBYf4F5E2oTj9gUdjYvnHxpJudlASDCoWQ0g4KWIHg--~A&dongle=0883

37 B
354 B

24ms
24ms

Image
image/gif

76.223.111.18

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2662&xuid=y-jBYf4F5E2oTj9gUdjYvnHxpJudlASDCoWQ0g4KWIHg--~A&dongle=0883
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Server: 76.223.111.18 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 16:06:37 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date: Fri, 11 Feb 2022 16:06:37 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://eb2.3lift.com/xuid?mid=2662&xuid=y-jBYf4F5E2oTj9gUdjYvnHxpJudlASDCoWQ0g4KWIHg--~A&dongle=0883
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H2 200 c.gif
c.bing.com/ Frame CFF4 42 B
592 B 141ms
41ms Image
image/gif 2620:1ec:c11::200

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?xid=2812426661676393176738&Red3=TLMS_pd
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 -, , ASN (),
Reverse DNS
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 16:06:37 GMT
etag: "9ea1ae3587d81:0"
last-modified: Wed, 12 Jan 2022 02:05:35 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 67BE8D37AD98441B81A73A6C2D77461E Ref B: FRAEDGE1313 Ref C: 2022-02-11T16:06:37Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

GET
H/1.1

200
OK

iu3
s.amazon-adsystem.com/ Frame CFF4
Redirect Chain

https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=2812426661676393176738
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=2812426661676393176738&dcc=t

0
0

135ms
135ms

Image
text/html

52.46.154.242

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=2812426661676393176738&dcc=t
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: HTTP/1.1
Server: 52.46.154.242 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Fri, 11 Feb 2022 16:06:37 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 70V798XND5V7PP4E3TJV
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=2812426661676393176738&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame CFF4 43 B
220 B 109ms
19ms Image
image/gif 18.194.224.200

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=triplelift&user_id=2812426661676393176738&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.224.200 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 16:06:37 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

xuid
eb2.3lift.com/ Frame CFF4
Redirect Chain

https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1

37 B
139 B

52ms
52ms

Image
image/gif

76.223.111.18

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Server: 76.223.111.18 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 16:06:38 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

Location: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma: no-cache
Date: Fri, 11 Feb 2022 16:06:38 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 95
Content-Type: text/html; charset=utf-8

GET
H2

200

usync.html Show response
eus.rubiconproject.com/ Frame 43D1
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17632&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east

281 B
410 B

21ms
21ms

Document
text/html

23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

server: Apache/2.2.15 (CentOS)
last-modified: Tue, 14 Dec 2021 23:07:59 GMT
etag: "402b2-119-5d32342a551c0"
accept-ranges: bytes
content-encoding: gzip
content-length: 233
content-type: text/html; charset=UTF-8
date: Fri, 11 Feb 2022 16:06:37 GMT
vary: Accept-Encoding

Redirect headers

server: AkamaiGHost
content-length: 0
location: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
date: Fri, 11 Feb 2022 16:06:37 GMT
access-control-allow-credentials: true
access-control-allow-origin: *

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 3B9B 15 KB
6 KB 102ms
30ms Document
text/html 2.18.233.180

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

last-modified: Tue, 01 Feb 2022 06:38:00 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5549
content-type: text/html; charset=UTF-8
cache-control: max-age=52494
expires: Sat, 12 Feb 2022 06:41:31 GMT
date: Fri, 11 Feb 2022 16:06:37 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/ib/static/usersync/v3/ Frame 53F8 995 B
1 KB 21ms
19ms Document
text/html 151.101.1.108

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 -, , ASN (),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

Connection: keep-alive
Content-Length: 506
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: W/"573e714d-3e3"
Expires: Thu, 06 May 2021 05:24:22 GMT
Cache-Control: max-age=31536000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Fri, 11 Feb 2022 16:06:37 GMT
Age: 24316931
X-Served-By: cache-lga21980-LGA, cache-hhn4083-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 194520, 163573
X-Timer: S1644595598.799933,VS0,VE0
Vary: Accept-Encoding

GET
H2 200 prebid
rtb.openx.net/sync/ Frame 26F3 43 B
351 B 89ms
32ms Image
image/gif 35.227.252.103

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D%24%7BUID%7D
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 -, , ASN (),
Reverse DNS
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 16:06:36 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 3sepgr2lbbfgvs25anq86nuufba3afvk

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/ Frame 26F3
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D28%26userId%3D%24UID
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=7111439794840596585

0
44 B

114ms
114ms

Image
text/plain

165.227.252.242
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=7111439794840596585
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol: H2
Server: 165.227.252.242 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 16:06:37 GMT
content-length: 0

Redirect headers

Pragma: no-cache
Date: Fri, 11 Feb 2022 16:06:37 GMT
X-Proxy-Origin: 217.64.151.5; 217.64.151.5; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: d08267b5-d166-4b55-ab89-ae155c598bc2
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=7111439794840596585
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/ Frame 26F3
Redirect Chain

https://pixel.advertising.com/ups/56621/occ
https://pixel.advertising.com/ups/56621/occ?verify=true
https://ups.analytics.yahoo.com/ups/56621/occ?apid=UP979f83e1-8b54-11ec-8b7a-02b27134b580
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP979f83e1-8b54-11ec-8b7a-02b27134b580

0
44 B

128ms
127ms

Image
text/plain

165.227.252.242
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP979f83e1-8b54-11ec-8b7a-02b27134b580
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol: H2
Server: 165.227.252.242 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 16:06:37 GMT
content-length: 0

