URL: https://975now.com/listen-live/
Submission: On December 23 via manual from US — Scanned from DE

Summary

This website contacted 115 IPs in 13 countries across 100 domains to perform 320 HTTP transactions. The main IP is 192.229.233.160, located in Saint Joseph, United States and belongs to EDGECAST, US. The main domain is 975now.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on August 30th 2022. Valid for: a year.
This is the only time 975now.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
26 192.229.233.160 15133 (EDGECAST)
7 192.229.144.129 15133 (EDGECAST)
1 2a00:1450:400... 15169 (GOOGLE)
15 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:225... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 172.64.151.162 13335 (CLOUDFLAR...)
4 192.229.233.218 15133 (EDGECAST)
8 2a00:1450:400... 15169 (GOOGLE)
1 1 2a03:2880:f20... 32934 (FACEBOOK)
1 2 2a03:2880:f20... 32934 (FACEBOOK)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
3 104.87.141.138 16625 (AKAMAI-AS)
3 13.32.28.197 16509 (AMAZON-02)
4 93.184.220.66 15133 (EDGECAST)
4 2a03:2880:f00... 32934 (FACEBOOK)
2 151.101.193.44 54113 (FASTLY)
5 2a00:1450:400... 15169 (GOOGLE)
22 44.197.136.214 14618 (AMAZON-AES)
1 34.120.133.55 396982 (GOOGLE-CL...)
8 15.197.193.217 16509 (AMAZON-02)
2 34.95.69.49 396982 (GOOGLE-CL...)
2 7 172.64.154.237 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 99.84.88.80 16509 (AMAZON-02)
3 52.214.61.187 16509 (AMAZON-02)
2 99.86.4.2 16509 (AMAZON-02)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 104.244.42.136 13414 (TWITTER)
2 141.226.228.48 200478 (TABOOLA-AS)
4 104.96.149.237 16625 (AKAMAI-AS)
2 2001:4860:480... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
5 2a03:2880:f11... 32934 (FACEBOOK)
2 54.72.111.64 16509 (AMAZON-02)
5 159.89.246.130 14061 (DIGITALOC...)
3 2602:803:c004... 26667 (RUBICONPR...)
1 69.166.1.14 27630 (AS-XFERNET)
4 5 37.252.171.52 29990 (ASN-APPNEX)
2 184.30.21.51 16625 (AKAMAI-AS)
3 34.98.64.218 396982 (GOOGLE-CL...)
1 52.28.173.192 16509 (AMAZON-02)
1 185.64.190.77 62713 (AS-PUBMATIC)
1 18.66.97.14 16509 (AMAZON-02)
1 3.125.142.130 16509 (AMAZON-02)
1 34.107.148.139 396982 (GOOGLE-CL...)
2 51.75.86.98 16276 (OVH)
2 2a00:1450:400... 15169 (GOOGLE)
2 99.86.3.236 16509 (AMAZON-02)
4 2a02:fa8:8806... 41041 (VCLK-EU-SE)
7 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 18.66.112.8 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 151.101.64.84 54113 (FASTLY)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 142.250.180.198 15169 (GOOGLE)
2 4 2606:4700::68... 13335 (CLOUDFLAR...)
1 52.217.174.97 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
4 35.190.113.31 15169 (GOOGLE)
1 52.217.195.248 16509 (AMAZON-02)
1 143.204.215.111 16509 (AMAZON-02)
2 130.211.23.194 15169 (GOOGLE)
2 2 2.19.35.65 16625 (AKAMAI-AS)
6 23.37.42.132 16625 (AKAMAI-AS)
2 2 198.148.27.139 19189 (PULSEPOINT)
2 3 34.242.140.136 16509 (AMAZON-02)
1 1 52.55.14.74 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a04:4e42:400... 54113 (FASTLY)
1 8.39.36.142 26667 (RUBICONPR...)
1 1 3.229.187.21 14618 (AMAZON-AES)
1 54.87.129.189 14618 (AMAZON-AES)
6 10 69.173.144.138 26667 (RUBICONPR...)
10 12 142.251.39.34 15169 (GOOGLE)
2 4 52.94.220.185 16509 (AMAZON-02)
1 2620:1ec:21::14 8068 (MICROSOFT...)
2 4 52.46.143.56 16509 (AMAZON-02)
1 2 2a05:d018:d29... 16509 (AMAZON-02)
1 54.161.107.103 14618 (AMAZON-AES)
1 76.223.111.18 16509 (AMAZON-02)
1 13.32.27.127 16509 (AMAZON-02)
1 92.123.38.97 16625 (AKAMAI-AS)
1 2600:9000:211... 16509 (AMAZON-02)
3 2.18.233.180 16625 (AKAMAI-AS)
1 162.19.138.83 16276 (OVH)
1 52.209.167.52 16509 (AMAZON-02)
2 13.32.99.55 16509 (AMAZON-02)
1 72.251.249.9 32475 (SINGLEHOP...)
1 35.186.253.211 15169 (GOOGLE)
1 2 185.86.137.132 201081 (SMARTADSE...)
5 5 3.126.56.137 16509 (AMAZON-02)
1 69.166.1.10 27630 (AS-XFERNET)
6 54.239.168.49 16509 (AMAZON-02)
3 9 198.47.127.18 3257 (GTT-BACKB...)
2 4 198.47.127.20 62713 (AS-PUBMATIC)
3 98.98.134.243 21859 (ZEN-ECN)
1 3 198.47.127.19 3257 (GTT-BACKB...)
1 4 185.80.39.216 27381 (CASALE-MEDIA)
2 2 162.19.80.92 16276 (OVH)
1 2a05:d018:cc3... 16509 (AMAZON-02)
1 1 34.111.151.213 396982 (GOOGLE-CL...)
1 1 185.29.134.244 30419 (MEDIAMATH...)
4 12 185.64.189.110 62713 (AS-PUBMATIC)
2 2 213.155.156.181 1299 (TWELVE99 ...)
3 6 185.64.190.80 62713 (AS-PUBMATIC)
1 178.250.0.163 44788 (ASN-CRITE...)
1 1 2620:116:800d... 16509 (AMAZON-02)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
5 5 52.30.134.174 16509 (AMAZON-02)
1 1 185.86.137.110 201081 (SMARTADSE...)
1 1 52.205.53.251 14618 (AMAZON-AES)
2 2 151.101.130.49 54113 (FASTLY)
1 1 35.214.223.115 15169 (GOOGLE)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 195.5.165.20 44968 (IPROM-AS)
2 2 213.19.147.44 26120 (RHYTHMONE)
1 162.55.120.196 24940 (HETZNER-AS)
1 173.231.180.197 32475 (SINGLEHOP...)
1 1 141.95.171.140 16276 (OVH)
1 1 146.59.148.16 16276 (OVH)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2 34.111.129.221 396982 (GOOGLE-CL...)
1 34.111.131.239 396982 (GOOGLE-CL...)
1 2 34.91.62.186 396982 (GOOGLE-CL...)
2 2 37.157.4.25 198622 (ADFORM)
3 3 3.122.66.11 16509 (AMAZON-02)
1 1 51.255.68.171 16276 (OVH)
1 1 159.65.194.197 14061 (DIGITALOC...)
1 1 2001:678:cb4:... 56396 (AMOBEE)
1 1 34.102.253.54 396982 (GOOGLE-CL...)
1 1 37.252.171.84 29990 (ASN-APPNEX)
1 2 52.86.202.16 14618 (AMAZON-AES)
1 35.186.193.173 ()
1 1 52.220.229.2 ()
1 2 52.7.44.10 ()
1 2 77.243.60.138 ()
2 2 35.201.96.126 ()
1 185.64.189.229 ()
1 1 141.94.171.216 ()
320 115
Apex Domain
Subdomains
Transfer
39 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 449
ads.pubmatic.com — Cisco Umbrella Rank: 481
image8.pubmatic.com — Cisco Umbrella Rank: 594
image4.pubmatic.com — Cisco Umbrella Rank: 824
image6.pubmatic.com — Cisco Umbrella Rank: 716
simage2.pubmatic.com — Cisco Umbrella Rank: 641
image2.pubmatic.com — Cisco Umbrella Rank: 852
simage4.pubmatic.com — Cisco Umbrella Rank: 1176
aud.pubmatic.com
42 KB
26 975now.com
975now.com
210 KB
25 wostreaming.net
v7player.wostreaming.net — Cisco Umbrella Rank: 56672
prt.wostreaming.net — Cisco Umbrella Rank: 97193
live.wostreaming.net — Cisco Umbrella Rank: 62076
prod-54-87-129-189.wostreaming.net
3 MB
22 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 462
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 835
eus.rubiconproject.com — Cisco Umbrella Rank: 529
pixel-us-west.rubiconproject.com — Cisco Umbrella Rank: 4959
token.rubiconproject.com — Cisco Umbrella Rank: 563
pixel.rubiconproject.com — Cisco Umbrella Rank: 309
38 KB
22 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 192
stats.g.doubleclick.net — Cisco Umbrella Rank: 77
ad.doubleclick.net — Cisco Umbrella Rank: 161
cm.g.doubleclick.net — Cisco Umbrella Rank: 208
133 KB
15 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 29
40 KB
13 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 296
aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 503
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 912
s.amazon-adsystem.com — Cisco Umbrella Rank: 273
55 KB
13 google.com
apis.google.com — Cisco Umbrella Rank: 92
region1.analytics.google.com — Cisco Umbrella Rank: 4762
www.google.com — Cisco Umbrella Rank: 2
accounts.google.com — Cisco Umbrella Rank: 71
224 KB
11 casalemedia.com
as-sec.casalemedia.com — Cisco Umbrella Rank: 1488
htlb.casalemedia.com — Cisco Umbrella Rank: 482
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 419
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 513
8 KB
11 gstatic.com
fonts.gstatic.com
ssl.gstatic.com
85 KB
8 undertone.com
hb.undertone.com — Cisco Umbrella Rank: 3593
cdn.undertone.com — Cisco Umbrella Rank: 5890
usr.undertone.com — Cisco Umbrella Rank: 3945
5 KB
8 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 315
2 KB
7 youtube.com
www.youtube.com — Cisco Umbrella Rank: 73
127 KB
7 consensu.org
cdn.conversant.mgr.consensu.org — Cisco Umbrella Rank: 38524
api.conversant.mgr.consensu.org — Cisco Umbrella Rank: 40481
205 KB
7 townsquare.media
townsquare.media — Cisco Umbrella Rank: 23276
398 KB
6 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 408
ups.analytics.yahoo.com — Cisco Umbrella Rank: 279
2 KB
6 adswizz.com
synchroscript.deliveryengine.adswizz.com — Cisco Umbrella Rank: 2866
synchrobox.adswizz.com — Cisco Umbrella Rank: 6471
cdn.adswizz.com — Cisco Umbrella Rank: 10187
delivery-cdn-cf.adswizz.com — Cisco Umbrella Rank: 4723
22 KB
6 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 210
secure.adnxs.com — Cisco Umbrella Rank: 414
6 KB
6 serverbid.com
e.serverbid.com — Cisco Umbrella Rank: 3751
sync.serverbid.com — Cisco Umbrella Rank: 8287
x.serverbid.com — Cisco Umbrella Rank: 8966
3 KB
6 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 740
syndication.twitter.com — Cisco Umbrella Rank: 1034
152 KB
5 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 480
2 KB
5 facebook.com
www.facebook.com — Cisco Umbrella Rank: 110
55 B
4 atemda.com
p287.atemda.com — Cisco Umbrella Rank: 188716
gc-ue2.atemda.com — Cisco Umbrella Rank: 434065
atemda.com — Cisco Umbrella Rank: 4844
6 KB
4 openx.net
townsquaremedia-d.openx.net — Cisco Umbrella Rank: 42616
u.openx.net — Cisco Umbrella Rank: 653
rtb.openx.net — Cisco Umbrella Rank: 1546
us-u.openx.net — Cisco Umbrella Rank: 411
947 B
4 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1230
ad.crwdcntrl.net — Cisco Umbrella Rank: 7177
sync.crwdcntrl.net — Cisco Umbrella Rank: 719
530 B
4 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 937
trc-events.taboola.com — Cisco Umbrella Rank: 1573
172 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 149
177 KB
4 townsquareblogs.com
cdn.production.townsquareblogs.com — Cisco Umbrella Rank: 48552
103 KB
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 282
1 KB
3 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 24144
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 26541
740 B
3 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 578
573 B
3 smartadserver.com
sync.smartadserver.com — Cisco Umbrella Rank: 1433
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 532
1 KB
3 jwpcdn.com
ssl.p.jwpcdn.com — Cisco Umbrella Rank: 2701
210 KB
3 btloader.com
btloader.com — Cisco Umbrella Rank: 897
api.btloader.com — Cisco Umbrella Rank: 1011
14 KB
3 solutionshindsight.net
static.solutionshindsight.net — Cisco Umbrella Rank: 33180
33 KB
3 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1200
39 KB
3 pinterest.com
assets.pinterest.com — Cisco Umbrella Rank: 2616
log.pinterest.com — Cisco Umbrella Rank: 3632
19 KB
3 instagram.com
platform.instagram.com — Cisco Umbrella Rank: 7871
www.instagram.com — Cisco Umbrella Rank: 1236
5 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 37
imasdk.googleapis.com — Cisco Umbrella Rank: 405
348 KB
2 fiftyt.com
visitor.fiftyt.com
625 B
2 semasio.net
uipglob.semasio.net
1 KB
2 audrte.com
a.audrte.com
1 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 204
2 KB
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 566
1 KB
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 759
1 KB
2 onaudience.com
pixel-eu.onaudience.com — Cisco Umbrella Rank: 12965
pixel.onaudience.com
1 KB
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 497
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 726
s.tribalfusion.com — Cisco Umbrella Rank: 1844
1 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 534
749 B
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4459
562 B
2 dyntrk.com
gu.dyntrk.com — Cisco Umbrella Rank: 972
819 B
2 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 518
966 B
2 amazonaws.com
tsm-css.s3.amazonaws.com — Cisco Umbrella Rank: 289268
s3.amazonaws.com
22 KB
2 media6degrees.com
action.media6degrees.com — Cisco Umbrella Rank: 5399
382 B
2 dstillery.com
action.dstillery.com — Cisco Umbrella Rank: 6048
280 B
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1010
1 KB
2 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 101
49 KB
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 690
358 B
2 media.net
prebid.media.net — Cisco Umbrella Rank: 1148
contextual.media.net — Cisco Umbrella Rank: 540
8 KB
2 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 510
eb2.3lift.com — Cisco Umbrella Rank: 335
691 B
2 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1377
4 KB
2 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 1452
sync.go.sonobi.com — Cisco Umbrella Rank: 816
1 KB
2 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1363
2 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 6041
564 B
2 dotomi.com
proc.ad.cpe.dotomi.com — Cisco Umbrella Rank: 20273
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 2838
722 B
2 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 154
2 KB
2 clean.gg
i.clean.gg — Cisco Umbrella Rank: 1307
15 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 51
144 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 599
14 KB
1 gammaplatform.com
cm-supply-web.gammaplatform.com
649 B
1 ctnsnet.com
ipac.ctnsnet.com
369 B
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 3458
463 B
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 710
518 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2014
555 B
1 nrich.ai
dsp.nrich.ai — Cisco Umbrella Rank: 2734
536 B
1 zeotap.com
mwzeom.zeotap.com — Cisco Umbrella Rank: 2401
382 B
1 erne.co
green.erne.co — Cisco Umbrella Rank: 16075
367 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1303
282 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 5627
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 5149
277 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 752
227 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 651
613 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1427
524 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 639
589 B
1 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 658
363 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 434
725 B
1 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 1494
366 B
1 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1484
181 B
1 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 1315
297 B
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 581
277 B
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 413
1 KB
1 amperwave.net
api.clarity.amperwave.net — Cisco Umbrella Rank: 164234
2 KB
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 367
707 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 267
17 KB
1 fksnk.com
fksnk.com — Cisco Umbrella Rank: 4004
598 B
1 kargo.com
krk.kargo.com — Cisco Umbrella Rank: 2256
645 B
1 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 802
356 B
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 188
27 KB
1 net.
doi3unldljdx6.cloudfront.net.
43 KB
0 targetspot.com Failed
nodeny.targetspot.com Failed
320 100
Domain Requested by
26 975now.com 975now.com
doi3unldljdx6.cloudfront.net.
22 v7player.wostreaming.net 975now.com
v7player.wostreaming.net
15 www.google-analytics.com 975now.com
www.google-analytics.com
v7player.wostreaming.net
12 simage2.pubmatic.com 4 redirects ads.pubmatic.com
sync.serverbid.com
12 cm.g.doubleclick.net 10 redirects
9 image8.pubmatic.com 3 redirects ads.pubmatic.com
sync.serverbid.com
8 match.adsrvr.org js-sec.indexww.com
sync.serverbid.com
cdn.undertone.com
ssum-sec.casalemedia.com
ads.pubmatic.com
8 apis.google.com 975now.com
doi3unldljdx6.cloudfront.net.
accounts.google.com
www.youtube.com
apis.google.com
7 www.youtube.com doi3unldljdx6.cloudfront.net.
www.youtube.com
7 stats.g.doubleclick.net 975now.com
www.google-analytics.com
7 townsquare.media 975now.com
doi3unldljdx6.cloudfront.net.
6 image2.pubmatic.com 3 redirects ads.pubmatic.com
6 usr.undertone.com cdn.undertone.com
ssum-sec.casalemedia.com
sync.serverbid.com
6 pixel.rubiconproject.com 2 redirects cdn.undertone.com
6 eus.rubiconproject.com v7player.wostreaming.net
eus.rubiconproject.com
doi3unldljdx6.cloudfront.net.
cdn.undertone.com
6 ssl.gstatic.com accounts.google.com
975now.com
5 match.prod.bidr.io 5 redirects
5 ssum-sec.casalemedia.com 2 redirects js-sec.indexww.com
cdn.undertone.com
ssum-sec.casalemedia.com
5 ib.adnxs.com 4 redirects cdn.production.townsquareblogs.com
5 www.facebook.com doi3unldljdx6.cloudfront.net.
connect.facebook.net
975now.com
5 fonts.gstatic.com fonts.googleapis.com
4 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
4 ups.analytics.yahoo.com 4 redirects
4 s.amazon-adsystem.com 2 redirects ssum-sec.casalemedia.com
4 aax-eu.amazon-adsystem.com 2 redirects ads.pubmatic.com
4 token.rubiconproject.com 4 redirects
4 cdn.conversant.mgr.consensu.org doi3unldljdx6.cloudfront.net.
cdn.conversant.mgr.consensu.org
4 connect.facebook.net 975now.com
doi3unldljdx6.cloudfront.net.
v7player.wostreaming.net
connect.facebook.net
4 platform.twitter.com 975now.com
doi3unldljdx6.cloudfront.net.
4 cdn.production.townsquareblogs.com 975now.com
cdn.production.townsquareblogs.com
3 x.bidswitch.net 3 redirects
3 image6.pubmatic.com 1 redirects ads.pubmatic.com
3 pixel-sync.sitescout.com cdn.undertone.com
ssum-sec.casalemedia.com
sync.serverbid.com
3 image4.pubmatic.com 2 redirects sync.serverbid.com
3 x.serverbid.com sync.serverbid.com
ads.pubmatic.com
3 ads.pubmatic.com doi3unldljdx6.cloudfront.net.
sync.serverbid.com
3 ssl.p.jwpcdn.com v7player.wostreaming.net
3 synchroscript.deliveryengine.adswizz.com 2 redirects cdn.adswizz.com
3 static.solutionshindsight.net doi3unldljdx6.cloudfront.net.
3 api.conversant.mgr.consensu.org cdn.conversant.mgr.consensu.org
3 fastlane.rubiconproject.com cdn.production.townsquareblogs.com
3 c.amazon-adsystem.com 975now.com
c.amazon-adsystem.com
3 secure.cdn.fastclick.net 975now.com
doi3unldljdx6.cloudfront.net.
2 visitor.fiftyt.com 2 redirects
2 uipglob.semasio.net 1 redirects
2 a.audrte.com 1 redirects
2 dpm.demdex.net 1 redirects sync.serverbid.com
2 c1.adform.net 2 redirects
2 um.simpli.fi 1 redirects sync.serverbid.com
2 cr.frontend.weborama.fr 2 redirects
2 sync.crwdcntrl.net ads.pubmatic.com
sync.serverbid.com
2 sync.1rx.io 2 redirects
2 sync-tm.everesttech.net 2 redirects
2 d5p.de17a.com 2 redirects
2 gu.dyntrk.com 2 redirects
2 sync.smartadserver.com 1 redirects sync.serverbid.com
2 pr-bh.ybp.yahoo.com 1 redirects sync.serverbid.com
2 gc-ue2.atemda.com 975now.com
2 bh.contextweb.com 2 redirects
2 secure-assets.rubiconproject.com 2 redirects
2 api.btloader.com doi3unldljdx6.cloudfront.net.
btloader.com
2 imasdk.googleapis.com v7player.wostreaming.net
imasdk.googleapis.com
2 action.media6degrees.com 975now.com
2 action.dstillery.com 2 redirects
2 ad-delivery.net 975now.com
2 accounts.google.com doi3unldljdx6.cloudfront.net.
975now.com
2 aax-dtb-cf.amazon-adsystem.com c.amazon-adsystem.com
2 pagead2.googlesyndication.com doi3unldljdx6.cloudfront.net.
imasdk.googleapis.com
2 onetag-sys.com cdn.production.townsquareblogs.com
doi3unldljdx6.cloudfront.net.
2 a.teads.tv cdn.production.townsquareblogs.com
doi3unldljdx6.cloudfront.net.
2 e.serverbid.com cdn.production.townsquareblogs.com
sync.serverbid.com
2 g2.gumgum.com cdn.production.townsquareblogs.com
2 www.google.de 975now.com
2 region1.analytics.google.com 975now.com
2 trc-events.taboola.com 975now.com
2 syndication.twitter.com platform.twitter.com
975now.com
2 sb.scorecardresearch.com doi3unldljdx6.cloudfront.net.
975now.com
2 securepubads.g.doubleclick.net doi3unldljdx6.cloudfront.net.
www.googletagservices.com
2 i.clean.gg doi3unldljdx6.cloudfront.net.
2 cdn.taboola.com 975now.com
doi3unldljdx6.cloudfront.net.
2 www.googletagmanager.com 975now.com
doi3unldljdx6.cloudfront.net.
2 assets.pinterest.com 975now.com
doi3unldljdx6.cloudfront.net.
2 www.instagram.com 1 redirects 975now.com
2 js-sec.indexww.com 975now.com
doi3unldljdx6.cloudfront.net.
1 pixel.onaudience.com 1 redirects
1 aud.pubmatic.com
1 cm-supply-web.gammaplatform.com 1 redirects
1 ipac.ctnsnet.com ads.pubmatic.com
1 simage4.pubmatic.com ads.pubmatic.com
1 delivery-cdn-cf.adswizz.com synchroscript.deliveryengine.adswizz.com
1 secure.adnxs.com 1 redirects
1 ads.playground.xyz 1 redirects
1 ad.turn.com 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 pubmatic-match.dotomi.com sync.serverbid.com
1 dsp.nrich.ai 1 redirects
1 idsync.frontend.weborama.fr sync.serverbid.com
1 mwzeom.zeotap.com sync.serverbid.com
1 pixel-eu.onaudience.com 1 redirects
1 green.erne.co 1 redirects
1 cm.adgrx.com ads.pubmatic.com
1 matching.truffle.bid ads.pubmatic.com
1 core.iprom.net ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 csync.loopme.me 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 rtb-csync.smartadserver.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 cms.quantserve.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 sync.mathtag.com 1 redirects
1 dmp.brand-display.com 1 redirects
1 d.adroll.com ssum-sec.casalemedia.com
1 pixel.advertising.com 1 redirects
1 us-u.openx.net cdn.undertone.com
1 sync.go.sonobi.com sync.serverbid.com
1 rtb.openx.net sync.serverbid.com
1 ap.lijit.com sync.serverbid.com
1 cdn.adswizz.com sync.serverbid.com
1 synchrobox.adswizz.com sync.serverbid.com
1 id5-sync.com
1 cdn.undertone.com doi3unldljdx6.cloudfront.net.
1 u.openx.net doi3unldljdx6.cloudfront.net.
1 contextual.media.net doi3unldljdx6.cloudfront.net.
1 sync.serverbid.com doi3unldljdx6.cloudfront.net.
1 eb2.3lift.com doi3unldljdx6.cloudfront.net.
1 api.clarity.amperwave.net imasdk.googleapis.com
1 px.ads.linkedin.com
1 prod-54-87-129-189.wostreaming.net
1 live.wostreaming.net 1 redirects
1 pixel-us-west.rubiconproject.com
1 s0.2mdn.net imasdk.googleapis.com
1 atemda.com 975now.com
1 fksnk.com 1 redirects
1 prt.wostreaming.net v7player.wostreaming.net
1 s3.amazonaws.com 975now.com
1 p287.atemda.com v7player.wostreaming.net
1 tsm-css.s3.amazonaws.com client
1 ad.doubleclick.net 975now.com
1 btloader.com doi3unldljdx6.cloudfront.net.
1 log.pinterest.com 975now.com
1 www.google.com 975now.com
1 prebid.media.net cdn.production.townsquareblogs.com
1 krk.kargo.com cdn.production.townsquareblogs.com
1 hb.undertone.com cdn.production.townsquareblogs.com
1 hbopenbid.pubmatic.com cdn.production.townsquareblogs.com
1 tlx.3lift.com cdn.production.townsquareblogs.com
1 townsquaremedia-d.openx.net cdn.production.townsquareblogs.com
1 htlb.casalemedia.com cdn.production.townsquareblogs.com
1 apex.go.sonobi.com cdn.production.townsquareblogs.com
1 proc.ad.cpe.dotomi.com secure.cdn.fastclick.net
1 ad.crwdcntrl.net v7player.wostreaming.net
1 tags.crwdcntrl.net v7player.wostreaming.net
1 as-sec.casalemedia.com js-sec.indexww.com
1 api.rlcdn.com js-sec.indexww.com
1 platform.instagram.com 1 redirects
1 www.googletagservices.com 975now.com
1 doi3unldljdx6.cloudfront.net. 975now.com
1 fonts.googleapis.com 975now.com
0 nodeny.targetspot.com Failed 975now.com
320 161
Subject Issuer Validity Valid
www4.townsquaremedia.com
DigiCert TLS RSA SHA256 2020 CA1
2022-08-30 -
2023-09-30
a year crt.sh
www6.townsquaremedia.com
DigiCert TLS RSA SHA256 2020 CA1
2022-09-26 -
2023-10-27
a year crt.sh
upload.video.google.com
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
*.cloudfront.net
Amazon
2022-02-01 -
2023-01-31
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-10-06 -
2023-10-05
a year crt.sh
www8.townsquaremedia.com
DigiCert TLS RSA SHA256 2020 CA1
2022-12-02 -
2023-10-30
a year crt.sh
*.apis.google.com
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
*.pinterest.com
DigiCert TLS RSA SHA256 2020 CA1
2022-08-01 -
2023-08-08
a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1
2022-12-02 -
2023-12-02
a year crt.sh
c.amazon-adsystem.com
Amazon
2022-05-09 -
2023-04-18
a year crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1
2022-10-06 -
2023-11-06
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2022-10-01 -
2022-12-30
3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1
2022-12-08 -
2023-12-31
a year crt.sh
*.gstatic.com
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
*.wostreaming.net
Amazon
2022-11-09 -
2023-12-09
a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2022-02-03 -
2023-02-25
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2022-03-31 -
2023-05-02
a year crt.sh
i.clean.gg
GTS CA 1D4
2022-12-01 -
2023-03-01
3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2
2022-05-01 -
2023-06-02
a year crt.sh
*.scorecardresearch.com
Amazon
2022-01-29 -
2023-02-27
a year crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018
2022-05-31 -
2023-07-02
a year crt.sh
syndication.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-03-07 -
2023-03-06
a year crt.sh
cdn.conversant.mgr.consensu.org
R3
2022-12-19 -
2023-03-19
3 months crt.sh
www.google.de
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
gumgum.com
Amazon
2022-09-06 -
2023-10-05
a year crt.sh
*.consumableaudio.com
R3
2022-10-03 -
2023-01-01
3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2022-03-08 -
2023-04-04
a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2
2021-12-08 -
2023-01-09
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2022-02-11 -
2023-03-14
a year crt.sh
teads.tv
R3
2022-10-27 -
2023-01-25
3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018
2022-07-21 -
2023-08-21
a year crt.sh
*.3lift.com
Amazon
2022-05-13 -
2023-06-11
a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1
2022-06-13 -
2023-07-14
a year crt.sh
*.undertone.com
Amazon
2022-09-03 -
2023-10-01
a year crt.sh
*.dev.kargo.com
Amazon
2022-03-01 -
2023-03-29
a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA
2022-04-06 -
2023-05-04
a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-01-10 -
2023-01-03
a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon
2022-06-15 -
2023-06-15
a year crt.sh
*.conversant.mgr.consensu.org
GlobalSign RSA OV SSL CA 2018
2022-05-12 -
2023-06-13
a year crt.sh
*.google.com
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
www.google.com
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
*.google.de
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
solutionshindsight.net
Amazon
2022-12-21 -
2024-01-19
a year crt.sh
accounts.google.com
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
*.s3.amazonaws.com
Amazon
2022-09-21 -
2023-08-26
a year crt.sh
*.atemda.com
Go Daddy Secure Certificate Authority - G2
2022-01-10 -
2023-02-11
a year crt.sh
s3.amazonaws.com
Amazon
2022-04-01 -
2023-03-30
a year crt.sh
api.btloader.com
GTS CA 1D4
2022-12-18 -
2023-03-18
3 months crt.sh
*.jwplayer.com
GlobalSign Atlas R3 DV TLS CA 2022 Q4
2022-11-26 -
2023-12-28
a year crt.sh
*.clarity.amperwave.net
Amazon
2022-06-22 -
2023-07-21
a year crt.sh
sync.serverbid.com
Amazon
2022-04-04 -
2023-05-03
a year crt.sh
*.id5-sync.com
R3
2022-11-09 -
2023-02-07
3 months crt.sh
*.adswizz.com
Amazon
2022-07-22 -
2023-08-20
a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2
2022-06-27 -
2023-06-05
a year crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1
2021-12-15 -
2023-01-15
a year crt.sh
s.amazon-adsystem.com
Amazon
2022-05-09 -
2023-04-21
a year crt.sh
d.adroll.com
Amazon RSA 2048 M01
2022-11-08 -
2023-12-07
a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-10-31 -
2023-01-26
3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon
2022-07-20 -
2023-07-19
a year crt.sh
*.iprom.net
R3
2022-12-05 -
2023-03-05
3 months crt.sh
truffle.bid
R3
2022-12-21 -
2023-03-21
3 months crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA
2022-03-01 -
2023-03-28
a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1
2022-11-07 -
2023-12-08
a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2022-11-08 -
2023-05-03
6 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018
2022-08-09 -
2023-09-10
a year crt.sh
*.deliveryengine.adswizz.com
Amazon
2022-02-14 -
2023-03-15
a year crt.sh
*.ctnsnet.com
DigiCert SHA2 Secure Server CA
2022-09-27 -
2023-03-08
5 months crt.sh

This page contains 47 frames:

Primary Page: https://975now.com/listen-live/
Frame ID: D8B0FC737D79BD3F39CD9D322FAB02DC
Requests: 150 HTTP requests in this frame

Frame: https://cdn.production.townsquareblogs.com/aleph/
Frame ID: B552B49DE66D506835F1166114DD6130
Requests: 3 HTTP requests in this frame

Frame: https://v7player.wostreaming.net/5160?playerUrl=https%3A%2F%2F975now.com%2Flisten-live%2F
Frame ID: 2C48BD27F73D2F12C942ED35A2878507
Requests: 43 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2F975now.com
Frame ID: D7EEFF42A22D5191F8287D39AD2CB659
Requests: 2 HTTP requests in this frame

Frame: https://www.youtube.com/subscribe_embed?usegapi=1&channel=975NowFM&count=hidden&layout=default&theme=default&origin=https%3A%2F%2F975now.com&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.ylZHJEOsguo.O%2Fd%3D1%2Frs%3DAHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA%2Fm%3D__features__
Frame ID: ABD66B7F37E9754D34D1F2C03EC483D7
Requests: 5 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/follow_button.644279d1635fd969e87af94a98bd232b.en.html
Frame ID: 3790F7DE4126DE86C209EEEEDF5D38C1
Requests: 2 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2F975now.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.ylZHJEOsguo.O%2Fd%3D1%2Frs%3DAHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA%2Fm%3D__features__
Frame ID: D7F558AC5873EBCF9D069EC897DE7FEC
Requests: 5 HTTP requests in this frame

Frame: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCb4btd4E7sUlYDYzOfhB8uw&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.ylZHJEOsguo.O%2Fd%3D1%2Frs%3DAHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA%2Fm%3D__features__
Frame ID: F9EFDDB8EDD9EE926C39F799AD32756D
Requests: 4 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=21134&endpoint=us-west
Frame ID: 70A4D22083C307B7B8992B36A3AF8A03
Requests: 11 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Frame ID: 3208C1440767BBA1F33FCE48CA13E25C
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/v2.8/plugins/like.php?action=like&app_id=1302639166803547&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df5ccb1f3735c7c%26domain%3D975now.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252F975now.com%252Ff31531fd1130594%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2F975now&layout=button&locale=en_US&sdk=joey&share=false&show_faces=false&width=47px
Frame ID: 50A9DDE0C9862151E77D38E59A35CC64
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: D3BF9DB6A9B9E2BC51738AC878E3AE03
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1671770904293
Frame ID: 13D57EDEB20B4074D961EF8C68DD7702
Requests: 1 HTTP requests in this frame

Frame: https://sync.serverbid.com/ss/2000775.html
Frame ID: 797E17CED9FE1AC2EAE104303828C5A6
Requests: 12 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 56BAE8DE2B14A7D12661AEFABD5CF067
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUMP71D3&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 5E204FED741DCEB51886EF5E648AABAE
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: E06580B35D3DD38480867ED8EF38FC25
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 23999296F23688D2C405A5D24EED1CF9
Requests: 2 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html
Frame ID: 655D87854858EA04840AFC50CE0CB177
Requests: 9 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156725
Frame ID: 4CF68E1063A5F23E81C1BAC9C879C4EC
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPkcVsAPkcVsAAXADAENCwCgAAAAAH_AAAAAAAASZAJMNW4gC7MscGbQMIoEQIwrCQigUAEFAMLRAQAODgp2VgE-sIEACAUARgRAhwBRgQCAAASAJCIAJAiwQAAAiAQAAgAQCIQAMDAILACwMAgABANAxRCgAECQAyICIpTAgKgSCAlsqEEoLpDTCAKssAKARGwUACIJARWAAICwcAwRICViwQJMUb5ACMEKAUSoVqKT0wAA.YAAAAAAAAAAA&d=https%3A%2F%2F975now.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: F6E357A0D77A4E037D69D27E297E66BD
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Frame ID: AF248D2E3DB84EC53D7F37D2CEB4F2EF
Requests: 20 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Frame ID: EC2FD5DCC9EA2BE434452678D3F49659
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=12776
Frame ID: 886FA60028BFF3263FB5DAD9305F5498
Requests: 3 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:a98c63a5-331c-4100-bf49-b5dc057edfcd&gdpr=0&gdpr_consent=
Frame ID: C8C0A9839F5B8C0654FFEBAEA4395693
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: 14F2665A3FB291E2F45A9BA20B614A2C
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: E016CDA3E36569987297FC8C6EFF72E1
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=B1CF200B-ED1B-43F1-88E4-400A78A5198B&redir=true&gdpr=0&gdpr_consent=
Frame ID: C97F0B0CE998D54EA91A070F56F186BE
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6203174611632902727&gdpr=0&gdpr_consent=
Frame ID: 6F45D98C0522836E03A3A7FE1A8A7F10
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Yjsb2Gc7S455Ok7ZZTlX3DAxTtV5PkuONWyAMaxQ
Frame ID: 890F7A35CA3D98E5A08F1EDAAB836442
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7180201376267630734&gdpr=0&gdpr_consent=
Frame ID: 2E701A383553A9EA22173A6A8F0C63F0
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAAhJE7HSmYAACEnh2QMQw&gdpr=0&gdpr_consent=
Frame ID: AFBD43BE932A5241DDA0306CE7CB776F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=lhmMcRkQR-RKkozNy2gKQrnVm6k
Frame ID: 2F5914B7A0F2CB6CEAB976186E75C5F0
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y6UzHAAAASeKDAAZ&gdpr=0&gdpr_consent=&_test=Y6UzHAAAASeKDAAZ
Frame ID: 4EFB824A8A79030D6B552A6A28F06A44
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 56EF23F949B3FD0336C633420134C0B5
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 23E2B974BEDC3E1A931F3F3B6D4CFE9B
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 72965D06146DDF80D234253068628EB6
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5447924082
Frame ID: 64AC560932D035AB3A7DD60376E57647
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: C4F4FD36AF0FFDE5BC46D6679B064BC8
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 5114E21374BE70F89E2872727DA973D0
Requests: 1 HTTP requests in this frame

Frame: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=88dd61375ef2f20e/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253D0E2y59DCSSQQUbYTVnMXMXan
Frame ID: 3FEBFACFF0BB4F64290DBDF28C7CD62F
Requests: 1 HTTP requests in this frame

Frame: https://x.serverbid.com/usersync?ttt=3&src=2&cspi=0&cn=3&spui=&dpui=B1CF200B-ED1B-43F1-88E4-400A78A5198B
Frame ID: 26921DF35BD474538BDBA69D84AFB3A9
Requests: 1 HTTP requests in this frame

Frame: https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Frame ID: 0DD201B25C11C4BB38E4D27D4A508655
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/v2.8/plugins/like.php?action=like&app_id=1302639166803547&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa9f338096688%26domain%3D975now.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252F975now.com%252Ff31531fd1130594%26relation%3Dparent.parent&container_width=51&href=https%3A%2F%2F975now.com%2Flisten-live%2F&layout=button&locale=en_US&sdk=joey&share=false&show_faces=false&size=large
Frame ID: 1D358049B751BA66EC45AF46E307F6EA
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: C34B6E9F0F0A1C781632987BC4471109
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=15u6ooas9f7h
Frame ID: F9949A45369609EAB2FEF4DA790FFDCC
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:BFD270F183914856BF1E48A4E7BBAB43&gdpr=0&gdpr_consent=
Frame ID: 152CE73DCBE171FD219CAD69D4B7375B
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

97.5 NOW FM - Listen Live

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/platform\.js

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • //assets\.pinterest\.com/js/pinit\.js

Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • swfobject.*\.js

Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js

Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

320
Requests

87 %
HTTPS

26 %
IPv6

100
Domains

161
Subdomains

115
IPs

13
Countries

5850 kB
Transfer

13431 kB
Size

122
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • https://platform.instagram.com/en_US/embeds.js HTTP 301
  • https://www.instagram.com/embed.js HTTP 302
  • https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js
Request Chain 163
  • https://action.dstillery.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=WJIMFM&ncv=24 HTTP 302
  • https://action.media6degrees.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=WJIMFM&ncv=24
Request Chain 164
  • https://action.dstillery.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=all_tsm_sv&ncv=24 HTTP 302
  • https://action.media6degrees.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=all_tsm_sv&ncv=24
Request Chain 185
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=21134&endpoint=us-west HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=21134&endpoint=us-west
Request Chain 186
  • https://bh.contextweb.com/bh/rtset?pid=560724&ev=D1712FD587A1C44E&rurl=https%3a%2f%2fgc-ue2.atemda.com%2fUserMatch.ashx%3fbidderid%3DGKvHaHB3U3GdVtJTjnLX7O%2fXL2cPAo9PraapRuHc4aC6bO6xMePXxGojjGPwO9tk%2bButD4gu%2fl2KI59qtgNXe928ttkbpn1gB%2fAkYb57ADw%3d%26bidderuid%3d%25%25VGUID%25%25 HTTP 302
  • https://gc-ue2.atemda.com/UserMatch.ashx?bidderid=GKvHaHB3U3GdVtJTjnLX7O/XL2cPAo9PraapRuHc4aC6bO6xMePXxGojjGPwO9tk+ButD4gu/l2KI59qtgNXe928ttkbpn1gB/AkYb57ADw=&bidderuid=JiEompyhTi82&ev=D1712FD587A1C44E&pid=560724
Request Chain 188
  • https://synchroscript.deliveryengine.adswizz.com/getUID?curl=https%3A%2F%2Fgc-ue2.atemda.com%2FUserMatch.ashx%3Fbidderid%3Dju4ARgHPtl3bzDas22HNE17NiSiHS3sF%2bopX%2bLYapExEzccJh9qojQbbqFU8A2LoDXCAvcNRiNsTMdrtm5zKM0mKre%2bKYAf3ldelPKFUIrI%3d%26bidderuid%3D%24%7BUID%7D HTTP 302
  • https://gc-ue2.atemda.com/UserMatch.ashx?bidderid=ju4ARgHPtl3bzDas22HNE17NiSiHS3sF+opX+LYapExEzccJh9qojQbbqFU8A2LoDXCAvcNRiNsTMdrtm5zKM0mKre+KYAf3ldelPKFUIrI=&bidderuid=9c45c8a1f701a44bf3bd2839e3097740
Request Chain 189
  • https://fksnk.com/cs/wo HTTP 302
  • https://atemda.com/UserMatch.ashx?bidderid=118&bidderuid=E5921868736836A7
Request Chain 199
  • https://live.wostreaming.net/manifest/townsquare-wjimfmaac-hlsc3.m3u8?source=v7player&user-id=bf128b3c712d26dfa59c68bdb4a706cb&us_privacy=1--- HTTP 302
  • https://prod-54-87-129-189.wostreaming.net/townsquare-wjimfmaac-hlsc3.m3u8?source=v7player&user-id=bf128b3c712d26dfa59c68bdb4a706cb&us_privacy=1---
Request Chain 200
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MmE5MDBiNmU4ZGZkYzdiYmE1OTg3YzExNjMzZTFhMjRiYWM1MDhiYQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MmE5MDBiNmU4ZGZkYzdiYmE1OTg3YzExNjMzZTFhMjRiYWM1MDhiYQ&google_tc=
Request Chain 201
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Yh1YRGm-SeuvDPHGiTBdbA&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Yh1YRGm-SeuvDPHGiTBdbA
Request Chain 202
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LC018DDZ-K-CVD7
Request Chain 203
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEMwMThERFotSy1DVkQ3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEMwMThERFotSy1DVkQ3&google_tc=
Request Chain 204
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=74F9DGeiStKwp25K8Zltrg&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=74F9DGeiStKwp25K8Zltrg
Request Chain 205
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm=&google_sc=&google_tc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOkPT1k5kbkkrGulgNT7-2o&google_cver=1
Request Chain 207
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/sqLogridPwFGvSNMOeNH5w?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-ZlqLeXNE2oKM38FaCfc5MTJdFlenUMEWoe8JqA--~A
Request Chain 228
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D&s=185073&C=1 HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Y6UzG4UZ4Ac70Z2UgRvQtAAA%265131
Request Chain 230
  • https://sync.smartadserver.com/getuid?&nwid=4295&url=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5527%26spui%3D%26dpui%3D%5Bsas_uid%5D HTTP 302
  • https://sync.smartadserver.com/getuid?&nwid=4295&url=https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5527&spui=&dpui=[sas_uid]&cklb=1
Request Chain 231
  • https://ups.analytics.yahoo.com/ups/58671/occ HTTP 302
  • https://e.serverbid.com/usersync?cn=732&ttt=1&dpui=y-cXce.nFE2uHKh1HbmbMM2DLiBw7USmalsNskZq8-~A
Request Chain 232
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fx.serverbid.com%252Fusersync%253Fttt%253D1%2526src%253D2%2526cspi%253D0%2526cn%253D5551%2526spui%253D%2526dpui%253D%2524UID HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=6203174611632902727
Request Chain 236
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776 HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=12776
Request Chain 237
  • https://ib.adnxs.com/getuidnb?https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=$UID HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=6203174611632902727
Request Chain 239
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 301
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-H_4KDTdE2uHTrVLyFbzWTlEIjOLAe7zu~A
Request Chain 242
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID&rdf=1 HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3DB1CF200B-ED1B-43F1-88E4-400A78A5198B HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=B1CF200B-ED1B-43F1-88E4-400A78A5198B
Request Chain 244
  • https://ups.analytics.yahoo.com/ups/58545/occ HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-cXce.nFE2uHKh1HbmbMM2DLiBw7USmalsNskZq8-~A
Request Chain 247
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y6UzG4UZ4Ac70Z2UgRvQtAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJZUqoFGFPNui3hisd0Z20Y&google_cver=1
Request Chain 249
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y6UzG4UZ4Ac70Z2UgRvQtAAAFAsAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEDXfZtTrB9pD3jvVRPhQQlc&google_cver=1
Request Chain 251
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Request Chain 254
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=1effc93b-f0e2-2867-bbc7b742
Request Chain 256
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:a98c63a5-331c-4100-bf49-b5dc057edfcd&gdpr=0&gdpr_consent=
Request Chain 257
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2193928732539263481 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 260
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6203174611632902727&gdpr=0&gdpr_consent=
Request Chain 261
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Yjsb2Gc7S455Ok7ZZTlX3DAxTtV5PkuONWyAMaxQ
Request Chain 262
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7180201376267630734&gdpr=0&gdpr_consent=
Request Chain 263
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFBaEpFN0hTbVlBQUNFbmgyUU1Rdw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAAhJE7HSmYAACEnh2QMQw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAAhJE7HSmYAACEnh2QMQw&pid=558502&do=add&gdpr=0 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAAhJE7HSmYAACEnh2QMQw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=8772423444955627747&gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAAhJE7HSmYAACEnh2QMQw&gdpr=0&gdpr_consent=
Request Chain 264
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=lhmMcRkQR-RKkozNy2gKQrnVm6k
Request Chain 265
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=Y6UzHAAAASeKDAAZ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y6UzHAAAASeKDAAZ&gdpr=0&gdpr_consent=&_test=Y6UzHAAAASeKDAAZ
Request Chain 266
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 267
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 269
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1671770908180 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5447924082
Request Chain 272
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=88dd61375ef2f20e/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253D0E2y59DCSSQQUbYTVnMXMXan
Request Chain 274
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=sc8gC-0bQ_GI5EAKeKUZiw%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 277
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=4171290877 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=B1CF200B-ED1B-43F1-88E4-400A78A5198B
Request Chain 278
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QjFDRjIwMEItRUQxQi00M0YxLTg4RTQtNDAwQTc4QTUxOThC&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 279
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEE2zj_X1g8pqt56VBJDdTLc&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 282
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6600052789309305912
Request Chain 284
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=B1CF200B-ED1B-43F1-88E4-400A78A5198B&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-9nPJrpVE2uXZcEoZWGLugeSBXII2Px0-~A&gdpr=0&gdpr_consent=
Request Chain 285
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=3431d3f6-c4c7-4e61-bce4-f979f30dd97d&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=4d6fa5dd-2658-47bb-9006-f5e1292a7e0a&expires=1&user_group=5&ssp=pubmatic&bsw_param=3431d3f6-c4c7-4e61-bce4-f979f30dd97d HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=3431d3f6-c4c7-4e61-bce4-f979f30dd97d&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 288
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:7112111c-8322-4166-ae13-f9e32a150ddd&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3DB1CF200B-ED1B-43F1-88E4-400A78A5198B HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=B1CF200B-ED1B-43F1-88E4-400A78A5198B
Request Chain 289
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3962522359522143904&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 290
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6203174611632902727 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 291
  • https://synchroscript.deliveryengine.adswizz.com/getUID?curl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D175765%26dpuuid%3D%24%7BUID%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=175765&dpuuid=9c45c8a1f701a44bf3bd2839e3097740 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=175765&dpuuid=9c45c8a1f701a44bf3bd2839e3097740
Request Chain 315
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=15u6ooas9f7h
Request Chain 316
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:BFD270F183914856BF1E48A4E7BBAB43&gdpr=0&gdpr_consent=
Request Chain 317
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=B1CF200B-ED1B-43F1-88E4-400A78A5198B HTTP 302
  • https://a.audrte.com/p
Request Chain 318
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=B1CF200B-ED1B-43F1-88E4-400A78A5198B&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=B1CF200B-ED1B-43F1-88E4-400A78A5198B&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 319
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=B1CF200B-ED1B-43F1-88E4-400A78A5198B&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=B1CF200B-ED1B-43F1-88E4-400A78A5198B&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=B1CF200B-ED1B-43F1-88E4-400A78A5198B&addseg=19,36,42
Request Chain 320
  • https://pixel.onaudience.com/?partner=214&mapped=B1CF200B-ED1B-43F1-88E4-400A78A5198B&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0

320 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
975now.com/listen-live/
86 KB
21 KB
Document
General
Full URL
https://975now.com/listen-live/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.160 Saint Joseph, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx / Express
Resource Hash
a4da91ed0e411547d3e8c29dbc4d65353ef1b4ab99f7bd06a97fa975c638942a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
cache-control
no-cache
content-encoding
gzip
content-length
21031
content-type
text/html; charset=utf-8
date
Fri, 23 Dec 2022 04:48:22 GMT
etag
W/"15969-fajniHDhHQW0KAC/kfdiGw"
expires
Fri, 23 Dec 2022 04:48:21 GMT
gdpr-source
DE
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-abgroup
A
x-cache
MISS
x-device
desktop
x-frame-options
SAMEORIGIN
x-powered-by
Express
x-ua-device
desktop
x-varnish
1785032466
base.css
975now.com/styles/desktop/
534 KB
115 KB
Stylesheet
General
Full URL
https://975now.com/styles/desktop/base.css?ver=3951287eb84186bb92ac5f7368158bb5c70e6d13&mver=51&gver=3
Requested by
Host: 975now.com
URL: https://975now.com/listen-live/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.160 Saint Joseph, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67F3) / Express
Resource Hash
876b97c7f2cfcc175e1e7956a70abc529877cf8b702f6a1c20254421a89bccaa
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/listen-live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-abgroup
A
date
Fri, 23 Dec 2022 04:48:22 GMT
content-encoding
gzip
via
1.1 varnish
age
29208
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
117569
last-modified
Thu, 22 Dec 2022 20:41:35 GMT
server
ECS (frb/67F3)
etag
W/"856ab-yNu3jXGBeNWEShT+pmvSKw"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
x-varnish
2292081511
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
expires
Fri, 23 Dec 2022 04:48:21 GMT
main.bundle.3951287eb84186bb92ac5f7368158bb5c70e6d13.js
townsquare.media/public/dist/desktop/
913 KB
237 KB
Script
General
Full URL
https://townsquare.media/public/dist/desktop/main.bundle.3951287eb84186bb92ac5f7368158bb5c70e6d13.js?mver=51&gver=3
Requested by
Host: 975now.com
URL: https://975now.com/listen-live/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.144.129 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (sgb/C6FD) / Express
Resource Hash
5344a56838387f8c7eb07e175b2915d9d6abdc1ddf8b6ea8e53b24c3ad5df10b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-abgroup
B
date
Fri, 23 Dec 2022 04:48:23 GMT
content-encoding
gzip
via
1.1 varnish
age
30926
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
241757
last-modified
Tue, 20 Dec 2022 20:09:58 GMT
server
ECS (sgb/C6FD)
etag
W/"e4257-18531283a5f"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
2292242789 2291711259
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
expires
Fri, 23 Dec 2022 04:48:22 GMT
css
fonts.googleapis.com/
22 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,400italic,500,500italic,700,300italic,300%7CRoboto+Condensed:300,400,700&display=swap
Requested by
Host: 975now.com
URL: https://975now.com/listen-live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0d05aa7fda69e5a6629806fe1b77d18eb6ce5a777eed211f77b51b728f62b4a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 23 Dec 2022 04:48:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 23 Dec 2022 03:09:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 23 Dec 2022 04:48:22 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: 975now.com
URL: https://975now.com/listen-live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 23 Dec 2022 03:24:37 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
5026
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Fri, 23 Dec 2022 05:24:37 GMT
autotrack.carbon.js
townsquare.media/public/resources/js/
4 KB
2 KB
Script
General
Full URL
https://townsquare.media/public/resources/js/autotrack.carbon.js
Requested by
Host: 975now.com
URL: https://975now.com/listen-live/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.144.129 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (sgb/C725) / Express
Resource Hash
17c048bfb0138677a5774ee0301b7858b6d3fa8620fcaf62b6b81a0b5a37996a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-abgroup
A
date
Fri, 23 Dec 2022 04:48:23 GMT
content-encoding
gzip
via
1.1 varnish
age
44901
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
2031
last-modified
Thu, 03 Oct 2019 21:10:27 GMT
server
ECS (sgb/C725)
etag
W/"119a-16d9375b3f4"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
2291771888 2288787648
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
expires
Fri, 23 Dec 2022 04:48:22 GMT
script.js
doi3unldljdx6.cloudfront.net./
122 KB
43 KB
Script
General
Full URL
https://doi3unldljdx6.cloudfront.net./script.js
Requested by
Host: 975now.com
URL: https://975now.com/listen-live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:7c00:7:7419:8e80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2cb05c308e43ce50d204752327f4e4079ff7153e219b0e6e2b66985b2e4e0e92

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
GdlHH7gj8OXFNmoS0E6ZkxYlPGg94ml0
content-encoding
gzip
via
1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront)
date
Fri, 23 Dec 2022 04:44:26 GMT
last-modified
Thu, 22 Dec 2022 15:52:28 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
238
etag
W/"2c568d898b8d8dc285be3444122bf67d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=600,public,must-revalidate
x-amz-cf-id
iu-UzRAU7HN5dRl0zBsue6DUuMOFlMlv4-dKI-zvrarw1V9TLooX0Q==
gpt.js
www.googletagservices.com/tag/js/
80 KB
27 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: 975now.com
URL: https://975now.com/listen-live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f0648dd60b72161450eb93d6fa81bb6ec46bb9dffb2d2d0c6f3b5d4ac1e01dda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 04:48:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27542
x-xss-protection
0
server
sffe
etag
"1429 / 857 of 1000 / last-modified: 1670587517"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 23 Dec 2022 04:48:23 GMT
186854-113710634486999.js
js-sec.indexww.com/ht/p/
37 KB
13 KB
Script
General
Full URL
https://js-sec.indexww.com/ht/p/186854-113710634486999.js
Requested by
Host: 975now.com
URL: https://975now.com/listen-live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1f87b6ebedfe2a978cb946c520baf745f8e3a4b47c690f9c7b353a84f7b53ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 04:48:23 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 23 Dec 2022 04:26:53 GMT
server
cloudflare
age
1164
etag
W/"da4961-930b-5f07731f7864a"
vary
Accept-Encoding
content-type
text/javascript
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
cf-ray
77de76f06a7e9b9a-FRA
expires
Fri, 23 Dec 2022 08:48:23 GMT
pb.js
cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/
345 KB
102 KB
Script
General
Full URL
https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=975now.com&v=3951287eb84186bb92ac5f7368158bb5c70e6d13&mver=51&gver=3
Requested by
Host: 975now.com
URL: https://975now.com/listen-live/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.218 Saint Joseph, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/668B) / Express
Resource Hash
782cbc0b991e0fc6e42562851a7a83b4207a9fd8fd9b830050d8f793d781fb85
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-abgroup
A
date
Fri, 23 Dec 2022 04:48:22 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
83082
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop, desktop
x-device
carbon, carbon
content-length
103636
last-modified
Thu, 22 Dec 2022 05:43:40 GMT
server
ECS (frb/668B)
etag
W/"56465-ebVNrXkCe6tHDApmFInmbQ"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-varnish
2282197985, 2282197977
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
expires
Fri, 23 Dec 2022 04:48:21 GMT
platform.js
apis.google.com/js/
54 KB
21 KB
Script
General
Full URL
https://apis.google.com/js/platform.js
Requested by
Host: 975now.com
URL: https://975now.com/listen-live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aea719c98c9b1a0ed5150b00837be7ef3feb2598dbc23b4ca08b223dd6112fa6
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 23 Dec 2022 04:48:23 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20933
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"ec76424fc4148a81"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 23 Dec 2022 04:48:23 GMT
ab12745d93c5.js
www.instagram.com/static/bundles/es6/EmbedSDK.js/
Redirect Chain
  • https://platform.instagram.com/en_US/embeds.js
  • https://www.instagram.com/embed.js
  • https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js
15 KB
5 KB
Script
General
Full URL
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js
Requested by
Host: 975now.com
URL: https://975now.com/listen-live/
Protocol
H2
Server
2a03:2880:f207:e5:face:b00c:0:4420 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2a04fa46b4ebc4bb2c93126695f45b0acf711870e1f169bb95247592c28c24a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:54:25 GMT
content-encoding
br
x-fb-trip-id
1679558926
etag
"ab12745d93c5"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
edge-control
max-age=1209600, no-transform
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
content-length
4843