Redirect headers

location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP979f83e1-8b54-11ec-8b7a-02b27134b580
date: Fri, 11 Feb 2022 16:06:38 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/ Frame 26F3
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YgaJichptJx6.-zV-ky1pgAA%261105

0
44 B

109ms
109ms

Image
text/plain

165.227.252.242
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YgaJichptJx6.-zV-ky1pgAA%261105
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol: H2
Server: 165.227.252.242 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 16:06:37 GMT
content-length: 0

Redirect headers

Pragma: no-cache
Date: Fri, 11 Feb 2022 16:06:37 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YgaJichptJx6.-zV-ky1pgAA%261105
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 282
Expires: Fri, 11 Feb 2022 16:06:37 GMT

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame 26F3 0
277 B 93ms
28ms Image
text/plain 72.251.249.9

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 11 Feb 2022 16:06:37 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET usa
sync.go.sonobi.com/ Frame 26F3 0
0

GET
H2

403

ue1-sb1-e22f9239-15da-49ab-bc10-9cd817694288
p.adsymptotic.com/d/px/ Frame 26F3
Redirect Chain

https://e.serverbid.com/udb/9969/match?redir=https://p.adsymptotic.com/d/px/?_pid=15964%26_rand=0.9632533500153251%26_psign=7af0e337a8b79b30c2c8126809252942%26_puuid=
https://p.adsymptotic.com/d/px/ue1-sb1-e22f9239-15da-49ab-bc10-9cd817694288

0
0

118ms
38ms

Image
text/html

104.18.99.194

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.adsymptotic.com/d/px/ue1-sb1-e22f9239-15da-49ab-bc10-9cd817694288
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol: H2
Server: 104.18.99.194 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Redirect headers

location: https://p.adsymptotic.com/d/px/ue1-sb1-e22f9239-15da-49ab-bc10-9cd817694288
cache-control: no-cache
content-length: 0

GET
H/1.1 200
OK async_usersync Show response
secure.adnxs.com/ Frame 53F8 0
729 B 88ms
28ms Script
text/html 185.33.220.241
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/async_usersync?cbfn=AN_async_load

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.241 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 11 Feb 2022 16:06:37 GMT
X-Proxy-Origin: 217.64.151.5; 217.64.151.5; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 9ed77318-744a-47a4-860e-091d5fe743f6
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 usync.js Show response
eus.rubiconproject.com/ Frame 43D1 32 KB
10 KB 25ms
24ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 778cf0be0395f481130a6c102485a1dceb520d7b56b5cdac1f82f06b0ecf2011

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 16:06:37 GMT
content-encoding: gzip
last-modified: Wed, 15 Dec 2021 23:04:08 GMT
server: Apache/2.2.15 (CentOS)
x-powered-by: PHP/5.3.3
vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control: max-age=79091
content-type: text/html; charset=UTF-8
content-length: 9705
expires: Sat, 12 Feb 2022 14:04:48 GMT

GET sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 43D1 0
0

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 3B9B 5 KB
6 KB 96ms
27ms Script
text/html 198.47.127.19

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=60446342&p=156319&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1ae58de8f5a55b24c6740a8c57f8290aa9a9989d2dffa5e2ecb37a751d0b057c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 16:06:35 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 match Show response
c1.adform.net/serving/cookie/ Frame 818B 35 B
468 B 33ms
33ms Document
image/gif 37.157.4.40
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?party=14&cid=785289FF-4DC7-4F0D-A2D4-3D0A4682189A

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Fri, 11 Feb 2022 16:06:38 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

GET

Pug
simage2.pubmatic.com/AdServer/ Frame 4B35
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:951e6206-898d-4700-bdbf-c847d066ea98&gdpr=0&gdpr_consent=

0
0

GET

Pug
image2.pubmatic.com/AdServer/ Frame 03ED
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2183734418379314449

0
0

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 97E0 43 B
362 B 144ms
49ms Document
image/gif 178.250.2.151

General

Check archive.org

Show headers Download Go to

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.151 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

date: Fri, 11 Feb 2022 16:06:37 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Fri, 11 Feb 2022 00:00:00 GMT
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 657286
strict-transport-security: max-age=31536000; preload;

GET

Pug
simage2.pubmatic.com/AdServer/ Frame 79FB
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7063484308557199505

0
0

GET

Pug
simage2.pubmatic.com/AdServer/ Frame FCFE
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YgaJjQAFZEFxewAy&gdpr=0&gdpr_consent=

0
0

GET sync
sync.srv.stackadapt.com/ Frame 1560 0
0

GET

pm&gdpr=0&gdpr_consent=
match.prod.bidr.io/cookie-sync/ Frame 3858
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1

0
0

GET

Pug
simage2.pubmatic.com/AdServer/ Frame 6097
Redirect Chain

https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0

0
0

GET
H/1.1 204
No Content pub
matching.truffle.bid/sync/ Frame 1CC2 0
0 144ms
51ms Document
text/plain 162.55.120.196

General

Check archive.org

Show headers Download Go to

Full URL

https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

162.55.120.196 -, , ASN (),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx/1.21.3
Date: Fri, 11 Feb 2022 16:06:38 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=15768000

GET i.match
a.tribalfusion.com/ Frame 6A5F 0
0

GET
H/1.1 200
OK cookiesync
core.iprom.net/ Frame 81C3 43 B
281 B 270ms
74ms Document
image/gif 195.5.165.20

General

Check archive.org

Show headers Download Go to

Full URL: https://core.iprom.net/cookiesync
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.5.165.20 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