Redirect headers

date
Fri, 23 Dec 2022 04:48:23 GMT
x-fb-trip-id
1679558926
x-ig-origin-region
cln
content-type
text/html; charset=utf-8
location
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js
cache-control
max-age=21600
alt-svc
h3=":443"; ma=86400
content-length
0
pinit.js
assets.pinterest.com/js/
361 B
448 B
Script
General
Full URL
https://assets.pinterest.com/js/pinit.js
Requested by
Host: 975now.com
URL: https://975now.com/listen-live/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:294::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

akamai-x-true-ttl
300
content-encoding
br
x-cdn
akamai
etag
"62d32c28f14783b94192cd8d35bc010d"
vary
Accept-Encoding, Origin
access-control-max-age
86400
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-expose-headers
X-CDN
cache-control
max-age=300
accept-ranges
bytes
content-length
203
975.png
townsquare.media/site/692/files/2018/08/
14 KB
14 KB
Image
General
Full URL
https://townsquare.media/site/692/files/2018/08/975.png
Requested by
Host: 975now.com
URL: https://975now.com/listen-live/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.144.129 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (sgb/C7BA) / Express
Resource Hash
2feac74532150192c7e613da8fcaae0dc4c69f9227aa9f823bb994dccf0bec48
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-abgroup
A
date
Fri, 23 Dec 2022 04:48:23 GMT
via
1.1 varnish
age
25497216
x-powered-by
Express
x-cache
HIT
x-carbon-image
compressed-gm
x-ua-device
desktop
x-device
desktop
content-length
13982
last-modified
Fri, 13 Sep 2019 17:53:04 GMT
server
ECS (sgb/C7BA)
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
x-varnish
1831930809
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
expires
Fri, 23 Dec 2022 04:48:22 GMT
cogitoergosum
975now.com/rest/high/api/
128 B
494 B
XHR
General
Full URL
https://975now.com/rest/high/api/cogitoergosum
Requested by
Host: 975now.com
URL: https://975now.com/listen-live/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.160 Saint Joseph, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx / Express
Resource Hash
989d966478017241f13944dd7b6a1ff77171ff643ce2eb45af3f54de5685c3b6
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://975now.com/listen-live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-type
application/json

Response headers

date
Fri, 23 Dec 2022 04:48:22 GMT
server
nginx
etag
W/"80-xx4ftvq8NDg6P6BMVuY/xYTtIJs"
x-powered-by
Express
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
x-ua-device
desktop
cache-control
no-cache
gdpr-source
DE
x-device
desktop
content-length
128
expires
Fri, 23 Dec 2022 04:48:21 GMT
gtm.js
www.googletagmanager.com/
197 KB
69 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K346HJZ
Requested by
Host: 975now.com
URL: https://975now.com/listen-live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
71a6b096b5ffdcd5d84ab086ddb84997e7e98e71b24291dd25681d6c9d870701
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 04:48:23 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
70272
x-xss-protection
0
last-modified
Fri, 23 Dec 2022 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 23 Dec 2022 04:48:23 GMT
cmp.bundle.js
townsquare.media/public/resources/js/
185 KB
46 KB
Script
General
Full URL
https://townsquare.media/public/resources/js/cmp.bundle.js
Requested by
Host: 975now.com
URL: https://975now.com/listen-live/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.144.129 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (sgb/C68C) / Express
Resource Hash
9fe8e056e719eda00a080764b82240552e04ca6b449c5cb5ef36d5554e3bce9f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-abgroup
B
date
Fri, 23 Dec 2022 04:48:23 GMT
content-encoding
gzip
via
1.1 varnish
age
37289
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
46582
last-modified
Mon, 26 Oct 2020 18:28:53 GMT
server
ECS (sgb/C68C)
etag
W/"2e534-175662b957a"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
1777901527
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
expires
Fri, 23 Dec 2022 04:48:22 GMT
launcher-stub.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/
14 KB
5 KB
Script
General
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by
Host: 975now.com
URL: https://975now.com/listen-live/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.87.141.138 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-87-141-138.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 04:48:23 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
server
Apache
etag
"38c0-5e92054540ea5-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
5252
expires
Fri, 23 Dec 2022 05:03:23 GMT
apstag.js
c.amazon-adsystem.com/aax2/
178 KB
45 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: 975now.com
URL: https://975now.com/listen-live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-28-197.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1a718e27fd0df6d791b9038ae5640afdd677afa35b5e080ce20118a9e11553c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 04:44:55 GMT
content-encoding
gzip
via
1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront), 1.1 22b9ddafebf39d72780d68dad970d218.cloudfront.net (CloudFront)
last-modified
Thu, 22 Dec 2022 18:13:55 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-C2
age
209
x-amz-server-side-encryption
AES256
etag
W/"01691be6486b0003601b7299d35deebf"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
M_pj316dzGMcajr1_-TMT_SRrlTXP_ryUEgz_Mb1H7ozVnvJ49G32A==
widgets.js
platform.twitter.com/
97 KB
29 KB
Script
General
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: 975now.com
URL: https://975now.com/listen-live/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67D5) /
Resource Hash
c02444f391e8655e79ff8d7d4cb69c3426c3bffbf8731a994fa23aed0f641d12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 23 Dec 2022 04:48:23 GMT
Content-Encoding
gzip
Age
907
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
29221
Last-Modified
Wed, 02 Nov 2022 19:43:37 GMT
Server
ECS (frb/67D5)
Etag
"6633f9603c759c40d9b200995454f17c+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=1800
sdk.js
connect.facebook.net/en_US/
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: 975now.com
URL: https://975now.com/listen-live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7df09d7c88b7597e8fe1025839401e454daf81d5e4c3a51ff79ce9e227849fde
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 23 Dec 2022 04:48:23 GMT
content-md5
anQnONpzn/oUlDF0TsE0WA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
x-fb-rlafr
0
x-fb-debug
/BIN+7jzNym3AN4kPdomIo9kGt5/Ysv2CVfbV7tJcrMtjhWZe/1kqbCOnlKdZfcQinT6Hin/WN81YTlBYCDMkg==
x-fb-trip-id
720026100
x-fb-content-md5
defb5588a9e6330dec4da0fe59f7bc64
cross-origin-opener-policy
same-origin-allow-popups
etag
"1ea29dd4a3c520a9c84c451c3919af02"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
priority
u=3,i
expires
Fri, 23 Dec 2022 04:54:04 GMT
loader.js
cdn.taboola.com/libtrc/townsquaremediatsm-network/
100 KB
26 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/townsquaremediatsm-network/loader.js
Requested by
Host: 975now.com
URL: https://975now.com/listen-live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
38bd3f39132c26dfc8ea894c62aee1a5e91e77a5ee078308868a247c931a0c03

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
6u0a_rWRA_ZOdO.pgo4904DtETzbn1kH
content-encoding
gzip
via
1.1 varnish
date
Fri, 23 Dec 2022 04:48:23 GMT
x-amz-request-id
FVTW3Y5F8JZ9WMW3
age
2
x-cache
HIT
content-length
26171
x-amz-id-2
fFN1QmUxOw47k/kvvEtIXyTyyXQweqn8auOkLYzx+xGFhvBD7nIjSuWTH4t19uypLTASvT9ASSg=
x-served-by
cache-hhn-etou8220072-HHN
last-modified
Thu, 22 Dec 2022 17:53:29 GMT
server
AmazonS3
x-timer
S1671770903.320519,VS0,VE1
etag
"2f2f78273dfc209a41572c1998ab6bf7"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
54
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
1
/
cdn.production.townsquareblogs.com/aleph/ Frame B552
2 KB
902 B
Document
General
Full URL
https://cdn.production.townsquareblogs.com/aleph/
Requested by
Host: 975now.com
URL: https://975now.com/listen-live/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.218 Saint Joseph, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/675D) / Express
Resource Hash
e455c9481ab43afb3fe882d539f47ad82eb560651f6c68a99f4dfb8ff4249d88

Request headers

Referer
https://975now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
213
cache-control
no-cache
content-encoding
gzip
content-length
708
content-type
text/html; charset=UTF-8
date
Fri, 23 Dec 2022 04:48:23 GMT
etag
W/"7dd-17eb77f59d2"
expires
Fri, 23 Dec 2022 04:48:22 GMT
gdpr-source
DE
last-modified
Tue, 01 Feb 2022 22:54:43 GMT
server
ECS (frb/675D)
vary
Accept-Encoding
via
1.1 varnish
x-abgroup
A
x-cache
HIT
x-powered-by
Express
x-varnish
1785023387 1785000070
wjimfm1.jpg
townsquare.media/site/692/files/2018/08/
29 KB
29 KB
Image
General
Full URL
https://townsquare.media/site/692/files/2018/08/wjimfm1.jpg
Requested by
Host: 975now.com
URL: https://975now.com/styles/desktop/base.css?ver=3951287eb84186bb92ac5f7368158bb5c70e6d13&mver=51&gver=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.144.129 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (sgb/C6C9) / Express
Resource Hash
4771dd78028f4fc52c31d3411917a7e0aa81151f0707465325ce66e79ea6d26d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-abgroup
A
date
Fri, 23 Dec 2022 04:48:23 GMT
via
1.1 varnish
age
25869600
x-powered-by
Express
x-cache
HIT
x-carbon-image
compressed-gm
x-ua-device
desktop
x-device
desktop
content-length
29658
last-modified
Sat, 12 Oct 2019 21:05:39 GMT
server
ECS (sgb/C6C9)
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
x-varnish
844468753
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
expires
Fri, 23 Dec 2022 04:48:22 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,500,500italic,700,300italic,300%7CRoboto+Condensed:300,400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://975now.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 19:33:00 GMT
x-content-type-options
nosniff
age
119723
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Dec 2023 19:33:00 GMT
ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,500,500italic,700,300italic,300%7CRoboto+Condensed:300,400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://975now.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 03:10:59 GMT
x-content-type-options
nosniff
age
92244
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15660
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:42:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Dec 2023 03:10:59 GMT
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v25/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,500,500italic,700,300italic,300%7CRoboto+Condensed:300,400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://975now.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 22:18:08 GMT
x-content-type-options
nosniff
age
23415
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15700
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:51:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Dec 2023 22:18:08 GMT
truncated
/
50 KB
50 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3400c27c9329fc2805aa324d61c60db41f90c338450da456b31cde72fd83122c

Request headers

Referer
Origin
https://975now.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
font/opentype;charset=utf-8
5160
v7player.wostreaming.net/ Frame 2C48
2 KB
2 KB
Document
General
Full URL
https://v7player.wostreaming.net/5160?playerUrl=https%3A%2F%2F975now.com%2Flisten-live%2F
Requested by
Host: 975now.com
URL: https://975now.com/listen-live/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.197.136.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-197-136-214.compute-1.amazonaws.com
Software
/ Express
Resource Hash
24be12bb2ecb74456ea67838bf072c47cadeace3e157335747596a7f7300ad63

Request headers

Referer
https://975now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=0
Connection
keep-alive
Content-Length
1605
Content-Type
text/html; charset=UTF-8
Date
Fri, 23 Dec 2022 04:48:23 GMT
ETag
W/"645-1818c2c3b70"
Last-Modified
Wed, 22 Jun 2022 16:08:38 GMT
X-Powered-By
Express
cogitoergosum
cdn.production.townsquareblogs.com/rest/high/api/ Frame B552
128 B
454 B
Fetch
General
Full URL
https://cdn.production.townsquareblogs.com/rest/high/api/cogitoergosum
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/aleph/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.218 Saint Joseph, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx / Express
Resource Hash
18ac825a3f9402c89eafd6c75bebd8ea0e988ed04ff12091ef8fc1b44989bb87
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://cdn.production.townsquareblogs.com/aleph/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-type
application/json

Response headers

date
Fri, 23 Dec 2022 04:48:23 GMT
server
nginx
etag
W/"80-MuihsW/o0gbyXcajNeIaTnr5OQw"
x-powered-by
Express
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
x-ua-device
desktop
cache-control
no-cache
gdpr-source
DE
x-device
carbon
content-length
128
expires
Fri, 23 Dec 2022 04:48:22 GMT
cogitoergosum
cdn.production.townsquareblogs.com/rest/high/api/ Frame B552
128 B
424 B
Fetch
General
Full URL
https://cdn.production.townsquareblogs.com/rest/high/api/cogitoergosum
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/aleph/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.218 Saint Joseph, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx / Express
Resource Hash
18ac825a3f9402c89eafd6c75bebd8ea0e988ed04ff12091ef8fc1b44989bb87
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://cdn.production.townsquareblogs.com/aleph/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-type
application/json

Response headers

date
Fri, 23 Dec 2022 04:48:23 GMT
server
nginx
etag
W/"80-MuihsW/o0gbyXcajNeIaTnr5OQw"
x-powered-by
Express
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
x-ua-device
desktop
cache-control
no-cache
gdpr-source
DE
x-device
carbon
content-length
128
expires
Fri, 23 Dec 2022 04:48:22 GMT
identity
api.rlcdn.com/api/
44 B
356 B
XHR
General
Full URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186854-113710634486999.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://975now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 23 Dec 2022 04:48:23 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://975now.com
access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
44
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
rid
match.adsrvr.org/track/
63 B
386 B
XHR
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=186854
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186854-113710634486999.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
daddc4cac9219428b7b5e9c9fcd71dcb2000a836abd3ed406fdb4393b4f04b35

Request headers

Referer
https://975now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 23 Dec 2022 04:48:23 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://975now.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Sun, 22 Jan 2023 04:48:23 GMT
1a
i.clean.gg/
0
15 B
XHR
General
Full URL
https://i.clean.gg/1a
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://975now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 23 Dec 2022 04:48:23 GMT
via
1.1 google
server
nginx/1.21.6
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
1a
i.clean.gg/ Frame
0
0
Preflight
General
Full URL
https://i.clean.gg/1a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://975now.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=utf-8
date
Fri, 23 Dec 2022 04:48:23 GMT
server
nginx/1.21.6
via
1.1 google
headerstats
as-sec.casalemedia.com/
0
495 B
XHR
General
Full URL
https://as-sec.casalemedia.com/headerstats?s=254982&u=https%3A%2F%2F975now.com%2Flisten-live%2F&v=3
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186854-113710634486999.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://975now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 04:48:23 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vVJ0h5m82pBkl9DOsbeIOzZmK1i5oxuE7cR0dRLPitRHo8pPZr6j3UdU07ZtdFSXVarJGeI6ZNljLLzbjt%2Bi1QqMI3ibYAO1HtTlA772mQA1EN4y2LFSjLRphD%2FDDeK%2FbVni9fe9YOk%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://975now.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77de76f29cf168f8-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
launcher.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/
49 KB
17 KB
Script
General
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.87.141.138 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-87-141-138.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 04:48:23 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
server
Apache
etag
"c4b6-5e920545406d3-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17042
expires
Fri, 23 Dec 2022 05:03:23 GMT
pubads_impl_2022120501.js
securepubads.g.doubleclick.net/gpt/
380 KB
129 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:30:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
184652
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131905
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 09:36:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 21 Dec 2023 01:30:51 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
256 B
752 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=975now.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b4514d24d95bede70c69e4a0630150f4c0866364fbdc1c3842ba1fbd8c660d02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 04:48:23 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117
x-xss-protection
0
expires
Fri, 23 Dec 2022 04:48:23 GMT
config
c.amazon-adsystem.com/cdn/prod/
248 B
594 B
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3227&u=https%3A%2F%2F975now.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-28-197.fra56.r.cloudfront.net
Software
Server /
Resource Hash
7beb96ef759b267b4159270a64ca009646a2e9a725882896b3dd431198b92058

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 04:48:23 GMT
via
1.1 22b9ddafebf39d72780d68dad970d218.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://975now.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
248
x-amz-cf-id
PhEWkiadtamC6OWMBIXT3xOycZ3enuGO7Wpczbb43MIIiaCOahLJnA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-28-197.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 01:06:55 GMT
x-amz-version-id
1R3b4YI9dI20q9Y7Gq1DHxVUnq3Fp2gn
content-encoding
gzip
via
1.1 a4af9b42c2ec29f616825af32712c204.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
13289
x-cache
Hit from cloudfront
last-modified
Fri, 23 Dec 2022 01:05:48 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
Y1hY3CHswhHJhVOpML9vom5QWnuiUm6LhM3-XTuLRo5S2eqzKBFLYA==
cc_af.js
tags.crwdcntrl.net/c/6395/ Frame 2C48
0
0
Script
General
Full URL
https://tags.crwdcntrl.net/c/6395/cc_af.js
Requested by
Host: v7player.wostreaming.net
URL: https://v7player.wostreaming.net/5160?playerUrl=https%3A%2F%2F975now.com%2Flisten-live%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.88.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-88-80.muc50.r.cloudfront.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v7player.wostreaming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

var=lotameAudience
ad.crwdcntrl.net/5/c=6394/pe=y/ Frame 2C48
0
0
Script
General
Full URL
https://ad.crwdcntrl.net/5/c=6394/pe=y/var=lotameAudience
Requested by
Host: v7player.wostreaming.net
URL: https://v7player.wostreaming.net/5160?playerUrl=https%3A%2F%2F975now.com%2Flisten-live%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.61.187 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-61-187.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v7player.wostreaming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

v7player-792bf3e9.css
v7player.wostreaming.net/ Frame 2C48
55 KB
56 KB
Stylesheet
General
Full URL
https://v7player.wostreaming.net/v7player-792bf3e9.css
Requested by
Host: v7player.wostreaming.net
URL: https://v7player.wostreaming.net/5160?playerUrl=https%3A%2F%2F975now.com%2Flisten-live%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.197.136.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-197-136-214.compute-1.amazonaws.com
Software
/ Express
Resource Hash
7fa3e27dfae80b747a92d43d213c2936e0249f5ebe1709b7a486ce893d75ec68

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v7player.wostreaming.net/5160?playerUrl=https%3A%2F%2F975now.com%2Flisten-live%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 23 Dec 2022 04:48:23 GMT
Last-Modified
Wed, 22 Jun 2022 16:08:38 GMT
ETag
W/"ddfd-1818c2c3b70"
X-Powered-By
Express
Content-Type
text/css; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
56829
v7player-792bf3e9.js
v7player.wostreaming.net/ Frame 2C48
2 MB
2 MB
Script
General
Full URL
https://v7player.wostreaming.net/v7player-792bf3e9.js
Requested by
Host: v7player.wostreaming.net
URL: https://v7player.wostreaming.net/5160?playerUrl=https%3A%2F%2F975now.com%2Flisten-live%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.197.136.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-197-136-214.compute-1.amazonaws.com
Software
/ Express
Resource Hash
ffff6b55ed28ee7e2dba13de6941cb4bdb984eac380a19ef20583dba2d29795f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v7player.wostreaming.net/5160?playerUrl=https%3A%2F%2F975now.com%2Flisten-live%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 23 Dec 2022 04:48:23 GMT
Last-Modified
Wed, 22 Jun 2022 16:08:38 GMT
ETag
W/"1aaceb-1818c2c3b70"
X-Powered-By
Express
Content-Type
application/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1748203
js
www.googletagmanager.com/gtag/
213 KB
75 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-GGT2X929YG&l=dataLayer&cx=c
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
704ba027c35fc792e85de1f4101a2340a5f4a2ff0262ee3b7093684d1aac262d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 04:48:23 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
77120
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 23 Dec 2022 04:48:23 GMT
sdk.js
connect.facebook.net/en_US/
306 KB
86 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=f685e0df77772973c0c33e8850045bc1
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d1bda1899ff65d6976d36ab217c6df87122fe1e3f1698e1aa7084ef08eb5e36e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://975now.com/
Origin
https://975now.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 23 Dec 2022 04:48:23 GMT
content-md5
hk85FVeCjNgaAnH3Dv7vyA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88474
x-fb-rlafr
0
x-fb-debug
J11ZEGwOZpGWwTpDs3xqqjuyNzSkD8M5dDJiy3IeNzZT0GC/FH+FBx3+mWspgH1gtegcXBxPjUtjvqSlfW9sCg==
x-fb-content-md5
7d2f0972f7054b1ea9ce14104adf56b6
cross-origin-opener-policy
same-origin-allow-popups
etag
"5189687b84e583b4417cd5f5f5f443be"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sat, 23 Dec 2023 02:37:15 GMT
impl.20221222-8-RELEASE.js
cdn.taboola.com/libtrc/
699 KB
145 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/impl.20221222-8-RELEASE.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
a16d627fccd0fadd4f02db9de6a07c4e7ca17abcf832a0cf87b0374cbff64b2c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
50BdW6qMuaL4JaTUWgXawQSLMOyqaSkT
content-encoding
br
via
1.1 varnish
date
Fri, 23 Dec 2022 04:48:23 GMT
x-amz-request-id
EZT0HV58X1F2MDW1
age
6467
x-cache
HIT
content-length
148539
x-amz-id-2
eEajxHqfX6jvB7d+JUvEq8p9Vn6hfPSnvX+22macOIfwYvAgbt8DYTnbA2Wb140/bJlxeY9/rwY=
x-served-by
cache-hhn-etou8220072-HHN
last-modified
Thu, 22 Dec 2022 11:00:36 GMT
server
AmazonS3-br
x-timer
S1671770904.663266,VS0,VE0
etag
"fd353293fc672a35b1079ac75f6fc865"
vary
Accept-Encoding
content-type
application/javascript
abp
65
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
8027
beacon.js
sb.scorecardresearch.com/
4 KB
2 KB
Script
General
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-2.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 07:05:37 GMT
content-encoding
gzip
via
1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
last-modified
Tue, 28 Jun 2022 13:19:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
78167
x-amz-server-side-encryption
AES256
etag
W/"eaf85c1c6758e84acfe134efd70e9373"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
VdzhbRqEHCgXCp-4W_zhtTfS1k4pRFVD9Rnx_bO7m-M-6zYnWAVeWg==
widget_iframe.644279d1635fd969e87af94a98bd232b.html
platform.twitter.com/widgets/ Frame D7EE
320 KB
104 KB
Document
General
Full URL
https://platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2F975now.com
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67BD) /
Resource Hash
8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74

Request headers

Referer
https://975now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
104716
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105445
Content-Type
text/html; charset=utf-8
Date
Fri, 23 Dec 2022 04:48:23 GMT
Etag
"50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified
Wed, 02 Nov 2022 19:36:59 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/67BD)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
launcher
proc.ad.cpe.dotomi.com/cvx/client/direct/
415 B
618 B
XHR
General
Full URL
https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.1.1&lid=336
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
33e35e9cfc120a2f7a56d46bd1abb9e882362d11f5c89fc521b5f204ac423d71

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 04:48:23 GMT
server
nginx
vary
Origin
content-type
application/json
access-control-allow-origin
https://975now.com
cache-control
max-age=1800
access-control-allow-credentials
true
content-length
415
expires
Fri, 23 Dec 2022 05:18:23 GMT
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/
53 KB
17 KB
Script
General
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.87.141.138 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-87-141-138.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0767c070293f17944c5246f47d8c610131ee16556a032dc3b5820bdac5ec725f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 04:48:23 GMT
content-encoding
gzip
last-modified
Thu, 13 Oct 2022 18:14:48 GMT
server
Apache
etag
"d4ed-5eaee7c12df48-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17131
expires
Fri, 23 Dec 2022 05:03:23 GMT
settings
syndication.twitter.com/ Frame D7EE
1 KB
734 B
Fetch
General
Full URL
https://syndication.twitter.com/settings?session_id=5eda12c238d0d946477d2f6f94b86bda50e93fef
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2F975now.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
10fc98318d2b1839f0d1783b5dc616cc96954174df0fd185f49a5a51d6b5e361
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-response-time
112
date
Fri, 23 Dec 2022 04:48:23 GMT
content-encoding
gzip
strict-transport-security
max-age=631138519
last-modified
Fri, 23 Dec 2022 04:48:23 GMT
server
tsa_o
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
x-transaction-id
0bbafb74eb909fb4
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
perf
7626143928
x-connection-hash
8400cb0b2434a02f9e7a2fc0b300bb58c023dc0836914cedd37aae4da22bf51b
content-length
413
pinit_main.js
assets.pinterest.com/js/
66 KB
19 KB
Script
General
Full URL
https://assets.pinterest.com/js/pinit_main.js?0.8243368441449332
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:294::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

akamai-x-true-ttl
300
content-encoding
br
x-cdn
akamai
etag
"3725764cf05d1a0938de73d398772331"
vary
Accept-Encoding, Origin
access-control-max-age
86400
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-expose-headers
X-CDN
cache-control
max-age=300
accept-ranges
bytes
content-length
18679
debug
trc-events.taboola.com/townsquaremediatsm-975now/log/2/
0
90 B
Image
General
Full URL
https://trc-events.taboola.com/townsquaremediatsm-975now/log/2/debug?tim=04%3A48%3A23.781&type=info&msg=https%3A%2F%2F975now.com%2Flisten-live%2F&llvl=2&id=6554&cv=20221222-8-RELEASE&lt=deflated&pct=1
Requested by
Host: 975now.com
URL: https://975now.com/listen-live/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 04:48:23 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
14753
gdpr-cmp-bootstrap.js
cdn.conversant.mgr.consensu.org/gdpr/cmp/3/
307 KB
68 KB
Script
General
Full URL
https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/gdpr-cmp-bootstrap.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.96.149.237 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-149-237.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c5ce585015433e8c2e3488acd77585474b2b452580f49529a8633be8fa053773