Vary: Accept-Encoding
X-adserver-worker: ragnarok-124aca7c1e2e@version_1.369v2
Connection: close
X-server-arch: v2
Content-Type: image/gif
Content-Length: 43
X-core-time: 0ms
Date: Fri, 11 Feb 2022 16:06:38 GMT

GET
H2 404 dpe
ad4m.at/ad/ Frame 5404 15 B
877 B 280ms
123ms Document
text/plain 2606:4700:20::ac43:4a81

General

Check archive.org

Show headers Download Go to

Full URL

https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

date: Fri, 11 Feb 2022 16:06:38 GMT
content-type: text/plain; charset=utf-8
content-length: 15
report-to: {"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires: 0
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy: block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy: same-origin
pragma: no-cache
surrogate-control: no-store
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6dbed358aa780e12-MXP

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 0D52
Redirect Chain

https://green.erne.co/pubmatic/cm?
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=rBbFHYbiC4U6mQ5hhwV4YTjG

42 B
216 B

56ms
45ms

Document
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=rBbFHYbiC4U6mQ5hhwV4YTjG
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Fri, 11 Feb 2022 16:06:36 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: amspug016:0:523
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

server: openresty
date: Fri, 11 Feb 2022 16:06:38 GMT
content-length: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=rBbFHYbiC4U6mQ5hhwV4YTjG
strict-transport-security: max-age=0; includeSubDomains;

GET

f4d6283b-b80b-419b-97e5-a7becc9fb8c5
sync.1rx.io/usersync/tradedesk/ Frame 5705
Redirect Chain

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1644595598140
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8821062739
https://sync.1rx.io/usersync/tradedesk/f4d6283b-b80b-419b-97e5-a7becc9fb8c5

0
0

GET bridge
cm.adgrx.com/ Frame 25E1 0
0

GET
H2 200 i.gif Show response
e.serverbid.com/udb/9969/sync/ Frame 99B4 0
44 B 133ms
127ms Document
text/plain 165.227.252.242
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=4&userId=785289FF-4DC7-4F0D-A2D4-3D0A4682189A
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 165.227.252.242 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

content-length: 0
date: Fri, 11 Feb 2022 16:06:37 GMT

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3B9B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=eFKJ_03HTw2i1D0KRoIYmg%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

14 KB
14 KB

54ms
54ms

Image
text/html

2.18.233.180

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol: H2
Server: 2.18.233.180 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 16:06:38 GMT
content-encoding: gzip
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300708-3de4-5d6ef246ef4cf"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=52493
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 5549
expires: Sat, 12 Feb 2022 06:41:31 GMT

Redirect headers

pragma: no-cache
date: Fri, 11 Feb 2022 16:06:38 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET

SPug
image4.pubmatic.com/AdServer/ Frame 3B9B
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=951e6206-898d-4700-bdbf-c847d066ea98

0
0

GET

tp=CLOD
sync.crwdcntrl.net/map/c=8587/ Frame 3B9B
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=785289FF-4DC7-4F0D-A2D4-3D0A4682189A
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D

0
0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 3B9B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Nzg1Mjg5RkYtNERDNy00RjBELUEyRDQtM0QwQTQ2ODIxODlB&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
110 B

141ms
45ms

Image
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol: H2
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 16:06:37 GMT
cache-control: no-store, no-cache, private
x-lat: amspug020:0:313
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 11 Feb 2022 16:06:38 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 3B9B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMli4k7vustTUQu62slOGlg&google_cver=1

42 B
438 B

141ms
46ms

Image
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMli4k7vustTUQu62slOGlg&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol: H2
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 11:24:34 GMT
cache-control: no-store, no-cache, private
x-lat: amspug0028:0:455
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 11 Feb 2022 16:06:38 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMli4k7vustTUQu62slOGlg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 3B9B 43 B
612 B 189ms
54ms Image
image/gif 169.50.137.184

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.184 -, , ASN (),

Reverse DNS

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 16:06:38 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Thu, 10 Feb 2022 16:06:38 GMT

GET

Pug
simage2.pubmatic.com/AdServer/ Frame 3B9B
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1144741481059535339

0
0

GET

Pug
simage2.pubmatic.com/AdServer/ Frame 3B9B
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=f4d6283b-b80b-419b-97e5-a7becc9fb8c5

0
0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 3B9B
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7111439794840596585&gdpr=0&gdpr_consent=

42 B
234 B

55ms
55ms

Image
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7111439794840596585&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol: H2
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 16:06:36 GMT
cache-control: no-store, no-cache, private
x-lat: amspug003:0:459
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Fri, 11 Feb 2022 16:06:38 GMT
X-Proxy-Origin: 217.64.151.5; 217.64.151.5; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 1e016a33-8477-4de4-a66d-faea900c0bb3
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7111439794840596585&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 3B9B
Redirect Chain

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=VIRZiFqPUYlPj1vdUoZE31CED49PjwyKVoCQoQ1N

42 B
626 B

173ms
44ms

Image
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=VIRZiFqPUYlPj1vdUoZE31CED49PjwyKVoCQoQ1N
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol: H2
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 16:06:36 GMT
cache-control: no-store, no-cache, private
x-lat: amspug017:0:434
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 11 Feb 2022 16:06:38 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=VIRZiFqPUYlPj1vdUoZE31CED49PjwyKVoCQoQ1N
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 785289FF-4DC7-4F0D-A2D4-3D0A4682189A
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 3B9B 43 B
988 B 70ms
65ms Image
image/gif 2a05:d018:d29:3601:b73:5e1d:a8b6:5551

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/785289FF-4DC7-4F0D-A2D4-3D0A4682189A?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3601:b73:5e1d:a8b6:5551 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 16:06:38 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET

SPug
image4.pubmatic.com/AdServer/ Frame 3B9B
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=785289FF-4DC7-4F0D-A2D4-3D0A4682189A&redir=true&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-4hKSvu1E2uVJHxc80tx0E7hAK.aZ9yA-~A&gdpr=0&gdpr_consent=

0
0

GET

sync
odr.mookie1.com/t/v2/ Frame 3B9B
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=098cf55b-3b5e-4871-ad67-90752b33669b&ssp=pubmatic&gdpr=0&gdpr_consent=

0
0

GET

Pug
simage2.pubmatic.com/AdServer/ Frame 3B9B
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3092879072035206203&gdpr=0&gdpr_consent=&us_privacy=

0
0

GET current
pubmatic-match.dotomi.com/match/bounce/ Frame 3B9B 0
0

GET pubmaticmatch
match.adsby.bidtheatre.com/ Frame 3B9B 0
0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 3B9B
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=no-consent&gdpr=1&gdpr_consent=

42 B
360 B

155ms
45ms

Image
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol: H2
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 16:06:37 GMT
cache-control: no-store, no-cache, private
x-lat: amspug015:0:301
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 11 Feb 2022 16:06:37 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET apn
ads.playground.xyz/usersync/ Frame 3B9B 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/generate_204?qoSgFg

Domain: google2waycm.netmng.com
URL: https://google2waycm.netmng.com/cm/?google_gid=CAESEERyio_y863PwmV1cLXAA0c&google_cver=1&google_push=AYg5qPJY1CGXrXNU_h4J6hP1hapP-UgNEMwQkpEHeWxymqGRRYaCY-_f-tYy4TI0NDBhiXSJUg5OPxTOmx2IrsJoXNGGCtB3-A

Domain: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/usa?https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=38&userId=

Domain: pixel-us-east.rubiconproject.com
URL: https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=17632&khaos=KZILR44S-8-MAGK

Domain: simage2.pubmatic.com
URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:951e6206-898d-4700-bdbf-c847d066ea98&gdpr=0&gdpr_consent=

Domain: image2.pubmatic.com
URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2183734418379314449

Domain: simage2.pubmatic.com
URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7063484308557199505

Domain: simage2.pubmatic.com
URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YgaJjQAFZEFxewAy&gdpr=0&gdpr_consent=

Domain: sync.srv.stackadapt.com
URL: https://sync.srv.stackadapt.com/sync?nid=11

Domain: match.prod.bidr.io
URL: https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1

Domain: simage2.pubmatic.com
URL: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0

Domain: a.tribalfusion.com
URL: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Domain: sync.1rx.io
URL: https://sync.1rx.io/usersync/tradedesk/f4d6283b-b80b-419b-97e5-a7becc9fb8c5

Domain: cm.adgrx.com
URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=

Domain: image4.pubmatic.com
URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=951e6206-898d-4700-bdbf-c847d066ea98

Domain: sync.crwdcntrl.net
URL: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D

Domain: simage2.pubmatic.com
URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1144741481059535339

Domain: simage2.pubmatic.com
URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=f4d6283b-b80b-419b-97e5-a7becc9fb8c5

Domain: image4.pubmatic.com
URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-4hKSvu1E2uVJHxc80tx0E7hAK.aZ9yA-~A&gdpr=0&gdpr_consent=

Domain: odr.mookie1.com
URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=098cf55b-3b5e-4871-ad67-90752b33669b&ssp=pubmatic&gdpr=0&gdpr_consent=

Domain: simage2.pubmatic.com
URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3092879072035206203&gdpr=0&gdpr_consent=&us_privacy=

Domain: pubmatic-match.dotomi.com
URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=785289FF-4DC7-4F0D-A2D4-3D0A4682189A&gdpr=0&gdpr_consent=

Domain: match.adsby.bidtheatre.com
URL: https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Domain: ads.playground.xyz
URL: https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID