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 04:48:24 GMT
content-encoding
gzip
last-modified
Wed, 20 Apr 2022 16:07:33 GMT
server
Apache
etag
"4cd44-5dd1830eaa2ac-gzip"
vary
Accept-Encoding
access-control-max-age
3600
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET,POST,OPTIONS
cache-control
max-age=900
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
69090
collect
region1.analytics.google.com/g/
0
343 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-YK10KSJT9K&gtm=2oebu0&_p=2020690957&_gaz=1&cid=344673256.1671770903&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1671770903&sct=1&seg=0&dl=https%3A%2F%2F975now.com%2Flisten-live%2F&dt=97.5%20NOW%20FM%20-%20Listen%20Live&uid=f2be344e-cba0-5ee9-b424-07feec1de7f4&en=page_view&_fv=1&_ss=1&ep.call_sign=WJIMFM&ep.site_classification=Local&ep.genre=pop&ep.market=Lansing&ep.site_type=Local&ep.tags=&ep.categories=&ep.gtm_version=48&ep.page_type=listen-live&ep.author=&ep.publish_date=&ep.view_type=standard&up.user_agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.124%20Safari%2F537.36&up.aleph_id=f2be344e-cba0-5ee9-b424-07feec1de7f4
Requested by
Host: 975now.com
URL: https://975now.com/listen-live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 04:48:24 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://975now.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/
0
54 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-GGT2X929YG&gtm=2oebu0&_p=2020690957&_gaz=1&cid=344673256.1671770903&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1671770903&sct=1&seg=0&dl=https%3A%2F%2F975now.com%2Flisten-live%2F&dt=97.5%20NOW%20FM%20-%20Listen%20Live&uid=f2be344e-cba0-5ee9-b424-07feec1de7f4&en=page_view&_fv=1&_ss=1&ep.call_sign=WJIMFM&ep.site_classification=Local&ep.genre=pop&ep.market=Lansing&ep.site_type=Local&ep.tags=&ep.categories=&ep.gtm_version=48&ep.page_type=listen-live&ep.author=&ep.publish_date=&ep.view_type=standard&up.user_agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.124%20Safari%2F537.36&up.aleph_id=f2be344e-cba0-5ee9-b424-07feec1de7f4
Requested by
Host: 975now.com
URL: https://975now.com/listen-live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 04:48:24 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://975now.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
343 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-GGT2X929YG&cid=344673256.1671770903&gtm=2oebu0&aip=1&uid=f2be344e-cba0-5ee9-b424-07feec1de7f4
Requested by
Host: 975now.com
URL: https://975now.com/listen-live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 04:48:23 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://975now.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
501 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-GGT2X929YG&cid=344673256.1671770903&gtm=2oebu0&aip=1&uid=f2be344e-cba0-5ee9-b424-07feec1de7f4&z=1736779297
Requested by
Host: 975now.com
URL: https://975now.com/listen-live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 04:48:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cogitoergosum
975now.com/rest/high/api/
128 B
337 B
Fetch
General
Full URL
https://975now.com/rest/high/api/cogitoergosum
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.160 Saint Joseph, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx / Express
Resource Hash
47676f84abdd2c392404db444032b095faa0845a828957dd6f6ebd281e89b4e4
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://975now.com/listen-live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 23 Dec 2022 04:48:24 GMT
server
nginx
etag
W/"80-WAcLKGdDYtbAFT8sti5EwqV6iko"
x-powered-by
Express
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
x-ua-device
desktop
cache-control
no-cache
gdpr-source
DE
x-device
desktop
content-length
128
expires
Fri, 23 Dec 2022 04:48:23 GMT
status
www.facebook.com/x/oauth/
0
0
Fetch
General
Full URL
https://www.facebook.com/x/oauth/status?client_id=1302639166803547&input_token&origin=1&redirect_uri=https%3A%2F%2F975now.com%2Flisten-live%2F&sdk=joey&wants_cookie_data=false
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
date
Fri, 23 Dec 2022 04:48:24 GMT
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
alt-svc
h3=":443"; ma=86400
content-length
0
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
kR5p+0IOSRL0StYhLNTIOwwPUcycMwcbSeY9Fj9e56ZoHUceheODECd8dSLVpmaJaVqfk3uXQZB0Hcu2pmfWEA==
fb-s
unknown
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://975now.com
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
chunk-5.5bb797fa2d805bd583e9.1671480485891.js
975now.com/public/dist/chunks/
6 KB
2 KB
Script
General
Full URL
https://975now.com/public/dist/chunks/chunk-5.5bb797fa2d805bd583e9.1671480485891.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.160 Saint Joseph, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6760) / Express
Resource Hash
402a85b5cb3b9b63fdfefc53be24269bc8547dfd5c57ef341bc5e4878b8a9d2f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/listen-live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-abgroup
A
date
Fri, 23 Dec 2022 04:48:24 GMT
content-encoding
gzip
via
1.1 varnish
age
30245
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
2148
last-modified
Tue, 20 Dec 2022 20:10:04 GMT
server
ECS (frb/6760)
etag
W/"178a-185312852a6"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
2292081887 2291864299
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
expires
Fri, 23 Dec 2022 04:48:23 GMT
chunk-23.59810b4c0bad44bdb301.1671480485891.js
975now.com/public/dist/chunks/
658 B
779 B
Script
General
Full URL
https://975now.com/public/dist/chunks/chunk-23.59810b4c0bad44bdb301.1671480485891.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.160 Saint Joseph, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6760) / Express
Resource Hash
1b78062fd602e653c1eefccf152d1fce46f6929ad8d5b53f78383dd5127237f5
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/listen-live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-abgroup
A
date
Fri, 23 Dec 2022 04:48:24 GMT
via
1.1 varnish
age
29359
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
658
last-modified
Tue, 20 Dec 2022 20:09:57 GMT
server
ECS (frb/6760)
etag
W/"292-185312837ef"
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
1779616396 1779585439
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
expires
Fri, 23 Dec 2022 04:48:23 GMT
chunk-20.f7841577ce3521f569b1.1671480485891.js
975now.com/public/dist/chunks/
806 B
917 B
Script
General
Full URL
https://975now.com/public/dist/chunks/chunk-20.f7841577ce3521f569b1.1671480485891.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.160 Saint Joseph, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67D4) / Express
Resource Hash
52898b6fa287f2454428170402474408e5c20323aee0bad6ee1e1cb70180e819
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/listen-live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-abgroup
A
date
Fri, 23 Dec 2022 04:48:24 GMT
via
1.1 varnish
age
29359
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
806
last-modified
Tue, 20 Dec 2022 20:09:57 GMT
server
ECS (frb/67D4)
etag
W/"326-185312837ef"
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
1779616397 1779585331
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
expires
Fri, 23 Dec 2022 04:48:23 GMT
chunk-22.6de938cd8afec09171b6.1671480485891.js
975now.com/public/dist/chunks/
1 KB
920 B
Script
General
Full URL
https://975now.com/public/dist/chunks/chunk-22.6de938cd8afec09171b6.1671480485891.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.160 Saint Joseph, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/674B) / Express
Resource Hash
2e7771833e3970c8b2969d8037065c1fcc9b0e8aeca6079611e2381558e1347d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/listen-live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-abgroup
A
date
Fri, 23 Dec 2022 04:48:24 GMT
content-encoding
gzip
via
1.1 varnish
age
29358
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
784
last-modified
Tue, 20 Dec 2022 20:09:59 GMT
server
ECS (frb/674B)
etag
W/"514-18531283f2a"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
1779905237 1779585575
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
expires
Fri, 23 Dec 2022 04:48:23 GMT
chunk-21.ae23111e1c6601947422.1671480485891.js
975now.com/public/dist/chunks/
1016 B
1 KB
Script
General
Full URL
https://975now.com/public/dist/chunks/chunk-21.ae23111e1c6601947422.1671480485891.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.160 Saint Joseph, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67AA) / Express
Resource Hash
b237ccfbe660d9be2bbab85986e1cf5ef1b4d99096613b8e24a6afc4dca196cf
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/listen-live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-abgroup
A
date
Fri, 23 Dec 2022 04:48:24 GMT
via
1.1 varnish
age
29208
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
1016
last-modified
Tue, 20 Dec 2022 20:10:00 GMT
server
ECS (frb/67AA)
etag
W/"3f8-1853128450c"
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
1779616399
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
expires
Fri, 23 Dec 2022 04:48:23 GMT
chunk-45.517c88e7fb9f9fd12807.1671480485891.js
975now.com/public/dist/chunks/
2 KB
941 B
Script
General
Full URL
https://975now.com/public/dist/chunks/chunk-45.517c88e7fb9f9fd12807.1671480485891.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.160 Saint Joseph, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/668B) / Express
Resource Hash
fa66aca5d6c732ce42ef1219f5840cdacd6515b45115a9cfb51d69eee53b0249
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/listen-live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-abgroup
A
date
Fri, 23 Dec 2022 04:48:24 GMT
content-encoding
gzip
via
1.1 varnish
age
29358
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
829
last-modified
Tue, 20 Dec 2022 20:09:57 GMT
server
ECS (frb/668B)
etag
W/"728-185312837f7"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
2292081923 2292051004
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
expires
Fri, 23 Dec 2022 04:48:23 GMT
chunk-34.0c9bac494d3cbc4bbcec.1671480485891.js
975now.com/public/dist/chunks/
40 KB
12 KB
Script
General
Full URL
https://975now.com/public/dist/chunks/chunk-34.0c9bac494d3cbc4bbcec.1671480485891.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.160 Saint Joseph, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/668C) / Express
Resource Hash
7fa3bd42ab5871f9255c0f54f0ab6fb65d782bdf63c79e689a13ea64cdd35cf7
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/listen-live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-abgroup
A
date
Fri, 23 Dec 2022 04:48:24 GMT
content-encoding
gzip
via
1.1 varnish
age
29208
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
12011
last-modified
Tue, 20 Dec 2022 20:09:59 GMT
server
ECS (frb/668C)
etag
W/"a09a-18531283f2a"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
1779616346
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
expires
Fri, 23 Dec 2022 04:48:23 GMT
chunk-14.f317d8bc4953e49303e7.1671480485891.js
975now.com/public/dist/chunks/
27 KB
8 KB
Script
General
Full URL
https://975now.com/public/dist/chunks/chunk-14.f317d8bc4953e49303e7.1671480485891.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.160 Saint Joseph, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/668A) / Express
Resource Hash
2a4794a5fad7bf658e4522f7b68f6e71938691465e7cfc14cadb8e109dae4ffa
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/listen-live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-abgroup
A
date
Fri, 23 Dec 2022 04:48:24 GMT
content-encoding
gzip
via
1.1 varnish
age
29358
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
7889
last-modified
Tue, 20 Dec 2022 20:09:57 GMT
server
ECS (frb/668A)
etag
W/"6ae3-185312837ef"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
1779616400 1779585610
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
expires
Fri, 23 Dec 2022 04:48:23 GMT
chunk-51.4a70d0cfbab9bb27bd7e.1671480485891.js
975now.com/public/dist/chunks/
2 KB
897 B
Script
General
Full URL
https://975now.com/public/dist/chunks/chunk-51.4a70d0cfbab9bb27bd7e.1671480485891.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.160 Saint Joseph, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6772) / Express
Resource Hash
7ee7901ec40e1bd240a3da86100fcb155fc2169bf2a3fabc860a4bea29bba3d5
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/listen-live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-abgroup
A
date
Fri, 23 Dec 2022 04:48:24 GMT
content-encoding
gzip
via
1.1 varnish
age
29208
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
806
last-modified
Tue, 20 Dec 2022 20:09:59 GMT
server
ECS (frb/6772)
etag
W/"663-18531283e53"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
1779616356
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
expires
Fri, 23 Dec 2022 04:48:23 GMT
wo
975now.com/rest/carbon/api/nowplaying/playertype/
208 B
331 B
Fetch
General
Full URL
https://975now.com/rest/carbon/api/nowplaying/playertype/wo
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.160 Saint Joseph, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6793) / Express
Resource Hash
1aa2ac9b66aef789c34e7b0391288cc8ceda2b18c6f474bfcfb94aa293e96a3b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/listen-live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 04:48:24 GMT
age
16
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
208
last-modified
Fri, 23 Dec 2022 04:48:08 GMT
server
ECS (frb/6793)
etag
W/"d0-QSZf5a1JI5BN9KWcHs1IISPWoU0"
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
expires
Fri, 23 Dec 2022 04:48:23 GMT
chunk-11.382183c7bf86287800a3.1671480485891.js
975now.com/public/dist/chunks/
967 B
1 KB
Script
General
Full URL
https://975now.com/public/dist/chunks/chunk-11.382183c7bf86287800a3.1671480485891.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.160 Saint Joseph, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6738) / Express
Resource Hash
20751d64251edf4ecf2e1e3cc4bbe212521d2252fc11d13fc86a4359914f53af
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/listen-live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-abgroup
A
date
Fri, 23 Dec 2022 04:48:24 GMT
via
1.1 varnish
age
29208
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
967
last-modified
Tue, 20 Dec 2022 20:09:59 GMT
server
ECS (frb/6738)
etag
W/"3c7-18531283f26"
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
1779616351
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
expires
Fri, 23 Dec 2022 04:48:23 GMT
chunk-12.114fb8ea181e01e93ded.1671480485891.js
975now.com/public/dist/chunks/
4 KB
2 KB
Script
General
Full URL
https://975now.com/public/dist/chunks/chunk-12.114fb8ea181e01e93ded.1671480485891.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.160 Saint Joseph, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6713) / Express
Resource Hash
d8b32397d085a6bfe86984167facd508076bfac95bd76d9cca580ff701f0ea0a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/listen-live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-abgroup
A
date
Fri, 23 Dec 2022 04:48:24 GMT
content-encoding
gzip
via
1.1 varnish
age
29358
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
1495
last-modified
Tue, 20 Dec 2022 20:09:59 GMT
server
ECS (frb/6713)
etag
W/"e03-18531283e4f"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
1779616410 1779585569
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
expires
Fri, 23 Dec 2022 04:48:23 GMT
imp
g2.gumgum.com/hbid/
792 B
991 B
XHR
General
Full URL
https://g2.gumgum.com/hbid/imp?lt=1671770904183&to=0&aun=tsm-ad-728a&maxw=728&maxh=90&si=9152&pi=3&bf=728x90&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2F975now.com%2Flisten-live%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.9.0%22%7D&ogu=null&ns=10240
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=975now.com&v=3951287eb84186bb92ac5f7368158bb5c70e6d13&mver=51&gver=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.111.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-111-64.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
34c32ac95371e5f575f307f1e6d886f8b9052ecdeb46f9decd37b4e4b9f239bc

Request headers

Referer
https://975now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 04:48:24 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://975now.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/
792 B
991 B
XHR
General
Full URL
https://g2.gumgum.com/hbid/imp?lt=1671770904184&to=0&aun=tsm-ad-728b&maxw=728&maxh=90&si=9153&pi=3&bf=728x90&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2F975now.com%2Flisten-live%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.9.0%22%7D&ogu=null&ns=10240
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=975now.com&v=3951287eb84186bb92ac5f7368158bb5c70e6d13&mver=51&gver=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.111.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-111-64.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
98e0e2c1604d92dbca722c9c1498ab1e76834d8cfaa29d1f02c8ff4ffd6721b2

Request headers

Referer
https://975now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 04:48:24 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://975now.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
v2
e.serverbid.com/api/
16 B
386 B
XHR
General
Full URL
https://e.serverbid.com/api/v2
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=975now.com&v=3951287eb84186bb92ac5f7368158bb5c70e6d13&mver=51&gver=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer
https://975now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 23 Dec 2022 04:48:24 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://975now.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
42
fastlane.json
fastlane.rubiconproject.com/a/api/
239 B
561 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11266&site_id=173188&zone_id=836376&size_id=2&p_pos=atf&rf=https%3A%2F%2F975now.com%2Flisten-live%2F&kw=tsm-ad-728a&tk_flint=pbjs_lite_v6.9.0&x_source.tid=1e6b4d53-f61d-47cf-8e9e-c0e548421c9b&p_screen_res=1600x1200&rp_floor=0.25&rp_secure=1&rp_maxbids=1&slots=1&rand=0.07027797485929477
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=975now.com&v=3951287eb84186bb92ac5f7368158bb5c70e6d13&mver=51&gver=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
98c9729b6be21d82fbcde2417b2ee6ffdfa020b3a1ae0de5a419422ae478c559

Request headers

Referer
https://975now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 04:48:24 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://975now.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
239
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
239 B
563 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11266&site_id=173188&zone_id=836376&size_id=2&rf=https%3A%2F%2F975now.com%2Flisten-live%2F&kw=tsm-ad-728b&tk_flint=pbjs_lite_v6.9.0&x_source.tid=2c6cc53b-502c-4c9d-bf37-655031175bbd&p_screen_res=1600x1200&rp_floor=0.25&rp_secure=1&rp_maxbids=1&slots=1&rand=0.643145245949617
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=975now.com&v=3951287eb84186bb92ac5f7368158bb5c70e6d13&mver=51&gver=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
a640e0d9b924e6ac6d1c222bfc1e1ee55f830ea4ab6ca0e998831237933419a8

Request headers

Referer
https://975now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 04:48:24 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://975now.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
239
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
240 B
784 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11266&site_id=173188&zone_id=836376&size_id=57&p_pos=atf&rf=https%3A%2F%2F975now.com%2Flisten-live%2F&kw=tsm-ad-970a&tk_flint=pbjs_lite_v6.9.0&x_source.tid=0427e5c5-42bd-4a2c-8416-66d46ae5f9b6&p_screen_res=1600x1200&rp_floor=0.25&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3984911233916315
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=975now.com&v=3951287eb84186bb92ac5f7368158bb5c70e6d13&mver=51&gver=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
36876823e9a71754563dec62cf0bc59dc353648806459910c0ddd8cf99535e06

Request headers

Referer
https://975now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 04:48:24 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://975now.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
240
expires
Wed, 17 Sep 1975 21:32:10 GMT
trinity.json
apex.go.sonobi.com/
137 B
767 B
XHR
General
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22122ff008f0a384a%22%3A%22ea7911e26d411186eb66%7C728x90%7Cgpid%3D%2F8328825%2Flocal%2FLansing%2FWJIM%2Flisten-live%22%2C%22130565f729acee9%22%3A%226e36ff2b933db31e890f%7C728x90%7Cgpid%3D%2F8328825%2Flocal%2FLansing%2FWJIM%2Flisten-live%22%2C%2214c9a345c66d5ea%22%3A%2288e31f49e54a033259c1%7C970x250%7Cgpid%3D%2F8328825%2Flocal%2FLansing%2FWJIM%2Flisten-live%22%7D&ref=https%3A%2F%2F975now.com%2Flisten-live%2F&s=29063259-11b1-4336-a500-d9d83b0f1ff0&pv=02d60534-d68d-4e89-85a8-189169cb1d94&vp=desktop&lib_name=prebid&lib_v=6.9.0&us=5&ius=1&coppa=0
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=975now.com&v=3951287eb84186bb92ac5f7368158bb5c70e6d13&mver=51&gver=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.14 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
6cdf647f85a6afc3f24d19fe866bf8d91f1a40108b2cd7d851493635df41f98d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://975now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 23 Dec 2022 04:48:24 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-71
Content-Type
application/json
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://975now.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Length
162
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
cygnus
htlb.casalemedia.com/
37 B
564 B
XHR
General
Full URL
https://htlb.casalemedia.com/cygnus?s=272479&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22151a608bad4cbe2%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2F975now.com%2Flisten-live%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A2%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A2%2C%22ren%22%3Afalse%2C%22version%22%3A%226.9.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221601c225a403045%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22272479%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22173dfd4c4cbfdf2%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22272480%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%7D
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=975now.com&v=3951287eb84186bb92ac5f7368158bb5c70e6d13&mver=51&gver=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9da236ec81f184812e8a0f2f3503c881346d1cbef97c1ee472e6b778541ae8b3

Request headers

Referer
https://975now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 04:48:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rDWBANzRLo9Q3%2BJqMuGpoPmaLXc%2BpPZn8nkTCnty0bnAbwwOyXWrb2QxVdde5aDlBTWFDq0H78LjUqZPAb%2BA17PRo031LQ6oWIenDMk5c%2Fxs2ONqRMDp6072%2BSytpUZWmjak0SLa"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://975now.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77de76f77c966919-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
prebid
ib.adnxs.com/ut/v3/
19 B
825 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=975now.com&v=3951287eb84186bb92ac5f7368158bb5c70e6d13&mver=51&gver=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://975now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 23 Dec 2022 04:48:24 GMT
AN-X-Request-Uuid
1cafe09e-b580-4e68-ad6e-20aabfef8fa4
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://975now.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.169; 185.213.155.169; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bid-request
a.teads.tv/hb/
16 B
386 B
XHR
General
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=975now.com&v=3951287eb84186bb92ac5f7368158bb5c70e6d13&mver=51&gver=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://975now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 04:48:24 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://975now.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Fri, 23 Dec 2022 04:48:24 GMT
arj
townsquaremedia-d.openx.net/w/1.0/
74 B
375 B
XHR
General
Full URL
https://townsquaremedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2F975now.com%2Flisten-live%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=1e6b4d53-f61d-47cf-8e9e-c0e548421c9b%2C2c6cc53b-502c-4c9d-bf37-655031175bbd%2C0427e5c5-42bd-4a2c-8416-66d46ae5f9b6&nocache=1671770904200&aus=728x90%7C728x90%7C970x250&divids=tsm-ad-728a%2Ctsm-ad-728b%2Ctsm-ad-970a&aucs=%2C%2C&auid=539829446%2C539829446%2C539829446&aumfs=250%2C250%2C250
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=975now.com&v=3951287eb84186bb92ac5f7368158bb5c70e6d13&mver=51&gver=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
0ffd16515adc2d77b7c5228e87ecf4a89d2041806fc3d9eda5ecd76701764152

Request headers

Referer
https://975now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 04:48:24 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://975now.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
80
expires
Mon, 26 Jul 1997 05:00:00 GMT
auction
tlx.3lift.com/header/
19 B
551 B
XHR
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.9.0&referrer=https%3A%2F%2F975now.com%2Flisten-live%2F&tmax=2000
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=975now.com&v=3951287eb84186bb92ac5f7368158bb5c70e6d13&mver=51&gver=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.173.192 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-173-192.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://975now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 04:48:24 GMT
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width
x-auction-status
12, 12, 12
content-type
application/json; charset=utf-8
access-control-allow-origin
https://975now.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
translator
hbopenbid.pubmatic.com/
0
112 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=975now.com&v=3951287eb84186bb92ac5f7368158bb5c70e6d13&mver=51&gver=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.77 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://975now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://975now.com
date
Fri, 23 Dec 2022 04:48:24 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
hb
hb.undertone.com/
0
556 B
XHR
General
Full URL
https://hb.undertone.com/hb?pid=2552&domain=975now.com
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=975now.com&v=3951287eb84186bb92ac5f7368158bb5c70e6d13&mver=51&gver=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-14.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://975now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 04:48:24 GMT
via
1.1 9015971351bc982a04ee209a022bb1f8.cloudfront.net (CloudFront)
server
istio-envoy
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
https://975now.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
x-amz-cf-id
_ZRuIhn3W9Ty_DcYzQCiGSZ8LPLR6nTLhGhghUwdLnk6aFKnfMJrRg==
expires
Mon, 26 Jul 1997 05:00:00 GMT
bid
krk.kargo.com/api/v2/
2 B
645 B
XHR
General
Full URL
https://krk.kargo.com/api/v2/bid?json=%7B%22sessionId%22%3A%228766ca82-d701-41ae-bc7f-fdfc59d76bdd%22%2C%22requestCount%22%3A0%2C%22timeout%22%3A2000%2C%22currency%22%3A%22USD%22%2C%22cpmGranularity%22%3A1%2C%22timestamp%22%3A1671770904206%2C%22cpmRange%22%3A%7B%22floor%22%3A0%2C%22ceil%22%3A20%7D%2C%22bidIDs%22%3A%7B%2247ad5e04ecdbd22%22%3A%22_wPlmCMrvTH%22%2C%2248b514004073ff9%22%3A%22_wPlmCMrvTH%22%2C%2249bdbfb74beb7fd%22%3A%22_wPlmCMrvTH%22%7D%2C%22bidSizes%22%3A%7B%2247ad5e04ecdbd22%22%3A%5B%5B728%2C90%5D%5D%2C%2248b514004073ff9%22%3A%5B%5B728%2C90%5D%5D%2C%2249bdbfb74beb7fd%22%3A%5B%5B970%2C250%5D%5D%7D%2C%22prebidRawBidRequests%22%3A%5B%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_wPlmCMrvTH%22%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B728%2C90%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22tsm-ad-728a%22%2C%22transactionId%22%3A%221e6b4d53-f61d-47cf-8e9e-c0e548421c9b%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22bidId%22%3A%2247ad5e04ecdbd22%22%2C%22bidderRequestId%22%3A%22463873b1d8bf686%22%2C%22auctionId%22%3A%22babcff48-c776-4ebe-aeef-4c43ffe8c99b%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%7D%2C%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_wPlmCMrvTH%22%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B728%2C90%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22tsm-ad-728b%22%2C%22transactionId%22%3A%222c6cc53b-502c-4c9d-bf37-655031175bbd%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22bidId%22%3A%2248b514004073ff9%22%2C%22bidderRequestId%22%3A%22463873b1d8bf686%22%2C%22auctionId%22%3A%22babcff48-c776-4ebe-aeef-4c43ffe8c99b%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%7D%2C%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_wPlmCMrvTH%22%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B970%2C250%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22tsm-ad-970a%22%2C%22transactionId%22%3A%220427e5c5-42bd-4a2c-8416-66d46ae5f9b6%22%2C%22sizes%22%3A%5B%5B970%2C250%5D%5D%2C%22bidId%22%3A%2249bdbfb74beb7fd%22%2C%22bidderRequestId%22%3A%22463873b1d8bf686%22%2C%22auctionId%22%3A%22babcff48-c776-4ebe-aeef-4c43ffe8c99b%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%7D%5D%2C%22userIDs%22%3A%7B%22crbIDs%22%3A%7B%7D%7D%2C%22krux%22%3A%7B%22userID%22%3Anull%2C%22segments%22%3A%5B%5D%7D%2C%22pageURL%22%3A%22https%3A%2F%2F975now.com%2Flisten-live%2F%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=975now.com&v=3951287eb84186bb92ac5f7368158bb5c70e6d13&mver=51&gver=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.125.142.130 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-142-130.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://975now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 23 Dec 2022 04:48:24 GMT
Content-Encoding
gzip
X-Accel-Expires
0
Vary
Accept-Encoding
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://975now.com
Cache-Control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
26
Expires
Thu, 01 Jan 1970 00:00:00 UTC
prebid
prebid.media.net/rtb/
338 B
596 B
XHR
General
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUMP71D3
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=975now.com&v=3951287eb84186bb92ac5f7368158bb5c70e6d13&mver=51&gver=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
8be3b9c01943eae22432a7d1ccd42ab30447c9b1b07918b918fb5e5d7b5116e7

Request headers

Referer
https://975now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 04:48:24 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://975now.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Fri, 23 Dec 2022 04:48:24 GMT
prebid-request
onetag-sys.com/
15 B
358 B
XHR
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=975now.com&v=3951287eb84186bb92ac5f7368158bb5c70e6d13&mver=51&gver=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://975now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://975now.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
144 KB
49 KB
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
91f9cf2a07a560cfc712b3fdf8912ffab988838f623b450331be85384590dc9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 04:48:24 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49445
x-xss-protection
0
server
cafe
etag
3054412351835165450
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 23 Dec 2022 04:48:24 GMT
/
975now.com/internal-ad-api/
1 KB
573 B
Fetch
General
Full URL
https://975now.com/internal-ad-api/?kw[]=station-listen-live-player&kw[]=pagetype-listen-live&kw[]=hasonair&kw[]=listen-live-page&kw[]=ll-WJIMFM&kw[]=ll-5160&kw[]=device-desktop
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.160 Saint Joseph, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx /
Resource Hash
66fea73d2bde03047e1392ca58ed7b1b59ff0b9f063e59e93dbbfe7a8132235a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/listen-live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-abgroup
A
date
Fri, 23 Dec 2022 04:48:24 GMT
content-encoding
gzip
via
1.1 varnish
age
0
x-cache
MISS
x-ua-device
desktop
x-device
desktop
content-length
506
server
nginx
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
x-varnish
1785032716
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
expires
Fri, 23 Dec 2022 04:48:23 GMT
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/
64 B
499 B
XHR
General
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=3227&u=https%3A%2F%2F975now.com%2Flisten-live%2F&pid=khcV7MnRIouJE&cb=0&ws=1600x1200&v=22.1213.2134&t=2000&slots=%5B%7B%22sd%22%3A%22tsm-ad-970a%22%2C%22s%22%3A%5B%22970x250%22%5D%2C%22sn%22%3A%22%2F8328825%2Flocal%2FLansing%2FWJIM%2Ftsm-ad-970a%22%2C%22kv%22%3A%7B%7D%7D%2C%7B%22sd%22%3A%22tsm-ad-728a%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F8328825%2Flocal%2FLansing%2FWJIM%2Ftsm-ad-728a%22%2C%22kv%22%3A%7B%7D%7D%2C%7B%22sd%22%3A%22tsm-ad-728b%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F8328825%2Flocal%2FLansing%2FWJIM%2Ftsm-ad-728b%22%2C%22kv%22%3A%7B%7D%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%7D&gdprl=%7B%22status%22%3A%22tcfv2-timeout%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.3.236 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-3-236.fra6.r.cloudfront.net
Software
Server /
Resource Hash
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 04:48:24 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA6-C1
x-amz-rid
AB08Q6F6DRWXFFNHDQRW
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://975now.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
64
x-amz-cf-id
45hTyp_-NrEAk5-XJuh0guWSwEaMSbVKnxz4grY_RRUITn4RuYArkg==
collect
stats.g.doubleclick.net/j/
1 B
22 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-45652235-4&cid=344673256.1671770903&jid=1375415804&gjid=325960695&_gid=1780041790.1671770903&_u=6GBAgAADAAAAAE~&z=207260573
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://975now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 23 Dec 2022 04:48:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://975now.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
4 B
25 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-19109753-1&cid=344673256.1671770903&jid=2106781534&gjid=499422588&_gid=1780041790.1671770903&_u=6GDAgAADAAAAAE~&z=1536261495
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://975now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 23 Dec 2022 04:48:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://975now.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
1 B
22 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-45652235-1&cid=344673256.1671770903&jid=311759424&gjid=1185359482&_gid=1780041790.1671770903&_u=6GDAgAADAAAAAE~&z=992307678
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://975now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 23 Dec 2022 04:48:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://975now.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
1 B
22 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-28825804-1&cid=344673256.1671770903&jid=1941461650&gjid=1277064155&_gid=1780041790.1671770903&_u=6GDAgAADAAAAAE~&z=939391182
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://975now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 23 Dec 2022 04:48:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://975now.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
1 B
22 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-45260060-4&cid=344673256.1671770903&jid=1635357238&gjid=1670152095&_gid=1780041790.1671770903&_u=6GDAgAADAAAAAE~&z=1291287963
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://975now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 23 Dec 2022 04:48:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://975now.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
1 B
22 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-45260060-9&cid=344673256.1671770903&jid=1648440572&gjid=1523952336&_gid=1780041790.1671770903&_u=6GDAgAADAAAAAE~&z=908364573
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://975now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 23 Dec 2022 04:48:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://975now.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=2020690957&t=pageview&_s=1&dl=https%3A%2F%2F975now.com%2Flisten-live%2F&ul=en-us&de=UTF-8&dt=97.5%20NOW%20FM%20-%20Listen%20Live&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6GBAgAAD~&jid=1375415804&gjid=325960695&cid=344673256.1671770903&tid=UA-45652235-4&_gid=1780041790.1671770903&_av=2.4.1&_au=20&cd1=&cd2=&cd3=&cd4=listen-live&cd5=&cd6=&cd7=standard&cd8=&cd9=A&cd10=no&cd12=&cd13=&cd14=&cd15=&cd16=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.124%20Safari%2F537.36&did=i5iSjo&z=639313871
Requested by
Host: 975now.com
URL: https://975now.com/listen-live/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 02:49:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
7116
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=2020690957&t=pageview&_s=1&dl=https%3A%2F%2F975now.com%2Flisten-live%2F&ul=en-us&de=UTF-8&dt=97.5%20NOW%20FM%20-%20Listen%20Live&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6GDAgAADAAAAAE~&jid=2106781534&gjid=499422588&cid=344673256.1671770903&tid=UA-19109753-1&_gid=1780041790.1671770903&_av=2.4.1&_au=20&cd1=&cd2=&cd3=&cd4=listen-live&cd5=&cd6=&cd7=standard&cd8=&cd9=A&cd10=no&cd12=&cd13=&cd14=&cd15=&cd16=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.124%20Safari%2F537.36&did=i5iSjo&z=1372959978
Requested by
Host: 975now.com
URL: https://975now.com/listen-live/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 02:49:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
7116
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=2020690957&t=pageview&_s=1&dl=https%3A%2F%2F975now.com%2Flisten-live%2F&ul=en-us&de=UTF-8&dt=97.5%20NOW%20FM%20-%20Listen%20Live&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6GDAgAADAAAAAE~&jid=311759424&gjid=1185359482&cid=344673256.1671770903&tid=UA-45652235-1&_gid=1780041790.1671770903&_av=2.4.1&_au=20&cd1=&cd2=&cd3=&cd4=listen-live&cd5=&cd6=&cd7=standard&cd8=&cd9=A&cd10=no&cd12=&cd13=&cd14=&cd15=&cd16=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.124%20Safari%2F537.36&did=i5iSjo&z=1178284535
Requested by
Host: 975now.com
URL: https://975now.com/listen-live/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 02:49:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
7116
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=2020690957&t=pageview&_s=1&dl=https%3A%2F%2F975now.com%2Flisten-live%2F&ul=en-us&de=UTF-8&dt=97.5%20NOW%20FM%20-%20Listen%20Live&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6GDAgAADAAAAAE~&jid=1941461650&gjid=1277064155&cid=344673256.1671770903&tid=UA-28825804-1&_gid=1780041790.1671770903&_av=2.4.1&_au=20&cd1=&cd2=&cd3=&cd4=listen-live&cd5=&cd6=&cd7=standard&cd8=&cd9=A&cd10=no&cd12=&cd13=&cd14=&cd15=&cd16=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.124%20Safari%2F537.36&did=i5iSjo&z=1512089322
Requested by
Host: 975now.com
URL: https://975now.com/listen-live/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 02:49:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
7116
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=2020690957&t=pageview&_s=1&dl=https%3A%2F%2F975now.com%2Flisten-live%2F&ul=en-us&de=UTF-8&dt=97.5%20NOW%20FM%20-%20Listen%20Live&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6GDAgAADAAAAAE~&jid=1635357238&gjid=1670152095&cid=344673256.1671770903&tid=UA-45260060-4&_gid=1780041790.1671770903&_av=2.4.1&_au=20&cd1=&cd2=&cd3=&cd4=listen-live&cd5=&cd6=&cd7=standard&cd8=&cd9=A&cd10=no&cd12=&cd13=&cd14=&cd15=&cd16=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.124%20Safari%2F537.36&did=i5iSjo&z=1445798041
Requested by
Host: 975now.com
URL: https://975now.com/listen-live/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 02:49:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
7116
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=2020690957&t=pageview&_s=1&dl=https%3A%2F%2F975now.com%2Flisten-live%2F&ul=en-us&de=UTF-8&dt=97.5%20NOW%20FM%20-%20Listen%20Live&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6GDAgAADAAAAAE~&jid=1648440572&gjid=1523952336&cid=344673256.1671770903&tid=UA-45260060-9&_gid=1780041790.1671770903&_av=2.4.1&_au=20&cd1=&cd2=&cd3=&cd4=listen-live&cd5=&cd6=&cd7=standard&cd8=&cd9=A&cd10=no&cd12=&cd13=&cd14=&cd15=&cd16=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.124%20Safari%2F537.36&did=i5iSjo&z=1121823323
Requested by
Host: 975now.com
URL: https://975now.com/listen-live/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 02:49:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
7116
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
button.d2f864f87f544dc0c11d7d712a191c1f.js
platform.twitter.com/js/
7 KB
3 KB
Script
General
Full URL
https://platform.twitter.com/js/button.d2f864f87f544dc0c11d7d712a191c1f.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67D5) /
Resource Hash
236dca679b9983d1fbea0415d584b17d80f1c6942506fc508a5384db924e8795

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 23 Dec 2022 04:48:24 GMT
Content-Encoding
gzip
Age
104718
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
2362
Last-Modified
Wed, 02 Nov 2022 19:36:52 GMT
Server
ECS (frb/67D5)
Etag
"7bb2d17ac20be3bd6ec1079356afecd9+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
euconsent
api.conversant.mgr.consensu.org/
105 B
289 B
XHR
General
Full URL
https://api.conversant.mgr.consensu.org/euconsent?configId=10164&cmpVersion=3.6.0&c=8151876988
Requested by
Host: cdn.conversant.mgr.consensu.org
URL: https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/gdpr-cmp-bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
d077bddddbdaa40522c86e8c7cbcd535f6abc3ff9e296c03f67a1c230941d0e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
https://975now.com
date
Fri, 23 Dec 2022 04:48:24 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server
nginx
vary
Origin
content-type
application/json
cogitoergosum
975now.com/rest/high/api/
22 B
89 B
Fetch
General
Full URL
https://975now.com/rest/high/api/cogitoergosum
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.160 Saint Joseph, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx / Express
Resource Hash
38e1e6c680ef39235e64726496ece6b39355e5fb5d2ff9f94881393427ef9d67
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://975now.com/listen-live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 23 Dec 2022 04:48:24 GMT
server
nginx
etag
W/"16-hwbt/zjXQQMHygKQH7w48NgHuys"
x-powered-by
Express
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
x-ua-device
desktop
cache-control
no-cache
gdpr-source
DE
x-device
desktop
content-length
22
expires
Fri, 23 Dec 2022 04:48:23 GMT
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=2020690957&t=event&_s=1&dl=https%3A%2F%2F975now.com%2Flisten-live%2F&ul=en-us&de=UTF-8&dt=97.5%20NOW%20FM%20-%20Listen%20Live&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=adblock&ea=detection&el=off&_u=6GDAAAADAAAAAGg~&jid=415469010&gjid=1842314494&cid=344673256.1671770903&tid=UA-115003007-7&_gid=1780041790.1671770903&_r=1&_slc=1&did=i5iSjo&z=236131714
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://975now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 04:48:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://975now.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
chunk-50.4e63e14ea1fb7462d61d.1671480485891.js
975now.com/public/dist/chunks/
767 B
879 B
Script
General
Full URL
https://975now.com/public/dist/chunks/chunk-50.4e63e14ea1fb7462d61d.1671480485891.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.160 Saint Joseph, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67BC) / Express
Resource Hash
a22c518b7a7cb42d1ad2be8c60b63248ba3ef51189c2999603da60ecbd0cba3c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/listen-live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-abgroup
A
date
Fri, 23 Dec 2022 04:48:24 GMT
via
1.1 varnish
age
29208
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
767
last-modified
Tue, 20 Dec 2022 20:09:58 GMT
server
ECS (frb/67BC)
etag
W/"2ff-18531283bed"
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
2292081992
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
expires
Fri, 23 Dec 2022 04:48:23 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.ylZHJEOsguo.O/m=auth/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA/
243 KB
83 KB
Script
General
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.ylZHJEOsguo.O/m=auth/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA/cb=gapi.loaded_0?le=scs
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a025aa3113d6218e4969be6cf96f623b11d8f9b0ce204844882ebd5090913d64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 18 Dec 2022 06:38:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
425382
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
84851
x-xss-protection
0
last-modified
Tue, 06 Dec 2022 15:21:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 18 Dec 2023 06:38:42 GMT
subscribe_embed
www.youtube.com/ Frame ABD6
2 KB
2 KB
Document
General
Full URL
https://www.youtube.com/subscribe_embed?usegapi=1&channel=975NowFM&count=hidden&layout=default&theme=default&origin=https%3A%2F%2F975now.com&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.ylZHJEOsguo.O%2Fd%3D1%2Frs%3DAHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA%2Fm%3D__features__
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
33065136be1cbda35cef776911bed5d7ee5c7158d611de0c83bcaf81f949aaa3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://975now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
date
Fri, 23 Dec 2022 04:48:24 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
cb=gapi.loaded_1
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.ylZHJEOsguo.O/m=ytsubscribe/exm=auth/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA/
738 B
508 B
Script
General
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.ylZHJEOsguo.O/m=ytsubscribe/exm=auth/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA/cb=gapi.loaded_1?le=scs
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c1f2766775d6451f14b4d26af1e09104d13b2b4e20745980a2f662c60a45b7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 19:22:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
206753
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
482
x-xss-protection
0
last-modified
Tue, 06 Dec 2022 15:21:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Dec 2023 19:22:31 GMT
debug
trc-events.taboola.com/townsquaremediatsm-975now/log/2/
0
89 B
Image
General
Full URL
https://trc-events.taboola.com/townsquaremediatsm-975now/log/2/debug?tim=04%3A48%3A24.596&type=usage&msg=rtus&llvl=2&id=5045&cv=20221222-8-RELEASE&lt=deflated&file=rtus.js&method=injectRtus&position=ccpaApiFail&extraData=%7B%7D
Requested by
Host: 975now.com
URL: https://975now.com/listen-live/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 04:48:24 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
14608
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,500,500italic,700,300italic,300%7CRoboto+Condensed:300,400,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://975now.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 19:33:08 GMT
x-content-type-options
nosniff
age
119716
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Dec 2023 19:33:08 GMT
ga-audiences
www.google.com/ads/
42 B
501 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-19109753-1&cid=344673256.1671770903&jid=2106781534&_u=6GDAgAADAAAAAE~&z=1761911390
Requested by
Host: 975now.com
URL: https://975now.com/listen-live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 04:48:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
63 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-19109753-1&cid=344673256.1671770903&jid=2106781534&_u=6GDAgAADAAAAAE~&z=1761911390
Requested by
Host: 975now.com
URL: https://975now.com/listen-live/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 04:48:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
geo
v7player.wostreaming.net/ Frame 2C48
395 B
506 B
XHR
General
Full URL
https://v7player.wostreaming.net/geo
Requested by
Host: v7player.wostreaming.net
URL: https://v7player.wostreaming.net/v7player-792bf3e9.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.197.136.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-197-136-214.compute-1.amazonaws.com
Software
nginx/1.18.0 / Express
Resource Hash
9667402dd5fdcb5e5491eacd701a8b509d3ecf038f56c697c8c66fd5a869806a

Request headers

Accept
application/json, text/plain, */*
Referer
https://v7player.wostreaming.net/5160?playerUrl=https%3A%2F%2F975now.com%2Flisten-live%2F
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 04:48:25 GMT
content-encoding
gzip
server
nginx/1.18.0
X-Powered-By
Express
vary
Accept-Encoding
content-type
application/json
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
249
teju-webclient.min.js
static.solutionshindsight.net/teju-webclient/
106 KB
31 KB
Script
General
Full URL
https://static.solutionshindsight.net/teju-webclient/teju-webclient.min.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-8.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1266de99e3e50f86b52fbfdaec5629e956f1f5b6137013ba2fdb9a77b00365db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 04:48:26 GMT
content-encoding
gzip
via
1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
last-modified
Thu, 22 Dec 2022 16:52:58 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
etag
"d694d398e1c132e0693428f32f6cbb39"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
no-cache
accept-ranges
bytes
content-length
31633
x-amz-cf-id
66rTuI-eDeKOJoquOiyucE0boDG0pMMSiRys6GB3VOoXdrv_q-1u6g==
tag.js
a.teads.tv/analytics/
11 KB
4 KB
Script
General
Full URL
https://a.teads.tv/analytics/tag.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
221e69003af87e6e8f934828ab416477126f3c062500e3bcb636bb9d87bf9b06

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
Y6qsPmt0o95KDo3Ibo2euzqSnxQebNV8
date
Fri, 23 Dec 2022 04:48:24 GMT
content-encoding
br
last-modified
Wed, 02 Nov 2022 09:38:15 GMT
x-amz-request-id
XRZFPSYY0E4RF6F6
etag
"6ddfb3a828a563a7719081ff9aeedaba"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
private, max-age=3600
accept-ranges
bytes
content-length
3391
x-amz-id-2
o2U2o0XivKKb+Q+7FfcyGHRH0xxVADJjOKHkF2QPQdd89LzzQGXebMnj5iIIuXhOMmGRxWISJuY=
vendor-list.json
cdn.conversant.mgr.consensu.org/gdpr/vendorlist/v2/
399 KB
53 KB
XHR
General
Full URL
https://cdn.conversant.mgr.consensu.org/gdpr/vendorlist/v2/vendor-list.json
Requested by
Host: cdn.conversant.mgr.consensu.org
URL: https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/gdpr-cmp-bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.96.149.237 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-149-237.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d753c69717b244a5225324ebbb4af652e067b9856b9081cf21c672f0dd7d9017

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 04:48:24 GMT
content-encoding
gzip
last-modified
Thu, 22 Dec 2022 16:15:01 GMT
server
Apache
etag
"63b0a-5f06cf89bd400-gzip"
vary
Accept-Encoding
access-control-max-age
3600
content-type
application/json
access-control-allow-origin
*
access-control-allow-methods
GET,POST,OPTIONS
cache-control
max-age=900
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
53773
www-subscribe-embed_split_v0.css
www.youtube.com/s/subscriptions/subscribe_embed/css/ Frame ABD6
38 KB
6 KB
Stylesheet
General
Full URL
https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?usegapi=1&channel=975NowFM&count=hidden&layout=default&theme=default&origin=https%3A%2F%2F975now.com&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.ylZHJEOsguo.O%2Fd%3D1%2Frs%3DAHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA%2Fm%3D__features__
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9325cb86c14e757a3266ab710efa8294b3cd00403310dfe09e6f561f7c94b438
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/subscribe_embed?usegapi=1&channel=975NowFM&count=hidden&layout=default&theme=default&origin=https%3A%2F%2F975now.com&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.ylZHJEOsguo.O%2Fd%3D1%2Frs%3DAHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA%2Fm%3D__features__
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 10:38:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
583772
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6066
x-xss-protection
0
last-modified
Wed, 18 Nov 2020 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 16 Dec 2023 10:38:53 GMT
www-subscribe-embed_v0.js
www.youtube.com/s/subscriptions/subscribe_embed/js/ Frame ABD6
252 KB
72 KB
Script
General
Full URL
https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed_v0.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?usegapi=1&channel=975NowFM&count=hidden&layout=default&theme=default&origin=https%3A%2F%2F975now.com&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.ylZHJEOsguo.O%2Fd%3D1%2Frs%3DAHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA%2Fm%3D__features__
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
35196923692f06f97491caf22422cce4b612d5ef07c51842ca94a088b15456e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/subscribe_embed?usegapi=1&channel=975NowFM&count=hidden&layout=default&theme=default&origin=https%3A%2F%2F975now.com&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.ylZHJEOsguo.O%2Fd%3D1%2Frs%3DAHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA%2Fm%3D__features__
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 10:38:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
583772
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
73785
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 21:45:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 16 Dec 2023 10:38:53 GMT
follow_button.644279d1635fd969e87af94a98bd232b.en.html
platform.twitter.com/widgets/ Frame 3790
41 KB
15 KB
Document
General
Full URL
https://platform.twitter.com/widgets/follow_button.644279d1635fd969e87af94a98bd232b.en.html
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67D5) /
Resource Hash
3c75e52a2ca2ffcc05363d11854f68977f2d376c15d231b396816e90bde25ad9

Request headers

Referer
https://975now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
104719
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
15129
Content-Type
text/html; charset=utf-8
Date
Fri, 23 Dec 2022 04:48:24 GMT
Etag
"acebd71e9c8affdc2fcc7f35e773093d+gzip"
Last-Modified
Wed, 02 Nov 2022 19:36:53 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/67D5)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
embeds
syndication.twitter.com/i/jot/
43 B
146 B
Image
General
Full URL
https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2F975now.com%2Flisten-live%2F%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22975now%22%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Awithcount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1671770904940%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22follow%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=5eda12c238d0d946477d2f6f94b86bda50e93fef
Requested by
Host: 975now.com
URL: https://975now.com/listen-live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-response-time
112
date
Fri, 23 Dec 2022 04:48:24 GMT
strict-transport-security
max-age=631138519
last-modified
Fri, 23 Dec 2022 04:48:24 GMT
server
tsa_o
vary
Origin
content-type
image/gif
x-transaction-id
4f0ca8ad9a1d19dd
cache-control
must-revalidate, max-age=600
perf
7626143928
x-connection-hash
8400cb0b2434a02f9e7a2fc0b300bb58c023dc0836914cedd37aae4da22bf51b
content-length
43
postmessageRelay
accounts.google.com/o/oauth2/ Frame D7F5
566 B
902 B
Document
General
Full URL
https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2F975now.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.ylZHJEOsguo.O%2Fd%3D1%2Frs%3DAHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA%2Fm%3D__features__
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b727d69f232338b49fa71a59123cae5af40b4a655ee7efe04539ffc620fd1ef3
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /o/cspreport script-src 'report-sample' 'nonce-TG-cBHZhZv3CTrolGcE1EQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://975now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /o/cspreport script-src 'report-sample' 'nonce-TG-cBHZhZv3CTrolGcE1EQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-type
text/html; charset=utf-8
date
Fri, 23 Dec 2022 04:48:25 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
event
api.conversant.mgr.consensu.org/gdpr/cmp/
0
116 B
XHR
General
Full URL
https://api.conversant.mgr.consensu.org/gdpr/cmp/event
Requested by
Host: cdn.conversant.mgr.consensu.org
URL: https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/gdpr-cmp-bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://975now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://975now.com
date
Fri, 23 Dec 2022 04:48:25 GMT
access-control-allow-credentials
true
server
nginx
vary
Origin
gdpr-cmp-ui.js
cdn.conversant.mgr.consensu.org/gdpr/cmp/3/
326 KB
82 KB
Script
General
Full URL
https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/gdpr-cmp-ui.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.96.149.237 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-149-237.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a0b81c9b9e3f5889faa9ae2bb61877b0ccaf5f5246a28d2d8576f29acb3dd485

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 04:48:25 GMT
content-encoding
gzip
last-modified
Wed, 20 Apr 2022 16:07:33 GMT
server
Apache
etag
"5172d-5dd1830eaae64-gzip"
vary
Accept-Encoding
access-control-max-age
3600
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET,POST,OPTIONS
cache-control
max-age=900
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
83280
truncated
/ Frame 3790
822 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml
subscribe_button_branded_lozenge.png
www.youtube.com/s/subscriptions/subscribe_embed/img/ Frame ABD6
156 B
179 B
Image
General
Full URL
https://www.youtube.com/s/subscriptions/subscribe_embed/img/subscribe_button_branded_lozenge.png
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cdb5ca36664e6906c51c4336873d7b45f29cb48c3b3188c853980813da650712
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 22:55:09 GMT
x-content-type-options
nosniff
last-modified
Fri, 18 Sep 2020 20:15:00 GMT
server
sffe
age
280396
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
156
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 19 Dec 2023 22:55:09 GMT
cspreport
accounts.google.com/o/ Frame D7F5
0
20 B
Other
General
Full URL
https://accounts.google.com/o/cspreport
Requested by
Host: 975now.com
URL: https://975now.com/listen-live/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /o/cspreport, script-src 'report-sample' 'nonce-l8IN9hQyV9DTauYJhRaeiQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2F975now.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.ylZHJEOsguo.O%2Fd%3D1%2Frs%3DAHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA%2Fm%3D__features__
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 04:48:25 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /o/cspreport, script-src 'report-sample' 'nonce-l8IN9hQyV9DTauYJhRaeiQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
1832714284-postmessagerelay.js
ssl.gstatic.com/accounts/o/ Frame D7F5
10 KB
5 KB
Script
General
Full URL
https://ssl.gstatic.com/accounts/o/1832714284-postmessagerelay.js
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2F975now.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.ylZHJEOsguo.O%2Fd%3D1%2Frs%3DAHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA%2Fm%3D__features__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d173137e6d7fab67e8e696fea473731e28fed08d552de686256d0d9dfa21275
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 10:38:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
583772
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4294
x-xss-protection
0
last-modified
Fri, 09 Dec 2022 07:08:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="federated-signon-mpm-access"
vary
Accept-Encoding
report-to
{"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 16 Dec 2023 10:38:53 GMT
rpc:shindig_random.js
apis.google.com/js/ Frame D7F5
17 KB
7 KB
Script
General
Full URL
https://apis.google.com/js/rpc:shindig_random.js?onload=init
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2F975now.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.ylZHJEOsguo.O%2Fd%3D1%2Frs%3DAHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA%2Fm%3D__features__
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a72a95f45380c28a3d910c4f43c02ce7992a1ba853f410f9f53a45f18433470b
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 23 Dec 2022 04:48:25 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6901
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"c75ce447b1f6d98e"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 23 Dec 2022 04:48:25 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.ylZHJEOsguo.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA/ Frame ABD6
126 KB
42 KB
Script
General
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.ylZHJEOsguo.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA/cb=gapi.loaded_0
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed_v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eda5d5b702579e91e3fbaf5639ec7b66a1ecfd36f85c7c83066bbf78ace70aaf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 18 Dec 2022 06:31:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
425811
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42491
x-xss-protection
0
last-modified
Tue, 06 Dec 2022 15:21:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 18 Dec 2023 06:31:34 GMT
en.json
cdn.conversant.mgr.consensu.org/gdpr/cmp/3/languages/
4 KB
1 KB
XHR
General
Full URL
https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/languages/en.json
Requested by
Host: cdn.conversant.mgr.consensu.org
URL: https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/gdpr-cmp-ui.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.96.149.237 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-149-237.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7f500782cb117cf91e9efdb60a0f9dcc445cdcf735f4399690d7d8079f346d68

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 04:48:25 GMT
content-encoding
gzip
last-modified
Wed, 20 Apr 2022 16:07:33 GMT
server
Apache
etag
"f30-5dd1830eac5d2-gzip"
vary
Accept-Encoding
access-control-max-age
3600
content-type
application/json
access-control-allow-origin
*
access-control-allow-methods
GET,POST,OPTIONS
cache-control
max-age=900
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
1178
b2
sb.scorecardresearch.com/
0
190 B
Image
General
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1671770903782&ns_c=UTF-8&gdpr=1&gdpr_p1t=0&gdpr_li=0&gdpr_purps=&gdpr_pcc=AA&cs_cmp_nc=1&cs_cmp_id=23&cs_cmp_sv=3&cs_cmp_rt=1599&c7=https%3A%2F%2F975now.com%2Flisten-live%2F&c8=97.5%20NOW%20FM%20-%20Listen%20Live&c9=
Requested by
Host: 975now.com
URL: https://975now.com/listen-live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-2.fra6.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 04:48:25 GMT
via
1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
3XOzsK0YYLQZtUNSJuq_rSVi_PXwHGsa4h5UAmwdAMepJN9yWlIgow==
x-cache
Miss from cloudfront
event
api.conversant.mgr.consensu.org/gdpr/cmp/
0
115 B
XHR
General
Full URL
https://api.conversant.mgr.consensu.org/gdpr/cmp/event
Requested by
Host: cdn.conversant.mgr.consensu.org
URL: https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/gdpr-cmp-bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://975now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://975now.com
date
Fri, 23 Dec 2022 04:48:25 GMT
access-control-allow-credentials
true
server
nginx
vary
Origin
analytics.js
www.google-analytics.com/ Frame 2C48
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: v7player.wostreaming.net
URL: https://v7player.wostreaming.net/v7player-792bf3e9.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v7player.wostreaming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 23 Dec 2022 03:24:37 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
5028
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Fri, 23 Dec 2022 05:24:37 GMT
forward.svg
v7player.wostreaming.net/assets/images/icons/ Frame 2C48
934 B
1 KB
Image
General
Full URL
https://v7player.wostreaming.net/assets/images/icons/forward.svg
Requested by
Host: 975now.com
URL: https://975now.com/listen-live/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.197.136.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-197-136-214.compute-1.amazonaws.com
Software
/ Express
Resource Hash
d5467a654435a27baddfdbc6b5f2172f188d6cc12ed470471a91134788231596