Verdicts & Comments Add Verdict or Comment

127 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

35 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.wxyz.com/	1970-01-20 02:59:31	Name: _gcl_au Value: 1.1.1122585686.1644595590
www.wxyz.com/	1969-12-31 23:59:59	Name: mnet_session_depth Value: 1%7C1644595590904
.wxyz.com/	1970-01-20 00:51:21	Name: _gid Value: GA1.2.1182487701.1644595591
.wxyz.com/	1970-01-20 18:21:07	Name: _ga_VR1EJSK21G Value: GS1.1.1644595590.1.0.1644595590.60
.scorecardresearch.com/	1970-01-20 18:06:43	Name: UID Value: 1F36d546b69f4a7bceadf5b1644595591
.wxyz.com/	1970-01-20 02:59:31	Name: _fbp Value: fb.1.1644595591324.1809869769
.wxyz.com/	1970-01-20 00:49:57	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://www.wxyz.com/%22%2C%22sref%22:%22%22%2C%22sts%22:1644595591381%2C%22slts%22:0}
.wxyz.com/	1970-01-20 10:19:19	Name: _parsely_visitor Value: {%22id%22:%22pid=bb71a77ff04fa4427574dbc1239e5933%22%2C%22session_count%22:1%2C%22last_session_ts%22:1644595591381}
.wxyz.com/	1970-01-20 00:49:55	Name: _gat_ScrippsEnterprise Value: 1
.wxyz.com/	1970-01-20 18:21:07	Name: _ga Value: GA1.2.721668734.1644595591
.wxyz.com/	1970-01-20 00:49:55	Name: _gat Value: 1
.pymx5.com/	1970-01-20 05:09:07	Name: _ia_uid Value: eyJhbGciOiJBMjU2S1ciLCJlbmMiOiJBMjU2R0NNIn0.CpIaSuiX9brMrA5HzsdMnYKUOEkCL5YFP0vZ5Zgl1VN9jXZx4NXrNg.qk5175lZ9YNs9rj7.clcwQOO8Vdf21TeCrRLBEJfXVC8vJMsq0oPkhEiIkJtRo95VOae7ICTlsS6hQcWjYhpLZaF7v0X5uMSjK9pb_kGzKYI6OUdX08amhG4SRmmbJPnySyEtOQ5747AlGSgNr4gomYoWTE9OowXc4hnTzSM3v7OiDIo5xPBpbOT5lW6Fi0iaGmOP0QvD5V5SVTGEut2dRP2OyAqCZUb7KPwG0cT2iuqf2IEDyXOTZ5sBDlBppfu_hApLM1u_0TRKoNwDDgaWf_aQqZwW_eMotu-8NTlPYcO4JPkj4iHgbWHIDUSunXbo_CY1LFj0XWKYQDmQIqsjIVjwum2nl5TeJa1rNPGf-K4a-F3-VWSzPm2GTxY.Di3hwo5HZByBiSObYk64XA
.pymx5.com/	1970-01-20 05:09:07	Name: _ia_version Value: 2
.quantserve.com/	1970-01-20 10:20:09	Name: mc Value: 62068987-92c00-a22f1-9e446
.wxyz.com/	1970-01-20 10:14:24	Name: __qca Value: P0-1924386197-1644595591583
.facebook.com/	1970-01-20 02:59:31	Name: fr Value: 0Gn7kDlPU0BuK8h5p..BiBomH...1.0.BiBomH.
.gumgum.com/	1970-01-20 09:35:31	Name: cs Value: true
.gumgum.com/	1970-01-20 01:33:07	Name: loc Value: SfolTs1ZIlPt4unIug7NGHTHprMos3ZuqTBxlXamrm-DLEfuWxE5ngEX7RFPf0ICryGo0tYTzsjZLCzzxDzpl5Tjkz6rKz9X
.gumgum.com/	1970-01-20 09:35:31	Name: vst Value: e_0e1f3ffb-34f1-40e9-82fd-2384f1c13282
e.serverbid.com/	1970-01-20 09:35:31	Name: azk Value: ue1-sb1-e22f9239-15da-49ab-bc10-9cd817694288
.rubiconproject.com/	1970-01-20 09:35:31	Name: khaos Value: KZILR44S-8-MAGK
.rubiconproject.com/	1970-01-20 09:35:31	Name: audit Value: 1\|naVuGyos1qqzGND01LDPukHau3iET1N0BmQvWiFCZkJ2wHsFnqwQFMCE6fuRDvOom25SowDE9qrAUJ+gL7gixeHbnTBSoDZXsqlSNZOaaDQ=
.doubleclick.net/	1970-01-20 10:11:31	Name: IDE Value: AHWqTUl8T_qFMfut8tiom4dkBMgpV-NmqeX4sMq6velGWhYgQWeZq6ImgJKiudGK1Es
.wxyz.com/	1970-01-20 10:11:31	Name: __gads Value: ID=533898f4ea9e8ed8:T=1644595592:S=ALNI_MY4gyKCsHABlsYYa_1brfQvhwEqbA
.casalemedia.com/	1970-01-20 02:59:31	Name: CMPS Value: 5199
.blismedia.com/	1970-01-20 09:35:35	Name: b Value: 62068989DD85D081AACE46D1BLIS
.casalemedia.com/	1970-01-20 00:51:21	Name: CMST Value: YgaJiWIGiYkA
.casalemedia.com/	1970-01-20 09:35:31	Name: CMID Value: YgaJichptJx6.-zV-ky1pgAA
.casalemedia.com/	1970-01-20 02:59:31	Name: CMPRO Value: 1105
.adform.net/	1970-01-20 01:30:14	Name: C Value: 1
.adform.net/	1970-01-20 02:16:19	Name: uid Value: 1144741481059535339
.casalemedia.com/	1970-01-20 09:35:31	Name: CMRUM3 Value: 2d620689892760CAESEIFkwz8NDYrAcreyjBlvUTQ
.adnxs.com/	1970-01-20 02:59:31	Name: anj Value: dTM7k!M41.D>6NRF']wIg2C$Oku5j!]tbPl1M>e)ZlrFUfJ+tGXxo][G=DaKJm.6`wN.5A'KjaL'vFN]%Kp2AZOJ8bpRzqF1`b]nn)bO+r
.adnxs.com/	1970-01-20 02:59:31	Name: uuid2 Value: 7111439794840596585
.ctnsnet.com/	1970-01-20 09:35:31	Name: cid_9f92d36a62e14d9fb18cb4dc56a290b7 Value: 1