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v7player.wostreaming.net/5160?playerUrl=https%3A%2F%2F975now.com%2Flisten-live%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 23 Dec 2022 04:48:25 GMT
Last-Modified
Wed, 22 Jun 2022 16:08:38 GMT
ETag
W/"3a6-1818c2c3b70"
X-Powered-By
Express
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
934
search.svg
v7player.wostreaming.net/assets/images/icons/ Frame 2C48
291 B
605 B
Image
General
Full URL
https://v7player.wostreaming.net/assets/images/icons/search.svg
Requested by
Host: 975now.com
URL: https://975now.com/listen-live/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.197.136.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-197-136-214.compute-1.amazonaws.com
Software
/ Express
Resource Hash
e3e31b332d9e80d487dc5b23a3e861bd942755b7afb0d7ae32e8b11a6cf8cf3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v7player.wostreaming.net/5160?playerUrl=https%3A%2F%2F975now.com%2Flisten-live%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 23 Dec 2022 04:48:25 GMT
Last-Modified
Wed, 22 Jun 2022 16:08:38 GMT
ETag
W/"123-1818c2c3b70"
X-Powered-By
Express
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
291
default-album-art.png
v7player.wostreaming.net/assets/images/ Frame 2C48
195 KB
0
Image
General
Full URL
https://v7player.wostreaming.net/assets/images/default-album-art.png
Requested by
Host: 975now.com
URL: https://975now.com/listen-live/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.197.136.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-197-136-214.compute-1.amazonaws.com
Software
/ Express
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v7player.wostreaming.net/5160?playerUrl=https%3A%2F%2F975now.com%2Flisten-live%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 23 Dec 2022 04:48:25 GMT
Last-Modified
Wed, 22 Jun 2022 16:08:38 GMT
ETag
W/"8aee3-1818c2c3b70"
X-Powered-By
Express
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
569059
station
v7player.wostreaming.net/ Frame 2C48
3 KB
3 KB
XHR
General
Full URL
https://v7player.wostreaming.net/station?uid=5160
Requested by
Host: v7player.wostreaming.net
URL: https://v7player.wostreaming.net/v7player-792bf3e9.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.197.136.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-197-136-214.compute-1.amazonaws.com
Software
Apache/2.4.54 () OpenSSL/1.0.2k-fips / Express
Resource Hash
1d94d729b93a68de0e69f1a395afa9b45efc65d6216a9d552e71bb2ec9be88a2

Request headers

Accept
application/json, text/plain, */*
Referer
https://v7player.wostreaming.net/5160?playerUrl=https%3A%2F%2F975now.com%2Flisten-live%2F
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 04:48:26 GMT
server
Apache/2.4.54 () OpenSSL/1.0.2k-fips
X-Powered-By
Express
transfer-encoding
chunked
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
Connection
keep-alive
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.ylZHJEOsguo.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA/ Frame D7F5
54 KB
19 KB
Script
General
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.ylZHJEOsguo.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/rpc:shindig_random.js?onload=init
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e533aa8b1cd8002c05dfd711e18ac03974ddaad1cd915004fd9b5c3aac50e377
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 19:03:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
207872
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19257
x-xss-protection
0
last-modified
Tue, 06 Dec 2022 15:21:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Dec 2023 19:03:53 GMT
OTc1bm93LmNvbQ==
static.solutionshindsight.net/assets/
2 KB
1 KB
Fetch
General
Full URL
https://static.solutionshindsight.net/assets/OTc1bm93LmNvbQ==
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-8.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c15053c3c9c18a6b5a07a60d84ac4e23c1541b7e850b98559f654a7db0e6bf68

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
date
Fri, 23 Dec 2022 04:48:26 GMT
x-amz-cf-pop
FRA56-P5
x-cache
RefreshHit from cloudfront
last-modified
Thu, 24 Nov 2022 14:48:19 GMT
server
AmazonS3
etag
W/"7a4af99016e48f49f77714843b914ee1"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
LtdwZzPMPyCNsPek1AOgNKobqNksOvJL8qbCBnn4JxJHTJmqG2RiYw==
5160
v7player.wostreaming.net/ Frame 2C48
2 KB
2 KB
Image
General
Full URL
https://v7player.wostreaming.net/5160?playerUrl=https%3A%2F%2F975now.com%2Flisten-live%2F
Requested by
Host: 975now.com
URL: https://975now.com/listen-live/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.197.136.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-197-136-214.compute-1.amazonaws.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v7player.wostreaming.net/5160?playerUrl=https%3A%2F%2F975now.com%2Flisten-live%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 23 Dec 2022 04:48:25 GMT
Last-Modified
Wed, 22 Jun 2022 16:08:38 GMT
ETag
W/"645-1818c2c3b70"
X-Powered-By
Express
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1605
SanFranciscoDisplay-Regular.otf
v7player.wostreaming.net/assets/fonts/ Frame 2C48
213 KB
214 KB
Font
General
Full URL
https://v7player.wostreaming.net/assets/fonts/SanFranciscoDisplay-Regular.otf
Requested by
Host: v7player.wostreaming.net
URL: https://v7player.wostreaming.net/v7player-792bf3e9.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.197.136.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-197-136-214.compute-1.amazonaws.com
Software
/ Express
Resource Hash
e550048aa8208aa0e9ece114c913d2097d5ad65073bb86d8d88fa37f137d0370

Request headers

Referer
https://v7player.wostreaming.net/v7player-792bf3e9.css
Origin
https://v7player.wostreaming.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 23 Dec 2022 04:48:25 GMT
Last-Modified
Wed, 22 Jun 2022 16:08:38 GMT
ETag
W/"35528-1818c2c3b70"
X-Powered-By
Express
Content-Type
font/otf
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
218408
SanFranciscoText-Bold.otf
v7player.wostreaming.net/assets/fonts/ Frame 2C48
207 KB
207 KB
Font
General
Full URL
https://v7player.wostreaming.net/assets/fonts/SanFranciscoText-Bold.otf
Requested by
Host: v7player.wostreaming.net
URL: https://v7player.wostreaming.net/v7player-792bf3e9.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.197.136.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-197-136-214.compute-1.amazonaws.com
Software
/ Express
Resource Hash
ea9b259fd4b1dbbb36b4e8738052f58d84a0de21386423630388d11fc5692bfe

Request headers

Referer
https://v7player.wostreaming.net/v7player-792bf3e9.css
Origin
https://v7player.wostreaming.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 23 Dec 2022 04:48:25 GMT
Last-Modified
Wed, 22 Jun 2022 16:08:38 GMT
ETag
W/"33be0-1818c2c3b70"
X-Powered-By
Express
Content-Type
font/otf
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
211936
/
log.pinterest.com/
0
338 B
Image
General
Full URL
https://log.pinterest.com/?type=pidget&guid=PwSGr5tPHxoo&tv=2021110201&event=init&sub=www&button_count=0&follow_count=0&pin_count=0&profile_count=0&board_count=0&section_count=0&lang=en&nvl=en-US&via=https%3A%2F%2F975now.com%2Flisten-live%2F
Requested by
Host: 975now.com
URL: https://975now.com/listen-live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-cache-hits
0
date
Fri, 23 Dec 2022 04:48:25 GMT
via
1.1 varnish
x-cache
MISS
x-envoy-upstream-service-time
4
x-pinterest-rid
8728153540864017
content-length
0
x-served-by
cache-hhn-etou8220098-HHN
pragma
no-cache
server
envoy
x-timer
S1671770906.573210,VS0,VE30
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
accept-ranges
bytes
expires
Sat, 01 Jan 2000 00:00:00 GMT
cb=gapi.loaded_2
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.ylZHJEOsguo.O/m=gapi_iframes_style_bubble/exm=auth,ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA/
27 KB
9 KB
Script
General
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.ylZHJEOsguo.O/m=gapi_iframes_style_bubble/exm=auth,ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA/cb=gapi.loaded_2?le=scs
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
411f21278180f62617f63716ff8a7db529f1f322e1dd4edc6723989c7fbe1a29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 19:12:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
207385
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9143
x-xss-protection
0
last-modified
Tue, 06 Dec 2022 15:21:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Dec 2023 19:12:00 GMT
subscribe_embed
www.youtube.com/ Frame F9EF
604 B
296 B
Document
General
Full URL
https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCb4btd4E7sUlYDYzOfhB8uw&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.ylZHJEOsguo.O%2Fd%3D1%2Frs%3DAHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA%2Fm%3D__features__
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
63ca3c78b1248e597d3d7e20ab2598deb13bd79f8af8c2c3e110801ddafb715d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://975now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
date
Fri, 23 Dec 2022 04:48:25 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
border_3.gif
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/
43 B
65 B
Image
General
Full URL
https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/border_3.gif
Requested by
Host: 975now.com
URL: https://975now.com/listen-live/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8de81a1acb5f3788959ecc04eaa6526d5bdb29991157cecbef71042268c0374
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 13:17:59 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
574226
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/gif
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sat, 16 Dec 2023 13:17:59 GMT
spacer.gif
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/
43 B
65 B
Image
General
Full URL
https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/spacer.gif
Requested by
Host: 975now.com
URL: https://975now.com/listen-live/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 17:15:50 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
559955
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/gif
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sat, 16 Dec 2023 17:15:50 GMT
bubbleSprite_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/
318 B
341 B
Image
General
Full URL
https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleSprite_3.png
Requested by
Host: 975now.com
URL: https://975now.com/listen-live/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
232334d177f358c07f8271994e6fc0c018abfce7c8910deb604de1440d741c45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 09:53:04 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
154521
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
318
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 21 Dec 2023 09:53:04 GMT
bubbleDropR_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/
116 B
139 B
Image
General
Full URL
https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleDropR_3.png
Requested by
Host: 975now.com
URL: https://975now.com/listen-live/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c7884164b248cb8d87de9edf64dc810e5753bb8ec0cd015800d7f39e08371c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 18:13:48 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
297277
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
116
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 19 Dec 2023 18:13:48 GMT
bubbleDropB_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/
117 B
140 B
Image
General
Full URL
https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleDropB_3.png
Requested by
Host: 975now.com
URL: https://975now.com/listen-live/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
984601230d8cbfe18370425e8e897037cc1a7adf831a691a9ede573cf44479d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 18:58:23 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
121802
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 21 Dec 2023 18:58:23 GMT
www-subscribe-embed-card_v0.css
www.youtube.com/s/subscriptions/subscribe_embed/css/ Frame F9EF
9 KB
2 KB
Stylesheet
General
Full URL
https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed-card_v0.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCb4btd4E7sUlYDYzOfhB8uw&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.ylZHJEOsguo.O%2Fd%3D1%2Frs%3DAHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA%2Fm%3D__features__
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fff7b5b76321e4080e4cf8a5b312d74a943b7ebc2aec9081ac7e17458123fcb2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCb4btd4E7sUlYDYzOfhB8uw&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.ylZHJEOsguo.O%2Fd%3D1%2Frs%3DAHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA%2Fm%3D__features__
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 05:28:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
83980
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2447
x-xss-protection
0
last-modified
Wed, 25 Nov 2020 01:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 22 Dec 2023 05:28:45 GMT
www-subscribe-embed-card_v0.js
www.youtube.com/s/subscriptions/subscribe_embed/js/ Frame F9EF
149 KB
44 KB
Script
General
Full URL
https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed-card_v0.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCb4btd4E7sUlYDYzOfhB8uw&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.ylZHJEOsguo.O%2Fd%3D1%2Frs%3DAHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA%2Fm%3D__features__
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1485460341dd7acce60bbff4b235101869025328e39f205fea7c0ea0f4b23ac6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCb4btd4E7sUlYDYzOfhB8uw&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.ylZHJEOsguo.O%2Fd%3D1%2Frs%3DAHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA%2Fm%3D__features__
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 10:38:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
583772
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44975
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 21:45:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 16 Dec 2023 10:38:53 GMT
tag
btloader.com/
93 KB
14 KB
Script
General
Full URL
https://btloader.com/tag?o=5642230212591616&upapi=true
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:78b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d9a27fd9dae745efd1e5cfa8230966e755516501b152a8a9783ed4045d3ead0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 04:48:25 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 23 Dec 2022 04:22:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1533
etag
W/"138b68441215f64763e7de4a1faed221"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H0ue4qxnh4uahV7gix0BUm29DljwYs3%2FdVCosNrZwSOpCBxlYMDMGxqkn6vbB7DJrfSKFHoVPC1TQ70s6hwM2tpL%2FKSu3Iz%2BNDl%2FSdm8gWm3cU6WvD1iJYWQo6sVK2htlcUWAqm0clm%2FUA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=86400
cf-ray
77de7701fc45bb50-FRA
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.ylZHJEOsguo.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA/ Frame F9EF
126 KB
42 KB
Script
General
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.ylZHJEOsguo.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA/cb=gapi.loaded_0
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed-card_v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eda5d5b702579e91e3fbaf5639ec7b66a1ecfd36f85c7c83066bbf78ace70aaf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 18 Dec 2022 06:31:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
425811
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42491
x-xss-protection
0
last-modified
Tue, 06 Dec 2022 15:21:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 18 Dec 2023 06:31:34 GMT
wp-banners.js
static.solutionshindsight.net/teju-webclient/
264 B
572 B
Script
General
Full URL
https://static.solutionshindsight.net/teju-webclient/wp-banners.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-8.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
24015e87dffbcb2aff83c109e1bb04da370a79c6a2a54b008dcf4a501db4473a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 04:48:26 GMT
content-encoding
gzip
via
1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
last-modified
Thu, 22 Dec 2022 16:52:58 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
etag
"5aa985d82f419ff61902a2b0028be12f"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
no-cache
accept-ranges
bytes
content-length
190
x-amz-cf-id
X_1SdmacbupKVTXq2XlN8b9DBxX70c08QsgaTTbTtgzeUTOJoD07Ow==
px.gif
ad-delivery.net/
43 B
948 B
Image
General
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: 975now.com
URL: https://975now.com/listen-live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 04:48:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
227691
x-guploader-uploadid
ADPycdtcZgdRu0Dbe_-zY88bQ8eIM69ORy5rFnERfb9QLa8uwe4zq9JKKnYv9jLk9eVUM-X-OLZWrFIeMh91sZ7iOqav3FUDQGrE
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EBQrNgt63dD3dCzW2cdGV%2F0VShtSuqvwHG5dmZK5qXVNOZIb%2FqavHWljrV5HAcvuZeks5dHbu2jsfMF2LUppzMjJHDYocimoQwSvM8R45TaWt7Ga9cl%2FPf%2Br%2F47%2FsQ4YDoIOfzpVeXiqpXa9SA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
77de77025e9592b4-FRA
expires
Tue, 20 Dec 2022 14:23:16 GMT
favicon.ico
ad.doubleclick.net/
1 KB
664 B
Image
General
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: 975now.com
URL: https://975now.com/listen-live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 14:11:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52593
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 23 Dec 2022 14:11:53 GMT
px.gif
ad-delivery.net/
43 B
337 B
Image
General
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.45937746086958886
Requested by
Host: 975now.com
URL: https://975now.com/listen-live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 04:48:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
227691
x-guploader-uploadid
ADPycdtcZgdRu0Dbe_-zY88bQ8eIM69ORy5rFnERfb9QLa8uwe4zq9JKKnYv9jLk9eVUM-X-OLZWrFIeMh91sZ7iOqav3FUDQGrE
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H7ptx3ycZdFH7tzvyYT%2FNPGlhLFcx62dNfx0X0YyQ%2FCsgADuBri7eoZD3VH7nrXQxwU86Y35C34q18Zdg2ZnrAUV6u9u5ewsuxNQ5Cr4kyVLXFV7VY7QVblcP0Gv9HE9FYke9JyeQ72G4uwr6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
77de77025e9792b4-FRA
expires
Tue, 20 Dec 2022 14:23:16 GMT
nsjs
action.media6degrees.com/orbserv/
Redirect Chain
  • https://action.dstillery.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=WJIMFM&ncv=24
  • https://action.media6degrees.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=WJIMFM&ncv=24
5 B
152 B
Script
General
Full URL
https://action.media6degrees.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=WJIMFM&ncv=24
Requested by
Host: 975now.com
URL: https://975now.com/listen-live/
Protocol
H2
Server
2606:4700::6812:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c370d9536d7d0d6a0f7cd7f9826692acd93e4fb05ba46f7b630b879740343d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 04:48:26 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/html;charset=ISO-8859-1
content-language
de-DE
access-control-allow-origin
*
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
cf-ray
77de770768179064-FRA

Redirect headers

location
https://action.media6degrees.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=WJIMFM&ncv=24
access-control-allow-origin
*
date
Fri, 23 Dec 2022 04:48:26 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
77de77037cee9064-FRA
content-type
text/html; charset=iso-8859-1
nsjs
action.media6degrees.com/orbserv/
Redirect Chain
  • https://action.dstillery.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=all_tsm_sv&ncv=24
  • https://action.media6degrees.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=all_tsm_sv&ncv=24
5 B
230 B
Script
General
Full URL
https://action.media6degrees.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=all_tsm_sv&ncv=24
Requested by
Host: 975now.com
URL: https://975now.com/listen-live/
Protocol
H2
Server
2606:4700::6812:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c370d9536d7d0d6a0f7cd7f9826692acd93e4fb05ba46f7b630b879740343d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 04:48:26 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/html;charset=ISO-8859-1
content-language
de-DE
access-control-allow-origin
*
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
cf-ray
77de770768159064-FRA

Redirect headers

location
https://action.media6degrees.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=all_tsm_sv&ncv=24
access-control-allow-origin
*
date
Fri, 23 Dec 2022 04:48:26 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
77de77037cef9064-FRA
content-type
text/html; charset=iso-8859-1
tsm-v7.css
tsm-css.s3.amazonaws.com/listenlive/wo/ Frame 2C48
722 B
1 KB
Stylesheet
General
Full URL
https://tsm-css.s3.amazonaws.com/listenlive/wo/tsm-v7.css
Requested by
Host: client
URL: about:client
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.174.97 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
a210472ac38302d7409cf51d970a784328f08d693bff372227dfc68b29c01b64

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v7player.wostreaming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 23 Dec 2022 04:48:27 GMT
Last-Modified
Wed, 29 Apr 2020 17:59:54 GMT
Server
AmazonS3
x-amz-request-id
RSYAMNYXRQ1TV5PF
ETag
"b2118a1be965a762626abf980e0f8f0f"
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
722
x-amz-id-2
mTmCduvU0pLefY5yKXFPV19OYgkD/xyDWYwxdRXdQSB3b8eOqeDCnHTZ4AUnxXOTmEnBvMf6yWc=
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 2C48
372 KB
125 KB
Script
General
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: v7player.wostreaming.net
URL: https://v7player.wostreaming.net/v7player-792bf3e9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b0e18d026f801cfbb4fdf886e99a811a4befbeb289daf315a8d30c963242943
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v7player.wostreaming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 04:48:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126857
x-xss-protection
0
expires
Fri, 23 Dec 2022 04:48:26 GMT
sdk.js
connect.facebook.net/en_US/ Frame 2C48
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: v7player.wostreaming.net
URL: https://v7player.wostreaming.net/v7player-792bf3e9.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7df09d7c88b7597e8fe1025839401e454daf81d5e4c3a51ff79ce9e227849fde
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v7player.wostreaming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 23 Dec 2022 04:48:26 GMT
content-md5
anQnONpzn/oUlDF0TsE0WA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
x-fb-rlafr
0
x-fb-debug
/BIN+7jzNym3AN4kPdomIo9kGt5/Ysv2CVfbV7tJcrMtjhWZe/1kqbCOnlKdZfcQinT6Hin/WN81YTlBYCDMkg==
x-fb-content-md5
defb5588a9e6330dec4da0fe59f7bc64
cross-origin-opener-policy
same-origin-allow-popups
etag
"1ea29dd4a3c520a9c84c451c3919af02"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
priority
u=3,i
expires
Fri, 23 Dec 2022 04:54:04 GMT
comments_icon.svg
v7player.wostreaming.net/assets/images/icons/ Frame 2C48
2 KB
2 KB
Image
General
Full URL
https://v7player.wostreaming.net/assets/images/icons/comments_icon.svg
Requested by
Host: 975now.com
URL: https://975now.com/listen-live/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.197.136.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-197-136-214.compute-1.amazonaws.com
Software
/ Express
Resource Hash
3b04308443b1a7829221d8b70278c8c241b72915951855c9e13199a5502dedbb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v7player.wostreaming.net/5160?playerUrl=https%3A%2F%2F975now.com%2Flisten-live%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 23 Dec 2022 04:48:26 GMT
Last-Modified
Wed, 22 Jun 2022 16:08:38 GMT
ETag
W/"805-1818c2c3b70"
X-Powered-By
Express
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2053
play_icon.svg
v7player.wostreaming.net/assets/images/icons/ Frame 2C48
566 B
880 B
Image
General
Full URL
https://v7player.wostreaming.net/assets/images/icons/play_icon.svg
Requested by
Host: 975now.com
URL: https://975now.com/listen-live/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.197.136.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-197-136-214.compute-1.amazonaws.com
Software
/ Express
Resource Hash
8480f9d30431883d66ead66d489fb5b84e55fec1ef298740d5e9057ac6fab7ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v7player.wostreaming.net/5160?playerUrl=https%3A%2F%2F975now.com%2Flisten-live%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 23 Dec 2022 04:48:26 GMT
Last-Modified
Wed, 22 Jun 2022 16:08:38 GMT
ETag
W/"236-1818c2c3b70"
X-Powered-By
Express
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
566
mute_icon.svg
v7player.wostreaming.net/assets/images/icons/ Frame 2C48
1 KB
1 KB
Image
General
Full URL
https://v7player.wostreaming.net/assets/images/icons/mute_icon.svg
Requested by
Host: 975now.com
URL: https://975now.com/listen-live/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.197.136.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-197-136-214.compute-1.amazonaws.com
Software
/ Express
Resource Hash
a4328f84095d3a834c790d9a4443a2595e56cb67ad6451a9a4b2c457c13bd2ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v7player.wostreaming.net/5160?playerUrl=https%3A%2F%2F975now.com%2Flisten-live%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 23 Dec 2022 04:48:26 GMT
Last-Modified
Wed, 22 Jun 2022 16:08:38 GMT
ETag
W/"455-1818c2c3b70"
X-Powered-By
Express
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1109
rewind-icon.svg
v7player.wostreaming.net/assets/images/icons/ Frame 2C48
191 B
504 B
Image
General
Full URL
https://v7player.wostreaming.net/assets/images/icons/rewind-icon.svg
Requested by
Host: 975now.com
URL: https://975now.com/listen-live/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.197.136.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-197-136-214.compute-1.amazonaws.com
Software
/ Express
Resource Hash
92366a2c5ab614cb93515a1f7283ea8d144f206a6a8c211037f4e8814cdf9e85

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v7player.wostreaming.net/5160?playerUrl=https%3A%2F%2F975now.com%2Flisten-live%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 23 Dec 2022 04:48:26 GMT
Last-Modified
Wed, 22 Jun 2022 16:08:38 GMT
ETag
W/"bf-1818c2c3b70"
X-Powered-By
Express
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
191
forward-icon.svg
v7player.wostreaming.net/assets/images/icons/ Frame 2C48
191 B
504 B
Image
General
Full URL
https://v7player.wostreaming.net/assets/images/icons/forward-icon.svg
Requested by
Host: 975now.com
URL: https://975now.com/listen-live/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.197.136.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-197-136-214.compute-1.amazonaws.com
Software
/ Express
Resource Hash
44083192a7c5ab22067a368f343e7748df51112eb2fca560382de61a6ae438e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v7player.wostreaming.net/5160?playerUrl=https%3A%2F%2F975now.com%2Flisten-live%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 23 Dec 2022 04:48:26 GMT
Last-Modified
Wed, 22 Jun 2022 16:08:38 GMT
ETag
W/"bf-1818c2c3b70"
X-Powered-By
Express
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
191
close.svg
v7player.wostreaming.net/assets/images/icons/ Frame 2C48
933 B
1 KB
Image
General
Full URL
https://v7player.wostreaming.net/assets/images/icons/close.svg
Requested by
Host: 975now.com
URL: https://975now.com/listen-live/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.197.136.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-197-136-214.compute-1.amazonaws.com
Software
/ Express
Resource Hash
2a8e9133bf942e3ab0adb33fba5caffa5c1b9c0030c1c10b30649c43ecfa0390

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v7player.wostreaming.net/5160?playerUrl=https%3A%2F%2F975now.com%2Flisten-live%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 23 Dec 2022 04:48:26 GMT
Last-Modified
Wed, 22 Jun 2022 16:08:38 GMT
ETag
W/"3a5-1818c2c3b70"
X-Powered-By
Express
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
933
image
v7player.wostreaming.net/ Frame 2C48
135 KB
136 KB
Image
General
Full URL
https://v7player.wostreaming.net/image?src=%2F%2Fs3.amazonaws.com%2FTSM-Mobile%2Fweb%2FWJIMFM_wideorbitbg.jpg&cb=1655914119000
Requested by
Host: 975now.com
URL: https://975now.com/listen-live/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.197.136.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-197-136-214.compute-1.amazonaws.com
Software
AmazonS3 / Express
Resource Hash
1726a6b151460112b54d7c2bd823147bf5b5b30eeb8a7bac83cf417871f3dcbe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v7player.wostreaming.net/5160?playerUrl=https%3A%2F%2F975now.com%2Flisten-live%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 04:48:27 GMT
last-modified
Wed, 20 Jun 2018 21:40:52 GMT
server
AmazonS3
x-amz-request-id
RSYA8KX8W776RAHR
etag
"e3984d8262cd36cb44d112e16197a5b9"
X-Powered-By
Express
content-type
image/jpeg
Access-Control-Allow-Origin
*
Connection
keep-alive
accept-ranges
bytes
Content-Length
138669
x-amz-id-2
+oR93XS7ghGPfdA30GPWaSZsKUL7EQ9vTq6XhChq1WJIEBEq8/HLszwdWHf908iFT9QMoOvYN+c=
jsonusermatch.ashx
p287.atemda.com/ Frame 2C48
2 KB
3 KB
XHR
General
Full URL
https://p287.atemda.com/jsonusermatch.ashx?pbId=287&pId0=121246582&uid=bf128b3c712d26dfa59c68bdb4a706cb&pc=1&rank0=1&ssl=1
Requested by
Host: v7player.wostreaming.net
URL: https://v7player.wostreaming.net/v7player-792bf3e9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.113.31 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
31.113.190.35.bc.googleusercontent.com
Software
/
Resource Hash
994110725b2c091b245271931293a3171a9ae7b55104b2018d22f2ea541abaa3

Request headers

Accept
application/json, text/plain, */*
Referer
https://v7player.wostreaming.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 04:48:25 GMT
via
1.1 google
access-control-allow-methods
GET
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP NID BUS UNI COM NAV INT STA OTC CURa ADMa DEVa PSAa PSDa OUR"
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
2519
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
jwplayer.js
v7player.wostreaming.net/assets/vendor/jwplayer/ Frame 2C48
112 KB
113 KB
Script
General
Full URL
https://v7player.wostreaming.net/assets/vendor/jwplayer/jwplayer.js
Requested by
Host: v7player.wostreaming.net
URL: https://v7player.wostreaming.net/v7player-792bf3e9.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.197.136.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-197-136-214.compute-1.amazonaws.com
Software
/ Express
Resource Hash
6b2f387031c2c3711da5a43718d4582b57241542568b0e486c7f4a028d6d5344