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.googletagmanager.com/gtm.js?id=GTM-R48P(Line 40) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.googletagmanager.com/gtm.js?id=GTM-R48P(Line 40) Message: Unrecognized feature: 'conversion-measurement'.
network	error	URL: https://cdn.cookielaw.org/consent/000000/000000.json Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://encouragingvase.com/00000 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://sync.adaptv.advertising.com/gg_pixel?google_gid=CAESEFQ785hXhn3Zuw-dZ2kK7pY&google_cver=1&google_push=AYg5qPLWUXh3gE-385KN_PhHwjM1Scrs2lA599sGboH5PA7BOMjJiWSuwjBVAFQ0423d7wa6dkbzBYNc0AfuLtvRWW3fXSk76RU Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://id.rlcdn.com/709414.gif Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://eb2.3lift.com/xuidmid=7976&xuid=wOL_seN4M&dongle=u6nf Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://p.adsymptotic.com/d/px/ue1-sb1-e22f9239-15da-49ab-bc10-9cd817694288 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-4hKSvu1E2uVJHxc80tx0E7hAK.aZ9yA-~A&gdpr=0&gdpr_consent= Message: Failed to load resource: the server responded with a status of 502 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

33c1d505435fa271922dd80f669878db.safeframe.googlesyndication.com
4394967.fls.doubleclick.net
a.tribalfusion.com
acdn.adnxs.com
ad.mrtnsvr.com
ad4m.at
ads.playground.xyz
ads.pubmatic.com
ads.rubiconproject.com
ads.yahoo.com
adservice.google.com
adservice.google.de
analytics.google.com
analyticssystems.net
ap.lijit.com
api.ewscloud.com
api.pymx5.com
assets.scrippsdigital.com
b1sync.zemanta.com
c.amazon-adsystem.com
c.bing.com
c1.adform.net
c2shb.ssp.yahoo.com
cdn.cookielaw.org
cdn.parsely.com
cm.adgrx.com
cm.g.doubleclick.net
connect.facebook.net
core.iprom.net
d3plfjw9uod7ab.cloudfront.net
dis.criteo.com
dsum-sec.casalemedia.com
e.serverbid.com
eb2.3lift.com
encouragingvase.com
eus.rubiconproject.com
ewscripps-d.openx.net
ewscripps.brightspotcdn.com
fastlane.rubiconproject.com
g2.gumgum.com
gcm.ctnsnet.com
google2waycm.netmng.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
green.erne.co
hblg.media.net
hbx.media.net
ib.adnxs.com
id.rlcdn.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
matching.truffle.bid
odr.mookie1.com
p.adsymptotic.com
p.typekit.net
p1.parsely.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.advertising.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.sitescout.com
pr-bh.ybp.yahoo.com
prebid-a.rubiconproject.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
pymx5.com
rtb.openx.net
rules.quantcount.com
s.amazon-adsystem.com
s0.2mdn.net
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
servedbyadbutler.com
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
simage2.pubmatic.com
ssc-cms.33across.com
ssc.33across.com
ssum-sec.casalemedia.com
static.ewscloud.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.adaptv.advertising.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.mathtag.com
sync.serverbid.com
sync.srv.stackadapt.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
use.fontawesome.com
use.typekit.net
videoads.ewscloud.com
web.hb.ad.cpe.dotomi.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.wxyz.com
wxyz.com
x.bidswitch.net
a.tribalfusion.com
ads.playground.xyz
cm.adgrx.com
google2waycm.netmng.com
image2.pubmatic.com
image4.pubmatic.com
match.adsby.bidtheatre.com
match.prod.bidr.io
odr.mookie1.com
pixel-us-east.rubiconproject.com
pubmatic-match.dotomi.com
simage2.pubmatic.com
sync.1rx.io
sync.crwdcntrl.net
sync.go.sonobi.com
sync.srv.stackadapt.com
tpc.googlesyndication.com
104.107.160.24
104.18.99.194
13.32.121.95
13.32.99.21
142.250.185.130
142.250.185.230
142.250.186.130
142.250.186.98
15.197.193.217
151.101.1.108
151.101.194.49
162.55.120.196
165.227.252.242
167.172.1.14
169.50.137.184
178.250.2.151
18.156.195.47
18.185.214.32
18.194.224.200
18.196.139.111
18.202.206.42
18.66.100.58
18.66.109.174
18.66.112.109
18.66.112.97
18.66.122.58
18.66.139.122
185.29.134.244
185.33.220.241
185.64.189.110
188.165.137.78
195.5.165.20
198.47.127.19
2.18.233.180
2.18.234.21
205.185.216.42
23.37.42.132
2600:9000:223c:5000:6:44e3:f8c0:93a1
2600:9000:223e:ac00:13:a391:88c0:21
2600:9000:2240:3c00:10:618e:d880:93a1
2602:803:c003:200::21
2606:4700:20::ac43:4a81
2606:4700:3030::6815:251b
2606:4700:3037::6815:4e07
2606:4700::6810:9540
2620:116:800d:21:ee05:6a01:4b41:8c89
2620:1ec:21::14
2620:1ec:c11::200
2a00:1288:80:800::7000
2a00:1450:4001:808::2001
2a00:1450:4001:808::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:810::200e
2a00:1450:4001:812::2006
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2008
2a00:1450:4001:831::2004
2a00:1450:400c:c03::9a
2a02:fa8:8806:20::2100
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a03:5f80:a::b212:e7c0
2a03:5f80:a::b212:e7d1
2a05:d018:d29:3601:b73:5e1d:a8b6:5551
3.126.56.137
34.102.163.6
34.149.20.76
34.96.105.8
34.96.74.203
34.98.64.218
35.186.193.173
35.190.74.157
35.227.203.93
35.227.252.103
35.244.174.68
37.157.4.40
51.89.21.30
52.222.214.97
52.28.154.195
52.46.154.242
54.144.144.142
54.156.164.26
64.74.236.127
66.155.71.150
66.155.71.25
67.202.105.23
69.173.144.138
69.173.144.165
72.251.249.9
76.223.111.18
78.159.97.6
005589a1d1f39cc5a92452f5c381b0cc0c51fbdb924fa337bd5080466e8848f7
0163325bcce85a4929a762f1a4d0825a9b8e800a0d6aec3ff8947ff7c4e2f299
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
054243219d1435d1d87fc4a0e668b32bf3eb956dee935b51bb7c42950d729463
0575415522a73899d6d44365c1b52d32ba6d404585e3ba553e30eeeca93132db
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
096ebe5196b95f66c1c0b9f3dcea9e6e3f40f2d55cd5933af5e4942adb232593
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0d235ad890492000475aec5aaa43697039a0d6b9860909bc5217ba7b50b50d63
0d6b23ea45a4b63191d9f54bfd08310fda8b46b71c37175fcc373c8e2a1d7b88
0db80e4ae35fcf307507f9ced66fe9ccb3147c1ea12a60ea034092e6aa3ebf40
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12e1a63c61b7bad66cde2c612847f9e611beb32004e6baf104963fb3924f906c
1385a4f55db1166435032cd0c1d542629ccc77f520fb0d3702e1d2da2f514a24
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
1460e4ba5d8a29324c75f80802081c73d2143d8c9581a84ca3df707fbc6e477c
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1ae58de8f5a55b24c6740a8c57f8290aa9a9989d2dffa5e2ecb37a751d0b057c
1b29295e6a99520af2b7ea35ba09c91c93d00e85983db46c3e81d4839dd395c1
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
22af1f820f089b880060fa7caab3962749e9e296a2baff4ce8948118bc8b3032
2675ab1d1852f1aa30e272d7c2b1b9616e1f4771a94860e0d92bc7fca6c3c48a
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
29c74708cc7b3cb6d5ef57377e2145055a1c171c3787c63e82b0651a346d31e1
2b6c5c61d31d9a294660a1999928903900aadb1eda143065f81b59e3c4770cfe
2e458cdd5ca41bd13ad7a3fbc0a3339f62da92ab89a9c0b3059b27dc808f245a
339e03bed3dd4b55e81eaa35c0aca8726c147d68b9f76080b4d94d78c4c34d39
3b4cdcac0b1cdecd92288f13bb3e6e98c268619508efd3cd46b8b919e6617de8
3cba1ddcab8a7a99cb45b1c4d5dfe4ea14aeba44ef8d032a797c687f6220287a
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
406dae81a8e95037a3bca53ca771f446df097cf86084d76de62fd308e2bf32a5
44f8df585c00989ebcd87d33a7ee4a71f3ea2492a1cdcb59099e91884932e28c
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492f490d3a8cae053f8ab9f525210cfcd792987a02d65783aa81ce4edf926fa2
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d2a74d8b25e1ccd4b1294b0b937804bc24aeea7f46edad3f3c1f91604d2708c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ee5245a1b29590ed2d8b3c684abeefc085ea744a0b59f5442eb4e74a1b43d48
50182182afc974ed88a0d8a1c1772881cb6409bd26270ca2d1c104151aa0f800
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
54043aec94a8eb89b42fd11b81e743bf7153d4704578d4e614ffd43ff8dda626
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
59cecdcb671cb5027bc86c50d79c534d3258e6213b2e5d01deb5a257f39b3a76
5baa557750c0dc3d1c36b5abf69a46136140e1b498108c5a807daa6e093b3dff
5df12841c6715824a34b4231cd3da7eaf29d04ea34a7b807098892cc95b2da65
5e8ce569d817749f59cd47f750a647dc52577f85f7ca6fd2cbc6763f1b67afa3
6115e3a898ad9f379c5ef14408339a6ee87f09fa3e1bd54c66a914d156021ce0
6134c69a4499afd5f1c8aa273268c18604922248782917819d91e9cdfdf22995
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62b5e7ae9e2ed60dcd7cb2e0823dd0884575f2176aff629f2df1e912dfae20e1
62e9716cc4c478347347188866b4ce050141e3cf8c061ce8317a8cd0b3f3c7b5
63ba928e89694c180ffcbdf55a3932a5b5c67106f5068ab327aa94e2b4f6873d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cf45589e49e24e1c2c7ecd649592b0c0bc969f9440a70d71dcd45da74c64119
6e07709c33930d50fcb07a46a296359c64c4aae538b3629fb290589362f182ad
778cf0be0395f481130a6c102485a1dceb520d7b56b5cdac1f82f06b0ecf2011
7802406f59d4f328009e62255b00d44136538f7aaf0c4ae79ecf60f719b8f237
7837a92dd3b201ac34b025ab57dd0c145bfac32243e95ad5d76528f568b3ab9f
784acd540b5fcfb87c47dfe12e5311084ce692366a2ac196fd5cc8eb28ff4c23
794d7be20c2551aa00dce3822b3f38c8e8efc7cd0a86dae7c8f45a62b82535d5
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7b151c4e5fcb8f0c9d627ae90eee08ccb54786c8b80a9624ce4a58d385f4a4ae