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v7player.wostreaming.net/5160?playerUrl=https%3A%2F%2F975now.com%2Flisten-live%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 23 Dec 2022 04:48:26 GMT
Last-Modified
Wed, 22 Jun 2022 16:08:38 GMT
ETag
W/"1c184-1818c2c3b70"
X-Powered-By
Express
Content-Type
application/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
115076
WJIMFM_wideorbitlogo.png
s3.amazonaws.com/TSM-Mobile/web/ Frame 2C48
20 KB
20 KB
Image
General
Full URL
https://s3.amazonaws.com/TSM-Mobile/web/WJIMFM_wideorbitlogo.png
Requested by
Host: 975now.com
URL: https://975now.com/listen-live/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.195.248 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
e7b459d354bdd2193c0b951801d62b5a054b7c1b41e2aac3047a01e3be6ece9d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v7player.wostreaming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 23 Dec 2022 04:48:27 GMT
Last-Modified
Wed, 20 Jun 2018 21:40:56 GMT
Server
AmazonS3
x-amz-request-id
RSYFN534P9RYHYTK
ETag
"60574721443dae91540de4f59bb56bdd"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
20599
x-amz-id-2
kGPQTX+ypcvwtBNX9vzMwAwxqfqAqfUKZjEo1CzRAlwZwQLUxTK67twUnsOBwmdeuH+WAccDhBU=
ads.js
v7player.wostreaming.net/ Frame 2C48
0
334 B
Script
General
Full URL
https://v7player.wostreaming.net/ads.js
Requested by
Host: v7player.wostreaming.net
URL: https://v7player.wostreaming.net/v7player-792bf3e9.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.197.136.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-197-136-214.compute-1.amazonaws.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v7player.wostreaming.net/5160?playerUrl=https%3A%2F%2F975now.com%2Flisten-live%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 23 Dec 2022 04:48:26 GMT
Last-Modified
Wed, 22 Jun 2022 16:08:38 GMT
ETag
W/"0-1818c2c3b70"
X-Powered-By
Express
Content-Type
application/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
0
nowplaying.json
prt.wostreaming.net/prt/nowplaying/2/20/3635/ Frame 2C48
19 B
564 B
XHR
General
Full URL
https://prt.wostreaming.net/prt/nowplaying/2/20/3635/nowplaying.json
Requested by
Host: v7player.wostreaming.net
URL: https://v7player.wostreaming.net/v7player-792bf3e9.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-111.fra53.r.cloudfront.net
Software
Apache/2.4.54 () OpenSSL/1.0.2k-fips /
Resource Hash
bde44eccac80c71dd86d89030245d1b2e605e94d2b00159a421797000a75475a

Request headers

Accept
application/json, text/plain, */*
Referer
https://v7player.wostreaming.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 23 Dec 2022 04:48:25 GMT
Via
1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
Server
Apache/2.4.54 () OpenSSL/1.0.2k-fips
X-Amz-Cf-Pop
FRA53-C1
Access-Control-Allow-Methods
GET, OPTIONS, HEAD, PUT, POST
Content-Type
application/json;charset=ISO-8859-1
Access-Control-Allow-Origin
https://v7player.wostreaming.net
X-Cache
Miss from cloudfront
Cache-Control
max-age=30
Connection
keep-alive
Content-Length
19
X-Amz-Cf-Id
CIK03esSkIRHA3YfZXW0DISOm0QFjx_gG8KYLNzKN88DuYpAgntacQ==
country
api.btloader.com/
16 B
203 B
Fetch
General
Full URL
https://api.btloader.com/country
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 04:48:26 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
pv
api.btloader.com/
0
66 B
XHR
General
Full URL
https://api.btloader.com/pv?tid=uz9GLaX7Ua&w=5740800060162048&o=5642230212591616&cv=2.1.03-1-g6247d5c&r=false&vr=1600x1200&pageURL=https%3A%2F%2F975now.com%2Flisten-live%2F&sid=YGscQBRs&upapi=true
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5642230212591616&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 23 Dec 2022 04:48:26 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
sdk.js
connect.facebook.net/en_US/ Frame 2C48
306 KB
86 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=f685e0df77772973c0c33e8850045bc1
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d1bda1899ff65d6976d36ab217c6df87122fe1e3f1698e1aa7084ef08eb5e36e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://v7player.wostreaming.net/
Origin
https://v7player.wostreaming.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 23 Dec 2022 04:48:26 GMT
content-md5
hk85FVeCjNgaAnH3Dv7vyA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88474
x-fb-rlafr
0
x-fb-debug
J11ZEGwOZpGWwTpDs3xqqjuyNzSkD8M5dDJiy3IeNzZT0GC/FH+FBx3+mWspgH1gtegcXBxPjUtjvqSlfW9sCg==
x-fb-content-md5
7d2f0972f7054b1ea9ce14104adf56b6
cross-origin-opener-policy
same-origin-allow-popups
etag
"5189687b84e583b4417cd5f5f5f443be"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sat, 23 Dec 2023 02:37:15 GMT
status
www.facebook.com/x/oauth/ Frame 2C48
0
0
Fetch
General
Full URL
https://www.facebook.com/x/oauth/status?ancestor_origins=https%3A%2F%2F975now.com&client_id=142428785927889&input_token&origin=1&redirect_uri=https%3A%2F%2Fv7player.wostreaming.net%2F5160%3FplayerUrl%3Dhttps%253A%252F%252F975now.com%252Flisten-live%252F&sdk=joey&wants_cookie_data=false
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=f685e0df77772973c0c33e8850045bc1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v7player.wostreaming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
date
Fri, 23 Dec 2022 04:48:26 GMT
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
alt-svc
h3=":443"; ma=86400
content-length
0
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
LGOaHNRYMIr3YuwCVWeZf6SzmBiroaG8s27JSBJ9LBrDJ7KOHHOc7nOZvouyKxVTbkEruZfvvlRKk3EOmCaP+g==
fb-s
unknown
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://v7player.wostreaming.net
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ Frame 2C48
0
15 B
Image
General
Full URL
https://www.facebook.com/tr/?id=142428785927889&ev=fb_page_view&dl=https%3A%2F%2Fv7player.wostreaming.net%2F5160%3FplayerUrl%3Dhttps%253A%252F%252F975now.com%252Flisten-live%252F&rl=https%3A%2F%2F975now.com%2F&if=true&ts=1671770906271&sw=1600&sh=1200&at=
Requested by
Host: 975now.com
URL: https://975now.com/listen-live/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v7player.wostreaming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 23 Dec 2022 04:48:26 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
usync.html
eus.rubiconproject.com/ Frame 70A4
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=21134&endpoint=us-west
  • https://eus.rubiconproject.com/usync.html?p=21134&endpoint=us-west
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=21134&endpoint=us-west
Requested by
Host: v7player.wostreaming.net
URL: https://v7player.wostreaming.net/v7player-792bf3e9.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://v7player.wostreaming.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 23 Dec 2022 04:48:26 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 23 Dec 2022 04:48:26 GMT
location
https://eus.rubiconproject.com/usync.html?p=21134&endpoint=us-west
server
AkamaiGHost
UserMatch.ashx
gc-ue2.atemda.com/ Frame 2C48
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=560724&ev=D1712FD587A1C44E&rurl=https%3a%2f%2fgc-ue2.atemda.com%2fUserMatch.ashx%3fbidderid%3DGKvHaHB3U3GdVtJTjnLX7O%2fXL2cPAo9PraapRuHc4aC6bO6xMePXxGojjGPwO9...
  • https://gc-ue2.atemda.com/UserMatch.ashx?bidderid=GKvHaHB3U3GdVtJTjnLX7O/XL2cPAo9PraapRuHc4aC6bO6xMePXxGojjGPwO9tk+ButD4gu/l2KI59qtgNXe928ttkbpn1gB/AkYb57ADw=&bidderuid=JiEompyhTi82&ev=D1712FD587A1...
43 B
906 B
Image
General
Full URL
https://gc-ue2.atemda.com/UserMatch.ashx?bidderid=GKvHaHB3U3GdVtJTjnLX7O/XL2cPAo9PraapRuHc4aC6bO6xMePXxGojjGPwO9tk+ButD4gu/l2KI59qtgNXe928ttkbpn1gB/AkYb57ADw=&bidderuid=JiEompyhTi82&ev=D1712FD587A1C44E&pid=560724
Requested by
Host: 975now.com
URL: https://975now.com/listen-live/
Protocol
H2
Server
35.190.113.31 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
31.113.190.35.bc.googleusercontent.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v7player.wostreaming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 04:48:25 GMT
via
1.1 google
access-control-allow-methods
GET
p3p
CP="NOI DSP NID BUS UNI COM NAV INT STA OTC CURa ADMa DEVa PSAa PSDa OUR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 23 Dec 2022 04:48:26 GMT

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
location
https://gc-ue2.atemda.com/UserMatch.ashx?bidderid=GKvHaHB3U3GdVtJTjnLX7O/XL2cPAo9PraapRuHc4aC6bO6xMePXxGojjGPwO9tk+ButD4gu/l2KI59qtgNXe928ttkbpn1gB/AkYb57ADw=&bidderuid=JiEompyhTi82&ev=D1712FD587A1C44E&pid=560724
content-language
de-DE
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-7b977cc7b4-4t6t6
expires
-1
uuid
nodeny.targetspot.com/callback/ Frame 2C48
0
0

UserMatch.ashx
gc-ue2.atemda.com/ Frame 2C48
Redirect Chain
  • https://synchroscript.deliveryengine.adswizz.com/getUID?curl=https%3A%2F%2Fgc-ue2.atemda.com%2FUserMatch.ashx%3Fbidderid%3Dju4ARgHPtl3bzDas22HNE17NiSiHS3sF%2bopX%2bLYapExEzccJh9qojQbbqFU8A2LoDXCAvc...
  • https://gc-ue2.atemda.com/UserMatch.ashx?bidderid=ju4ARgHPtl3bzDas22HNE17NiSiHS3sF+opX+LYapExEzccJh9qojQbbqFU8A2LoDXCAvcNRiNsTMdrtm5zKM0mKre+KYAf3ldelPKFUIrI=&bidderuid=9c45c8a1f701a44bf3bd2839e309...
43 B
1 KB
Image
General
Full URL
https://gc-ue2.atemda.com/UserMatch.ashx?bidderid=ju4ARgHPtl3bzDas22HNE17NiSiHS3sF+opX+LYapExEzccJh9qojQbbqFU8A2LoDXCAvcNRiNsTMdrtm5zKM0mKre+KYAf3ldelPKFUIrI=&bidderuid=9c45c8a1f701a44bf3bd2839e3097740
Requested by
Host: 975now.com
URL: https://975now.com/listen-live/
Protocol
H2
Server
35.190.113.31 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
31.113.190.35.bc.googleusercontent.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v7player.wostreaming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 04:48:26 GMT
via
1.1 google
access-control-allow-methods
GET
p3p
CP="NOI DSP NID BUS UNI COM NAV INT STA OTC CURa ADMa DEVa PSAa PSDa OUR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 23 Dec 2022 04:48:26 GMT

Redirect headers

Date
Fri, 23 Dec 2022 04:48:26 GMT
X-Clacks-Overhead
GNU Terry Pratchett
X-Adswizz-request-id
09d99250-827d-11ed-a7a7-029584a551d1
Instance-id
i-0c56dc140c0fb88f3
Location
https://gc-ue2.atemda.com/UserMatch.ashx?bidderid=ju4ARgHPtl3bzDas22HNE17NiSiHS3sF+opX+LYapExEzccJh9qojQbbqFU8A2LoDXCAvcNRiNsTMdrtm5zKM0mKre+KYAf3ldelPKFUIrI=&bidderuid=9c45c8a1f701a44bf3bd2839e3097740
Connection
keep-alive
Content-Length
0
X-Application-Context
application:production
UserMatch.ashx
atemda.com/ Frame 2C48
Redirect Chain
  • https://fksnk.com/cs/wo?
  • https://atemda.com/UserMatch.ashx?bidderid=118&bidderuid=E5921868736836A7
43 B
904 B
Image
General
Full URL
https://atemda.com/UserMatch.ashx?bidderid=118&bidderuid=E5921868736836A7
Requested by
Host: 975now.com
URL: https://975now.com/listen-live/
Protocol
H2
Server
35.190.113.31 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
31.113.190.35.bc.googleusercontent.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v7player.wostreaming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 04:48:26 GMT
via
1.1 google
access-control-allow-methods
GET
p3p
CP="NOI DSP NID BUS UNI COM NAV INT STA OTC CURa ADMa DEVa PSAa PSDa OUR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 23 Dec 2022 04:48:26 GMT

Redirect headers

location
https://atemda.com/UserMatch.ashx?bidderid=118&bidderuid=E5921868736836A7
date
Fri, 23 Dec 2022 04:48:26 GMT
content-language
en-US
content-type
text/html;charset=ISO-8859-1
image
v7player.wostreaming.net/ Frame 2C48
135 KB
136 KB
Image
General
Full URL
https://v7player.wostreaming.net/image?src=%2F%2Fs3.amazonaws.com%2FTSM-Mobile%2Fweb%2FWJIMFM_wideorbitbg.jpg&cb=1655914119000
Requested by
Host: v7player.wostreaming.net
URL: https://v7player.wostreaming.net/v7player-792bf3e9.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.197.136.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-197-136-214.compute-1.amazonaws.com
Software
AmazonS3 / Express
Resource Hash
1726a6b151460112b54d7c2bd823147bf5b5b30eeb8a7bac83cf417871f3dcbe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v7player.wostreaming.net/5160?playerUrl=https%3A%2F%2F975now.com%2Flisten-live%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 04:48:27 GMT
last-modified
Wed, 20 Jun 2018 21:40:52 GMT
server
AmazonS3
x-amz-request-id
RSY45HFM5BVN31TY
etag
"e3984d8262cd36cb44d112e16197a5b9"
X-Powered-By
Express
content-type
image/jpeg
Access-Control-Allow-Origin
*
Connection
keep-alive
accept-ranges
bytes
Content-Length
138669
x-amz-id-2
htkrbBtA3WsX31kuJcvZvWokaJvIgo/NJ5MUozP9UJtaVFO1H78id517g91a/gKvBsMLQnpBK/g=
usync.js
eus.rubiconproject.com/ Frame 70A4
34 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=21134&endpoint=us-west
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
bd174ee329b0758153d639b11a90dd7d91b51d0dbd029506ba041aa43feb119a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=21134&endpoint=us-west
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 23 Dec 2022 04:48:26 GMT
Content-Encoding
gzip
Last-Modified
Thu, 22 Dec 2022 15:36:50 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=38904
Connection
keep-alive
Content-Length
10067
Expires
Fri, 23 Dec 2022 15:36:50 GMT
bridge3.549.0_en.html
imasdk.googleapis.com/js/core/ Frame 3208
693 KB
222 KB
Document
General
Full URL
https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
95b968e13d205a7842b355f9bd82f9f64f6f272ff0810734c49d2bb89d64a336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://v7player.wostreaming.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
185709
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
227324
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Wed, 21 Dec 2022 01:13:17 GMT
expires
Thu, 21 Dec 2023 01:13:17 GMT
last-modified
Fri, 09 Dec 2022 15:29:50 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame 2C48
44 KB
17 KB
Script
General
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v7player.wostreaming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 04:48:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 23 Dec 2022 04:48:26 GMT
jwpsrv.js
ssl.p.jwpcdn.com/player/v/8.23.2/ Frame 2C48
62 KB
19 KB
Script
General
Full URL
https://ssl.p.jwpcdn.com/player/v/8.23.2/jwpsrv.js
Requested by
Host: v7player.wostreaming.net
URL: https://v7player.wostreaming.net/assets/vendor/jwplayer/jwplayer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d8de3829d2383650a9308f175c7017fe6f3a60c3888d6d61e089f9b19141323

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v7player.wostreaming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 04:48:26 GMT
content-encoding
gzip
via
1.1 varnish
age
429
x-cache
HIT
content-length
18857
x-served-by
cache-hhn-etou8220036-HHN
last-modified
Fri, 29 Jul 2022 17:51:24 GMT
server
AmazonS3
x-timer
S1671770907.990018,VS0,VE1
etag
"662d21d9cc48caa9758882be57e10e92"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=900, immutable
accept-ranges
bytes
x-cache-hits
1
jwplayer.core.controls.js
ssl.p.jwpcdn.com/player/v/8.23.2/ Frame 2C48
306 KB
78 KB
Script
General
Full URL
https://ssl.p.jwpcdn.com/player/v/8.23.2/jwplayer.core.controls.js
Requested by
Host: v7player.wostreaming.net
URL: https://v7player.wostreaming.net/assets/vendor/jwplayer/jwplayer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2671d7c7400b9398aea12a761c1f7bc098223f42e5a92f0eb3fa7bd94b54d58f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v7player.wostreaming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 04:48:26 GMT
content-encoding
gzip
via
1.1 varnish
age
1303089
x-cache
HIT
content-length
79857
x-served-by
cache-hhn-etou8220036-HHN
last-modified
Tue, 09 Nov 2021 01:47:43 GMT
server
AmazonS3
x-timer
S1671770907.990181,VS0,VE0
etag
"32c20a53ba64701a340ade1a01722519"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
123
provider.hlsjs.js
ssl.p.jwpcdn.com/player/v/8.23.2/ Frame 2C48
409 KB
113 KB
Script
General
Full URL
https://ssl.p.jwpcdn.com/player/v/8.23.2/provider.hlsjs.js
Requested by
Host: v7player.wostreaming.net
URL: https://v7player.wostreaming.net/assets/vendor/jwplayer/jwplayer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
eee332deb5eab5716edb7def6ca596a51a534291628de431c6af15c6af5cb02a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v7player.wostreaming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 04:48:26 GMT
content-encoding
gzip
via
1.1 varnish
age
360046
x-cache
HIT
content-length
115635
x-served-by
cache-hhn-etou8220036-HHN
last-modified
Tue, 09 Nov 2021 01:47:47 GMT
server
AmazonS3
x-timer
S1671770907.990139,VS0,VE0
etag
"1c88507d973b9bb0be2dbb7e6fbed2c7"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
54
like.php
www.facebook.com/v2.8/plugins/ Frame 50A9
0
20 B
Document
General
Full URL
https://www.facebook.com/v2.8/plugins/like.php?action=like&app_id=1302639166803547&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df5ccb1f3735c7c%26domain%3D975now.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252F975now.com%252Ff31531fd1130594%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2F975now&layout=button&locale=en_US&sdk=joey&share=false&show_faces=false&width=47px
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://975now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html;charset=utf-8
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 23 Dec 2022 04:48:26 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
priority
u=3,i
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-content-type-options
nosniff
x-fb-debug
ACtfTj/zwZK5XW6qaMEKI5el5Aubi36zOUAGqkh77XNZvdzoNhe8FCodBaMX3q/xhjydsQ1xermuTxRCxx2Vtg==
x-xss-protection
0
sync.php
pixel-us-west.rubiconproject.com/exchange/ Frame 70A4
0
239 B
Image
General
Full URL
https://pixel-us-west.rubiconproject.com/exchange/sync.php?p=21134&khaos=LC018DDZ-K-CVD7
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.39.36.142 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
b2a5c63b17f16a8024ffc6259157eaa8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
townsquare-wjimfmaac-hlsc3.m3u8
prod-54-87-129-189.wostreaming.net/ Frame 2C48
Redirect Chain
  • https://live.wostreaming.net/manifest/townsquare-wjimfmaac-hlsc3.m3u8?source=v7player&user-id=bf128b3c712d26dfa59c68bdb4a706cb&us_privacy=1---
  • https://prod-54-87-129-189.wostreaming.net/townsquare-wjimfmaac-hlsc3.m3u8?source=v7player&user-id=bf128b3c712d26dfa59c68bdb4a706cb&us_privacy=1---
579 B
784 B
XHR
General
Full URL
https://prod-54-87-129-189.wostreaming.net/townsquare-wjimfmaac-hlsc3.m3u8?source=v7player&user-id=bf128b3c712d26dfa59c68bdb4a706cb&us_privacy=1---
Protocol
HTTP/1.1
Server
54.87.129.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-129-189.compute-1.amazonaws.com
Software
/
Resource Hash
41067f1a228895ed6af13b0928a0fd036ad14c76922f1732162f614dbe895b66

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v7player.wostreaming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 23 Dec 2022 04:48:25 GMT
Cache-Control
no-cache, no-store
Content-Type
audio/mpegurl
Transfer-Encoding
chunked
Expires
-1

Redirect headers

Date
Fri, 23 Dec 2022 04:48:27 GMT
Server
nginx/1.20.1
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
https://v7player.wostreaming.net
Location
https://prod-54-87-129-189.wostreaming.net/townsquare-wjimfmaac-hlsc3.m3u8?source=v7player&user-id=bf128b3c712d26dfa59c68bdb4a706cb&us_privacy=1---
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 70A4
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MmE5MDBiNmU4ZGZkYzdiYmE1OTg3YzExNjMzZTFhMjRiYWM1MDhiYQ
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MmE5MDBiNmU4ZGZkYzdiYmE1OTg3YzExNjMzZTFhMjRiYWM1MDhiYQ&google_tc=
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MmE5MDBiNmU4ZGZkYzdiYmE1OTg3YzExNjMzZTFhMjRiYWM1MDhiYQ&google_tc=
Protocol
H3
Server
142.251.39.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 04:48:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 23 Dec 2022 04:48:27 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MmE5MDBiNmU4ZGZkYzdiYmE1OTg3YzExNjMzZTFhMjRiYWM1MDhiYQ&google_tc=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 70A4
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Yh1YRGm-SeuvDPHGiTBdbA&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Yh1YRGm-SeuvDPHGiTBdbA
43 B
479 B
Image
General
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Yh1YRGm-SeuvDPHGiTBdbA
Protocol
HTTP/1.1
Server
52.94.220.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Dec 2022 04:48:27 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
1X1J1XZ3NV0RSBE2Q6HH
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Yh1YRGm-SeuvDPHGiTBdbA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame 70A4
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LC018DDZ-K-CVD7
0
707 B
Image
General
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LC018DDZ-K-CVD7
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 04:48:27 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 39629E40BA594EE3BA190C458BA1CA0C Ref B: FRAEDGE1115 Ref C: 2022-12-23T04:48:27Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXwd38To1SXT5NjGI7eRA==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LC018DDZ-K-CVD7
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 70A4
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEMwMThERFotSy1DVkQ3
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEMwMThERFotSy1DVkQ3&google_tc=
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEMwMThERFotSy1DVkQ3&google_tc=
Protocol
H3
Server
142.251.39.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 04:48:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 23 Dec 2022 04:48:27 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEMwMThERFotSy1DVkQ3&google_tc=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 70A4
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=74F9DGeiStKwp25K8Zltrg&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=74F9DGeiStKwp25K8Zltrg
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=74F9DGeiStKwp25K8Zltrg
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Dec 2022 04:48:27 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
TM23MENZMG9A1JFKE33Y
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=74F9DGeiStKwp25K8Zltrg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 70A4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm=&google_sc=&google_tc=
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOkPT1k5kbkkrGulgNT7-2o&google_cver=1
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOkPT1k5kbkkrGulgNT7-2o&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Fri, 23 Dec 2022 04:48:27 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOkPT1k5kbkkrGulgNT7-2o&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rubicon
match.adsrvr.org/track/cmf/ Frame 70A4
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 23 Dec 2022 04:48:27 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
tap.php
pixel.rubiconproject.com/ Frame 70A4
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/sqLogridPwFGvSNMOeNH5w?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-ZlqLeXNE2oKM38FaCfc5MTJdFlenUMEWoe8JqA--~A
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-ZlqLeXNE2oKM38FaCfc5MTJdFlenUMEWoe8JqA--~A
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Fri, 23 Dec 2022 04:48:27 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-ZlqLeXNE2oKM38FaCfc5MTJdFlenUMEWoe8JqA--~A
content-length
0
getmediavast.php
api.clarity.amperwave.net/gateway/ Frame 3208
2 KB
2 KB
XHR
General
Full URL
https://api.clarity.amperwave.net/gateway/getmediavast.php?source=v7player&station_id=5160
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.161.107.103 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-161-107-103.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
0ac97c3debcbc74cca8ea6f0425eea4bd2167dc6740dc8c4ece5565fec3b31b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://imasdk.googleapis.com
Date
Fri, 23 Dec 2022 04:48:27 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0
Connection
keep-alive
transfer-encoding
chunked
Content-Type
text/xml;charset=UTF-8
pubcid.min.js
townsquare.media/public/resources/js/
57 KB
18 KB
Script
General
Full URL
https://townsquare.media/public/resources/js/pubcid.min.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.144.129 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (sgb/C6EA) / Express
Resource Hash
f557eace0ab7f5c416209ea3b01c21e6bb36e52bb87b8e1ddc762c9b4ad2f94f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-abgroup
A
date
Fri, 23 Dec 2022 04:48:27 GMT
content-encoding
gzip
via
1.1 varnish
age
37292
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
18369
last-modified
Tue, 30 Mar 2021 01:10:29 GMT
server
ECS (sgb/C6EA)
etag
W/"e26f-17880ae9b2e"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
2290374827 2290374758
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
expires
Fri, 23 Dec 2022 04:48:26 GMT
ads
pagead2.googlesyndication.com/gampad/ Frame 3208
124 B
125 B
XHR
General
Full URL
https://pagead2.googlesyndication.com/gampad/ads?iu=%2F8328825%2FLocal%2FLansing%2FWJIM%2FbrandedApp%2FAudioVideoPlayer&description_url=https%3A%2F%2F975now.com%2Flisten-live&tfcd=0&npa=0&ad_type=audio_video&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&sdkv=h.3.549.0&osd=2&frm=2&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&gdpr=1&gdpr_consent=tcunavailable&sdki=445&ptt=20&adk=3841967284&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.549.0&sid=6F68EC07-5269-456B-A0C0-8779444104E8&nel=0&eid=44748969%2C44765701&ref=https%3A%2F%2F975now.com%2F&url=https%3A%2F%2F975now.com%2F&dlt=1671770903623&idt=3301&dt=1671770907688&correlator=329034174266354&scor=2907096636157475&ged=ve4_td4_tt1_pd4_la4000_er0.0.0.0_vi0.0.480.980_vp0_ts1_eb16747
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de9727942565b2603765eceb0a311d44cf38cdd731db72acf0f207e776f491b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 04:48:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
98
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
eb2.3lift.com/ Frame D3BF
37 B
140 B
Document
General
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://975now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Fri, 23 Dec 2022 04:48:27 GMT
/
onetag-sys.com/usync/ Frame 13D5
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?cb=1671770904293
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://975now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
2000775.html
sync.serverbid.com/ss/ Frame 797E
4 KB
2 KB
Document
General
Full URL
https://sync.serverbid.com/ss/2000775.html
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-127.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dc99a8df7b6ee1496ed732d875e0aee5ce128caded7686c8410e8b9d9368a821

Request headers

Referer
https://975now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
75927
content-encoding
gzip
content-type
text/html
date
Thu, 22 Dec 2022 07:44:33 GMT
etag
W/"126821f1ceaace2af172a44f8b01eab0"
last-modified
Thu, 08 Dec 2022 21:13:54 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 355e7d579c41c1dcc2113e41403be662.cloudfront.net (CloudFront)
x-amz-cf-id
i0UKFbBN3iE3A1-myjxieZi9VVGs9K3VIVVctvlfoDDyOUNtv_c9NA==
x-amz-cf-pop
FRA56-C2
x-cache
Hit from cloudfront
ixmatch.html
js-sec.indexww.com/um/ Frame 56BA
3 KB
2 KB
Document
General
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://975now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1136
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
77de770dc98a9b9a-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 23 Dec 2022 04:48:27 GMT
expires
Fri, 23 Dec 2022 08:48:27 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame 5E20
21 KB
8 KB
Document
General
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUMP71D3&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.38.97 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-38-97.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
31dba8981e85e61638b599eb4bdd156b3779589041fe500ef42d32b308e27f3e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://975now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
7834
content-type
text/html; charset=UTF-8
date
Fri, 23 Dec 2022 04:48:27 GMT
expires
Sun, 25 Dec 2022 04:48:27 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
pd
u.openx.net/w/1.0/ Frame E065
0
91 B
Document
General
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://975now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Fri, 23 Dec 2022 04:48:27 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
usync.html
eus.rubiconproject.com/ Frame 2399
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://975now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 23 Dec 2022 04:48:27 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
usersync.html
cdn.undertone.com/js/ Frame 655D
9 KB
3 KB
Document
General
Full URL
https://cdn.undertone.com/js/usersync.html
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:2000:1f:2473:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
629d62adfad8d2674fb6b83a8ba85e3d76dd9f0e63a7a51b5753d0ea223af396