7bad7c3b3f116ae59297912b997e7a18d2bd60e4a24eb0d462002c0b777eb504
7eb4f1e21dee1cae9e03b97e51e2929a146e95ca1c82f3c314d9ed4645f01dc0
80c09a1e2d901cfff75823e1f864eff75b2bdc6fad4d20fa8e7c13e74a559692
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39
873d2ad31b07d3f195ff0f4b68730a06e80232b854525bb35d0a469c4514afe8
893408524c726d086c14032cd5cc2099f34fad56df521df5252ae92d805ddec9
8b298de2d29cc83cb5b22914f7e724c94252724602c0a9f313f301b4ba059cff
8d52965491f525042696253c25b525954d221bef41ab1caf33f2000724a17de2
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ff0a8aa2368a2498e0744d8f4439fca8aa7394c7356c404911773826af2a435
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
96fe26b367fd26cef67f5a9bf16e5ae7337f36bd142a0206b72a773f876addf5
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a082bfd96630ab857ec08e4e0055175aae987aea275d450f048ec3fee5de5383
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a3af54f50cf210dee579bf544bd6029b5688e7af8557fb03b3d83a24bbd1928a
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a519e51352eac9e357750fa571a7813a4ffea33c44e70bae60bd150a91bc2943
a5e7bdeec32432f86e9a8349a1c2e359270a67e6b3a2b99a4058e2a977ff16a8
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7c0110c9ba6f4134e3904ba01dc35ba3fbc491381962da9327bfe92c2267f77
a81dff15f532f603b041e58c55385c065df8dc6669e5adcbed97e2dc69221435
a83079124373d924ad1402fbc08d2e24d0043234d4c26565f1c368745f55f5d9
adc8713b28f1422f937ad42965aa3cc3aadf189385c74cd03b39e7222004ef11
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b236dccee1a0d5280842bdff52b4005e2b0c9ee5d74a15db3e939c53306576d3
b3f5bd87996c889a9fb219004806fe3a1252782771a6687bf3f83fa4e2e451b5
b691df67285b5dbec7dce4eac05d7e7be640f110492637d56a46614d752bdffb
b85a8522b694640eedc3984d83f84afb72c1cbc688c9602a4a676d05cbc854af
baea5caffda9109fe3fe251376d60a25ea43c846fa7bb8dc4b15da44a78c6760
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
be0ff910cbe18da739b84946fc7781136e852ce786dfd4ddc31f2a82312394ce
c3acfb2457b1e815e013efba4650d288f41d26b8cfc4fb20f1efad84ea2b0014
c43e824422494053ca451474852915b24d7df1276fb6a42fdd71f4bc6636c1aa
c7d81aeb982c6ed5e169b39627b8014574447e899d3ec274dc56b40f1e81785f
cb2f89e554453cd1e53c403748945f0fc04314a5395c72160f06367d49cb9d26
ccfd1de92f095ee33f6d212821add438bee4a30091b15e90df17599d9d1e7836
cd3699476d188453684876ad11b8813508e578f49a02f4639fed3b3ce8a74a58
ce91e2144ea27f82292ef2c87c5d9e1d0b9994df63836130293865aca18fc550
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d14b002fff2f922f5ed84f30a59af2f86d8e65b926d0af5dcefaa1a78a37cede
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d47b0a558d4b3c185baeca529965752d946921f4a10cb7c442b9bbee6985c4a5
d63fa770adfd344ffffd30e315719e539d341a6f71d0d6ad6a5c312a85e95fed
d66c157e60a88623fc6bb87393d303096b3a2db235ad33c1cdb80ed71ee38c42
da4a85b624e7a71b4aa3827935dae699f7e8769e172ce18dc1ec395967863fbd
dabfd75821c856511b69cc96ff7bca909af16a80e963244b15731c4ef98a082b
e060bee9180a214894253c97e6a1651cdd34a9d8980470b0b7c5cf89e1bde264
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4447831baf6690d632168390edfd95679cb7b5a09aec2c54d47b0a2343e54aa
e5be30616d437d2baf9041a6648598542ae30fed30d261b002266e5d58969685
e695f937b9895029d54b8e47c9ad0b4154a3879db93ef6208275e2d002e98b60
e805744df6275c5ed9793ad33d1a2d5abef55b908203ab16f69e934c921cd64c
ead7b8cf34ce60ef79ff04c946d745581c3f0ae46a221600e997b129f4d1da33
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ed2a7d1ea2ab128d9fdf26582706bac2b4976a96ef8695b8ede2ef4d98f1da05
edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2dcd9cd8327f9a74903074baf5a2af793df8d8a706c220e2ab4516e775596eb
f93264606087b4c1dd4e0bb8bf2ed92549c53fe8b5f095d214c4e72a765f5482
fa29414ee6f22f1a9ee25ab842e2fc1626214be118ed63133075d18318bfdf2b
fd8592df9b6c8285b838a8b2ce653907b259a0286dc50a31b2c9585828a726cb
ff06035c5d58225dd58995f3accc5907de175d5fa77a72e2c63f891c900cd98e

www.wxyz.com Open in urlscan Pro 18.66.112.109 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

238 Requests

77 %HTTPS

33 %IPv6

74 Domains

118 Subdomains

85 IPs

9 Countries

8252 kBTransfer

12101 kBSize

35 Cookies

14 Outgoing links

Page URL History

Redirected requests

238 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.wxyz.com Open in urlscan Pro
18.66.112.109 Public Scan

Screenshot
Live screenshot

Full Image

238
Requests

77 %
HTTPS

33 %
IPv6

74
Domains

118
Subdomains

85
IPs

9
Countries

8252 kB
Transfer

12101 kB
Size

35
Cookies

238 HTTP transactions
3 data transactions