Request headers

Referer
https://975now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
17074
content-encoding
gzip
content-type
text/html
date
Fri, 23 Dec 2022 00:03:54 GMT
etag
W/"5622b32305c47b2be916a6c424eed515"
last-modified
Mon, 07 Nov 2022 14:19:07 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 34435958fa6d40b77fd22fa1c1f56176.cloudfront.net (CloudFront)
x-amz-cf-id
NZy-LYo9ouT7XjUw37fLJuVVFq_AjUNfpuLFHlFLMU52xtuVGhPRgw==
x-amz-cf-pop
FRA56-C2
x-amz-replication-status
COMPLETED
x-amz-version-id
FcgX1qjTYQoJcn.Q.j6.Q9icc5uN_Nnv
x-cache
Hit from cloudfront
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4CF6
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156725
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://975now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=41499
content-encoding
gzip
content-length
5554
content-type
text/html
date
Fri, 23 Dec 2022 04:48:27 GMT
expires
Fri, 23 Dec 2022 16:20:06 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
9.gif
id5-sync.com/s/441/
43 B
1 KB
Image
General
Full URL
https://id5-sync.com/s/441/9.gif?puid=&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Fri, 23 Dec 2022 04:48:27 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"
usync.js
eus.rubiconproject.com/ Frame 2399
34 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
bd174ee329b0758153d639b11a90dd7d91b51d0dbd029506ba041aa43feb119a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 23 Dec 2022 04:48:27 GMT
Content-Encoding
gzip
Last-Modified
Thu, 22 Dec 2022 15:36:50 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=38903
Connection
keep-alive
Content-Length
10067
Expires
Fri, 23 Dec 2022 15:36:50 GMT
usermatch
ssum-sec.casalemedia.com/ Frame F6E3
54 B
352 B
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPkcVsAPkcVsAAXADAENCwCgAAAAAH_AAAAAAAASZAJMNW4gC7MscGbQMIoEQIwrCQigUAEFAMLRAQAODgp2VgE-sIEACAUARgRAhwBRgQCAAASAJCIAJAiwQAAAiAQAAgAQCIQAMDAILACwMAgABANAxRCgAECQAyICIpTAgKgSCAlsqEEoLpDTCAKssAKARGwUACIJARWAAICwcAwRICViwQJMUb5ACMEKAUSoVqKT0wAA.YAAAAAAAAAAA&d=https%3A%2F%2F975now.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
77de770e5c8d9a0b-FRA
content-encoding
br
content-type
text/html
date
Fri, 23 Dec 2022 04:48:27 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iNH%2B5l%2BKTLVfDl3uixrMyQgdDtP9DFmS%2FR0Db%2Bybqp0SB8b0O%2BmvySiRrkOYFjKXvM1frLzdWrqAMdasg7CRRDXUW0q7MQqv05eJZM7e5V7ZyR%2F3z1BLAYY%2BMRXQHzfUYc2GvsBz8eUYIA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
register2.php
synchrobox.adswizz.com/ Frame 797E
589 B
1 KB
Script
General
Full URL
https://synchrobox.adswizz.com/register2.php
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.167.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-167-52.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
24f8e96053b8b78171c451bed4e41315282f13fd94d3f02947fe75f825b5076e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Methods
GET, HEAD, OPTIONS, POST, PUT
P3P
CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Access-Control-Allow-Origin
*
content-type
text/javascript
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization
Content-Length
589
SynchroClient2.js
cdn.adswizz.com/adswizz/js/ Frame 797E
9 KB
9 KB
Script
General
Full URL
https://cdn.adswizz.com/adswizz/js/SynchroClient2.js
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-55.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dc3a0e2e935e1287780338713472a6ab77cfddcd82259c9d6bb4317de0d93898

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 19:00:29 GMT
via
1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
last-modified
Tue, 15 Sep 2020 06:28:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
35280
etag
"3a38a4c45e3aa46a58e390f0b0baebfd"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
9187
x-amz-cf-id
Dbxd4m9QqWzR3TetndS74Vv1RRe9FB3n-hUvwUUaIdK4084CIYswig==
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame AF24
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://sync.serverbid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=41499
content-encoding
gzip
content-length
5554
content-type
text/html
date
Fri, 23 Dec 2022 04:48:27 GMT
expires
Fri, 23 Dec 2022 16:20:06 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
rid
match.adsrvr.org/track/ Frame 797E
63 B
392 B
Fetch
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
a24927ae400182ae906574c9c5ea9a47034d7c13579392e027dca0a04e6db380

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 04:48:27 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://sync.serverbid.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Sun, 22 Jan 2023 04:48:27 GMT
pixel
ap.lijit.com/ Frame 797E
0
277 B
Image
General
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D4%26spui%3D%26dpui%3D%24UID
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 23 Dec 2022 04:48:27 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
usersync
x.serverbid.com/ Frame 797E
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D&s=185073&C=1
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Y6UzG4UZ4Ac70Z2UgRvQtAAA%265131
35 B
241 B
Image
General
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Y6UzG4UZ4Ac70Z2UgRvQtAAA%265131
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 04:48:28 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

pragma
no-cache
date
Fri, 23 Dec 2022 04:48:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rOsMMy982E0YwRMLl%2FU7QqThy8pRpHTTgTx%2B8e2qcFN1zGsNjv8VIcOvue3yx3ARvssdsMunbtGVNv%2Ba1q7hB47EtqgFenRNJQml4p3esxZVNObAgmohSpB8jF2TePPL7kZAraxPaBVNGg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Y6UzG4UZ4Ac70Z2UgRvQtAAA%265131
cache-control
no-cache
cf-ray
77de770edb8e9225-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
prebid
rtb.openx.net/sync/ Frame 797E
43 B
350 B
Image
General
Full URL
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5531%26spui%3D%26dpui%3D%24%7BUID%7D
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 04:48:27 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
15fuik5cbo9auoog1q52l8a0g5eigqpt
getuid
sync.smartadserver.com/ Frame 797E
Redirect Chain
  • https://sync.smartadserver.com/getuid?&nwid=4295&url=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5527%26spui%3D%26dpui%3D%5Bsas_uid%5D
  • https://sync.smartadserver.com/getuid?&nwid=4295&url=https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5527&spui=&dpui=[sas_uid]&cklb=1
0
75 B
Image
General
Full URL
https://sync.smartadserver.com/getuid?&nwid=4295&url=https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5527&spui=&dpui=[sas_uid]&cklb=1
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
HTTP/1.1
Server
185.86.137.132 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 04:48:27 GMT
content-length
0

Redirect headers

location
https://sync.smartadserver.com:443/getuid?&nwid=4295&url=https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5527&spui=&dpui=[sas_uid]&cklb=1
pragma
no-cache
date
Fri, 23 Dec 2022 04:48:27 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
usersync
e.serverbid.com/ Frame 797E
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58671/occ
  • https://e.serverbid.com/usersync?cn=732&ttt=1&dpui=y-cXce.nFE2uHKh1HbmbMM2DLiBw7USmalsNskZq8-~A
35 B
218 B
Image
General
Full URL
https://e.serverbid.com/usersync?cn=732&ttt=1&dpui=y-cXce.nFE2uHKh1HbmbMM2DLiBw7USmalsNskZq8-~A
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 04:48:27 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

location
https://e.serverbid.com/usersync?cn=732&ttt=1&dpui=y-cXce.nFE2uHKh1HbmbMM2DLiBw7USmalsNskZq8-~A
date
Fri, 23 Dec 2022 04:48:27 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
usersync
x.serverbid.com/ Frame 797E
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fx.serverbid.com%252Fusersync%253Fttt%253D1%2526src%253D2%2526cspi%253D0%2526cn%253D5551%2526spui%253D%2526dpui%253D%2524UID
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=6203174611632902727
35 B
269 B
Image
General
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=6203174611632902727
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 04:48:27 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

Date
Fri, 23 Dec 2022 04:48:27 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.169; 185.213.155.169; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
cdb3cc91-ee80-456b-9bd9-31d8ff123084
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=6203174611632902727
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usa
sync.go.sonobi.com/ Frame 797E
0
500 B
Image
General
Full URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5444%26spui%3D%26dpui%3D
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Dec 2022 04:48:28 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-179
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
play_icon.svg
v7player.wostreaming.net/assets/images/icons/ Frame 2C48
566 B
880 B
Image
General
Full URL
https://v7player.wostreaming.net/assets/images/icons/play_icon.svg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.197.136.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-197-136-214.compute-1.amazonaws.com
Software
/ Express
Resource Hash
8480f9d30431883d66ead66d489fb5b84e55fec1ef298740d5e9057ac6fab7ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v7player.wostreaming.net/5160?playerUrl=https%3A%2F%2F975now.com%2Flisten-live%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 23 Dec 2022 04:48:27 GMT
Last-Modified
Wed, 22 Jun 2022 16:08:38 GMT
ETag
W/"236-1818c2c3b70"
X-Powered-By
Express
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
566
usermatch
ssum-sec.casalemedia.com/ Frame EC2F
2 KB
1 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26fa43e3ca39688dfc2f6a9d41eb1e57c3618dca5d67b8e413e056782fecf124

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
77de770edb8c9225-FRA
content-encoding
br
content-type
text/html
date
Fri, 23 Dec 2022 04:48:27 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ldP1SoA%2FoaIrlCs9%2BNW07LElTMXgbs62oVZOnsHKXYW2jOHG0CcaOS5%2BAMFGhbOaxZq9bxDUcGGl64SkmmG5uAiJClmL1ZCNP5leUNB%2Fr%2FJhZupZpQa0yeiO1iAV68YOAdgGX08FYhJuw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 886F
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776
  • https://eus.rubiconproject.com/usync.html?p=12776
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 23 Dec 2022 04:48:27 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 23 Dec 2022 04:48:27 GMT
location
https://eus.rubiconproject.com/usync.html?p=12776
server
AkamaiGHost
sync
usr.undertone.com/userPixel/ Frame 655D
Redirect Chain
  • https://ib.adnxs.com/getuidnb?https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=$UID
  • https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=6203174611632902727
0
234 B
Image
General
Full URL
https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=6203174611632902727
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
54.239.168.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-239-168-49.kix56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 04:48:28 GMT
via
1.1 65753b73b2bb7bd6119e85228bfa4a56.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
KIX56-C2
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
dzFVWHVn0ev3i_OP1CrSuSDYbjiz9wwuEtz6Bf4qpVbL6V_Wb1w07g==

Redirect headers

Date
Fri, 23 Dec 2022 04:48:27 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.169; 185.213.155.169; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
1a3c8ce6-f007-4c90-a495-fcc8eae3728e
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=6203174611632902727
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 655D
43 B
131 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 04:48:27 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
sync
usr.undertone.com/userPixel/ Frame 655D
Redirect Chain
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-H_4KDTdE2uHTrVLyFbzWTlEIjOLAe7zu~A
0
233 B
Image
General
Full URL
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-H_4KDTdE2uHTrVLyFbzWTlEIjOLAe7zu~A
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
54.239.168.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-239-168-49.kix56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 04:48:28 GMT
via
1.1 65753b73b2bb7bd6119e85228bfa4a56.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
KIX56-C2
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
GUG810b7b8XW4aSyiChbrzALsQxc20iHmw7z6JrC_7IgkiXcq-quMg==

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-H_4KDTdE2uHTrVLyFbzWTlEIjOLAe7zu~A
date
Fri, 23 Dec 2022 04:48:28 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
generic
match.adsrvr.org/track/cmf/ Frame 655D
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 23 Dec 2022 04:48:27 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync.php
pixel.rubiconproject.com/exchange/ Frame 655D
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
usr.undertone.com/userPixel/ Frame 655D
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...
  • https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3DB1CF200B-ED1B-43F1-88E4-400A78A5198B
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=B1CF200B-ED1B-43F1-88E4-400A78A5198B
0
351 B
Image
General
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=B1CF200B-ED1B-43F1-88E4-400A78A5198B
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
54.239.168.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-239-168-49.kix56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 04:48:27 GMT
via
1.1 65753b73b2bb7bd6119e85228bfa4a56.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
KIX56-C2
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
JSzWhOv-bHfZMA1kUygRlFVti860DDd7aCe2crha3HeTzWaHCkCyvw==

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=B1CF200B-ED1B-43F1-88E4-400A78A5198B
date
Fri, 23 Dec 2022 04:48:26 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 655D
0
191 B
Image
General
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Fri, 23 Dec 2022 04:48:27 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT
sync
usr.undertone.com/userPixel/ Frame 655D
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58545/occ
  • https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-cXce.nFE2uHKh1HbmbMM2DLiBw7USmalsNskZq8-~A
0
359 B
Image
General
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-cXce.nFE2uHKh1HbmbMM2DLiBw7USmalsNskZq8-~A
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
54.239.168.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-239-168-49.kix56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 04:48:28 GMT
via
1.1 65753b73b2bb7bd6119e85228bfa4a56.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
KIX56-C2
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
nAGonF9ssYPb9zppvJbJvWBgoGf1sOQ4DKj0B6Y5AZZKEnZEbYSUEA==

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-cXce.nFE2uHKh1HbmbMM2DLiBw7USmalsNskZq8-~A
date
Fri, 23 Dec 2022 04:48:27 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
usync.js
eus.rubiconproject.com/ Frame 886F
34 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
bd174ee329b0758153d639b11a90dd7d91b51d0dbd029506ba041aa43feb119a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=12776
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 23 Dec 2022 04:48:28 GMT
Content-Encoding
gzip
Last-Modified
Thu, 22 Dec 2022 15:36:50 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=38902
Connection
keep-alive
Content-Length
10067
Expires
Fri, 23 Dec 2022 15:36:50 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame AF24
5 KB
6 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=12345339&p=156319&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
0a88d4e297bb26581548f0b45593322cebbf20593fd98e5b9b8b52c70bc580a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Fri, 23 Dec 2022 04:48:26 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
crum
dsum-sec.casalemedia.com/ Frame EC2F
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y6UzG4UZ4Ac70Z2UgRvQtAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJZUqoFGFPNui3hisd0Z20Y&google_cver=1
43 B
766 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJZUqoFGFPNui3hisd0Z20Y&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Dec 2022 04:48:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 23 Dec 2022 04:48:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJZUqoFGFPNui3hisd0Z20Y&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame EC2F
43 B
855 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y6UzG4UZ4Ac70Z2UgRvQtAAAFAsAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Dec 2022 04:48:28 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
84E38EADT7D6JZWKY7XV
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame EC2F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y6UzG4UZ4Ac70Z2UgRvQtAAAFAsAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEDXfZtTrB9pD3jvVRPhQQlc&google_cver=1
43 B
842 B
Image
General
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEDXfZtTrB9pD3jvVRPhQQlc&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H3
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 04:48:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jXdXbBOuxWqdusb2yxzBb%2F1NQuN9y4j1N0S4oOWNFQNsePbPweyFj3J%2BrwpQDbJqsXEsUFMhgUoCeCXyjQTtjHb2Iz6OODG87zQE5XLNBC4d2J8qIZ4zCg69eLJYgzY3t472geakUeEcNw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
77de770fec199225-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 23 Dec 2022 04:48:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEDXfZtTrB9pD3jvVRPhQQlc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame EC2F
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 23 Dec 2022 04:48:28 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame EC2F
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
43 B
766 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Dec 2022 04:48:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

date
Fri, 23 Dec 2022 04:48:28 GMT
server
nginx
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
access-control-allow-origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
content-type
text/html; charset=UTF-8
cache-control
no-cache
keep-alive
timeout=10
access-control-allow-headers
Origin
tp_out
d.adroll.com/cm/index/ Frame EC2F
42 B
181 B
Image
General
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:cc3:fe05:b397:52c1:600f:51f0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 04:48:28 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.0
content-length
42
vary
Cookie
content-type
image/gif
pixelSync
pixel-sync.sitescout.com/dmp/ Frame EC2F
0
191 B
Image
General
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Fri, 23 Dec 2022 04:48:27 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT
rum
dsum-sec.casalemedia.com/ Frame EC2F
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=1effc93b-f0e2-2867-bbc7b742
43 B
766 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=1effc93b-f0e2-2867-bbc7b742
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Dec 2022 04:48:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

date
Fri, 23 Dec 2022 04:48:28 GMT
via
1.1 google
server
nginx/1.22.1
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=1effc93b-f0e2-2867-bbc7b742
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146
sync
usr.undertone.com/userPixel/ Frame EC2F
0
348 B
Image
General
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=57&uid=Y6UzG4UZ4Ac70Z2UgRvQtAAAFAsAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.239.168.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-239-168-49.kix56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 04:48:27 GMT
via
1.1 65753b73b2bb7bd6119e85228bfa4a56.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
KIX56-C2
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
5iPVnGVhJdqlqST9Y19THzkkSpc65LxQVhAALuFaEsx0KFk-lnM-9A==
Pug
simage2.pubmatic.com/AdServer/ Frame C8C0
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:a98c63a5-331c-4100-bf49-b5dc057edfcd&gdpr=0&gdpr_consent=
42 B
326 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:a98c63a5-331c-4100-bf49-b5dc057edfcd&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 23 Dec 2022 04:48:26 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Fri, 23 Dec 2022 04:48:28 GMT
Expires
Fri, 23 Dec 2022 04:48:27 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 277 3f0ad7a master cdg-pixel-x28 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:a98c63a5-331c-4100-bf49-b5dc057edfcd&gdpr=0&gdpr_consent=
ImgSync
image8.pubmatic.com/AdServer/ Frame 14F2
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2193928732539263481
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
0
Document
General
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,max-age=86400
date
Fri, 23 Dec 2022 04:48:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Fri, 23 Dec 2022 04:48:28 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
usersync.aspx
dis.criteo.com/dis/ Frame E016
43 B
363 B
Document
General
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Fri, 23 Dec 2022 04:48:27 GMT
expires
Fri, 23 Dec 2022 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
496835
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame C97F
43 B
855 B
Document
General
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=B1CF200B-ED1B-43F1-88E4-400A78A5198B&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.220.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 23 Dec 2022 04:48:28 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
XPQKJFQE74172N76GD5T
Pug
simage2.pubmatic.com/AdServer/ Frame 6F45
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6203174611632902727&gdpr=0&gdpr_consent=
42 B
315 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6203174611632902727&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 23 Dec 2022 04:48:27 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
ab5c7713-0f07-42c7-9e5a-0a18ee8cd702
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Fri, 23 Dec 2022 04:48:28 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6203174611632902727&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
185.213.155.169; 185.213.155.169; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pug
image2.pubmatic.com/AdServer/ Frame 890F
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Yjsb2Gc7S455Ok7ZZTlX3DAxTtV5PkuONWyAMaxQ
42 B
571 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Yjsb2Gc7S455Ok7ZZTlX3DAxTtV5PkuONWyAMaxQ
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 23 Dec 2022 04:48:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Fri, 23 Dec 2022 04:48:28 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Yjsb2Gc7S455Ok7ZZTlX3DAxTtV5PkuONWyAMaxQ
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 2E70
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7180201376267630734&gdpr=0&gdpr_consent=
42 B
322 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7180201376267630734&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 23 Dec 2022 04:48:26 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Fri, 23 Dec 2022 04:48:28 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7180201376267630734&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Pug
image2.pubmatic.com/AdServer/ Frame AFBD
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFBaEpFN0hTbVlBQUNFbmgyUU1Rdw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAAhJE7HSmYAACEnh2QMQw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_par...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAAhJE7HSmYAACEnh2QMQw&pid=558502&do=add&gdpr=0
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAAhJE7HSmYAACEnh2QMQw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%2...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=8772423444955627747&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAAhJE7HSmYAACEnh2QMQw&gdpr=0&gdpr_consent=
42 B
200 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAAhJE7HSmYAACEnh2QMQw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 23 Dec 2022 04:48:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Fri, 23 Dec 2022 04:48:28 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAAhJE7HSmYAACEnh2QMQw&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 2F59
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=lhmMcRkQR-RKkozNy2gKQrnVm6k
42 B
300 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=lhmMcRkQR-RKkozNy2gKQrnVm6k
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 23 Dec 2022 04:48:27 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
159
Content-Type
text/html; charset=utf-8
Date
Fri, 23 Dec 2022 04:48:28 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=lhmMcRkQR-RKkozNy2gKQrnVm6k
Pug
simage2.pubmatic.com/AdServer/ Frame 4EFB
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y6UzHAAAASeKDAAZ&gdpr=0&gdpr_consent=&_test=Y6UzHAAAASeKDAAZ
1 B
221 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y6UzHAAAASeKDAAZ&gdpr=0&gdpr_consent=&_test=Y6UzHAAAASeKDAAZ
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Fri, 23 Dec 2022 04:48:26 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Fri, 23 Dec 2022 04:48:28 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y6UzHAAAASeKDAAZ&gdpr=0&gdpr_consent=&_test=Y6UzHAAAASeKDAAZ
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-hhn-etou8220070-HHN
x-timer
S1671770908.260886,VS0,VE0
Pug
simage2.pubmatic.com/AdServer/ Frame 56EF
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
93 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 23 Dec 2022 04:48:27 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Fri, 23 Dec 2022 04:48:28 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
i.match
s.tribalfusion.com/z/ Frame 23E2
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
418 B
Document
General
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
77de77112a825c68-FRA
content-length
43
content-type
image/gif; charset=utf-8
date
Fri, 23 Dec 2022 04:48:28 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
77de7710095c5c68-FRA
content-type
text/html
date
Fri, 23 Dec 2022 04:48:28 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
969
cookiesync
core.iprom.net/ Frame 7296
43 B
277 B
Document
General
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Fri, 23 Dec 2022 04:48:28 GMT
Vary
Accept-Encoding
X-adserver-worker
komodo-8e2aa6446b91@version_1.531
X-core-time
1ms
X-server-arch
v2
generic
match.adsrvr.org/track/cmf/ Frame 64AC
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1671770908180
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5447924082
70 B
264 B
Document
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5447924082
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Fri, 23 Dec 2022 04:48:28 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Fri, 23 Dec 2022 04:48:28 GMT
etag
RX67ee2dfb23954f67849871dee41cdd85003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5447924082
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
pub
matching.truffle.bid/sync/ Frame C4F4
0
0
Document
General
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.55.120.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.196.120.55.162.clients.your-server.de
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Date
Fri, 23 Dec 2022 04:48:28 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
bridge
cm.adgrx.com/ Frame 5114
43 B
282 B
Document
General
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.231.180.197 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
ams-delivery-4.sys.adgear.com
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Fri, 23 Dec 2022 04:48:28 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-1
gdpr_consent=
sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=88dd61375ef2f20e/gdpr=0/ Frame 3FEB
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=88dd61375ef2f20e/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%...
49 B
265 B
Document
General
Full URL
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=88dd61375ef2f20e/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253D0E2y59DCSSQQUbYTVnMXMXan
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.61.187 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-61-187.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache
content-length
49
content-type
image/gif
date
Fri, 23 Dec 2022 04:48:28 GMT
expires
0
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma
no-cache
server
Jetty(9.4.38.v20210224)
x-server
10.45.26.135

Redirect headers

content-length
0
location
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=88dd61375ef2f20e/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253D0E2y59DCSSQQUbYTVnMXMXan
usersync
x.serverbid.com/ Frame 2692
0
0
Document
General
Full URL
https://x.serverbid.com/usersync?ttt=3&src=2&cspi=0&cn=3&spui=&dpui=B1CF200B-ED1B-43F1-88E4-400A78A5198B
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://ads.pubmatic.com
access-control-max-age
10080
date
Fri, 23 Dec 2022 04:48:28 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame AF24
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=sc8gC-0bQ_GI5EAKeKUZiw%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB
Image
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
H2
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 04:48:28 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=41498
accept-ranges
bytes
content-length
5554
expires
Fri, 23 Dec 2022 16:20:06 GMT

Redirect headers

pragma
no-cache
date
Fri, 23 Dec 2022 04:48:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame AF24
95 B
382 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=B1CF200B-ED1B-43F1-88E4-400A78A5198B
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 04:48:28 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
77de77102b0dbb53-FRA
access-control-allow-headers
*
content-length
95
qmap
sync.crwdcntrl.net/ Frame AF24
49 B
265 B
Image
General
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=B1CF200B-ED1B-43F1-88E4-400A78A5198B&gdpr=0&gdpr_consent=
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.61.187 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-61-187.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 04:48:28 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.14.155
content-length
49
expires
0
ids
idsync.frontend.weborama.fr/ Frame AF24
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=4171290877
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=B1CF200B-ED1B-43F1-88E4-400A78A5198B
0
277 B
Image
General
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=B1CF200B-ED1B-43F1-88E4-400A78A5198B
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
H2
Server
34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.131.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 04:48:27 GMT
via
1.1 google
last-modified
Fri, 23 Dec 2022 04:48:28 GMT
server
Weborama Collect Frontend
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=B1CF200B-ED1B-43F1-88E4-400A78A5198B
date
Fri, 23 Dec 2022 04:48:27 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
ImgSync
image8.pubmatic.com/AdServer/ Frame AF24
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QjFDRjIwMEItRUQxQi00M0YxLTg4RTQtNDAwQTc4QTUxOThC&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
44 B
Image
General
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
H2
Server
198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 04:48:27 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Fri, 23 Dec 2022 04:48:28 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ImgSync
image8.pubmatic.com/AdServer/ Frame AF24
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEE2zj_X1g8pqt56VBJDdTLc&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
44 B
Image
General
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
H2
Server
198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 04:48:28 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Fri, 23 Dec 2022 04:48:28 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pubmatic
um.simpli.fi/ Frame AF24
43 B
612 B
Image
General
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.62.91.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 04:48:28 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Thu, 22 Dec 2022 04:48:28 GMT
generic
match.adsrvr.org/track/cmf/ Frame AF24
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 23 Dec 2022 04:48:28 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame AF24
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6600052789309305912
42 B
218 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6600052789309305912
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 23 Dec 2022 04:48:26 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 23 Dec 2022 04:48:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6600052789309305912
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
B1CF200B-ED1B-43F1-88E4-400A78A5198B
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame AF24
43 B
602 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/B1CF200B-ED1B-43F1-88E4-400A78A5198B?gdpr=0&gdpr_consent=
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:965e:3ef:16d0:9a4c Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 04:48:28 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame AF24
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=B1CF200B-ED1B-43F1-88E4-400A78A5198B&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-9nPJrpVE2uXZcEoZWGLugeSBXII2Px0-~A&gdpr=0&gdpr_consent=
0
128 B
Image
General
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-9nPJrpVE2uXZcEoZWGLugeSBXII2Px0-~A&gdpr=0&gdpr_consent=
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
H2
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 04:48:28 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-9nPJrpVE2uXZcEoZWGLugeSBXII2Px0-~A&gdpr=0&gdpr_consent=
date
Fri, 23 Dec 2022 04:48:28 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
ImgSync
image8.pubmatic.com/AdServer/ Frame AF24
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=3431d3f6-c4c7-4e61-bce4-f979f30dd97d&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=4d6fa5dd-2658-47bb-9006-f5e1292a7e0a&expires=1&user_group=5&ssp=pubmatic&bsw_param=3431d3f6-c4c7-4e61-bce4-f979f30dd97d
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=3431d3f6-c4c7-4e61-bce4-f979f30dd97d&gdpr=&gdpr_consent=&gdpr_pd=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
162 B
Image
General
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
H2
Server
198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 04:48:26 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Fri, 23 Dec 2022 04:48:28 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
current
pubmatic-match.dotomi.com/match/bounce/ Frame AF24
0
104 B
Image
General
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=B1CF200B-ED1B-43F1-88E4-400A78A5198B&gdpr=0&gdpr_consent=
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 04:48:28 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame AF24
0
191 B
Image
General
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Fri, 23 Dec 2022 04:48:28 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT
sync
usr.undertone.com/userPixel/ Frame AF24
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:7112111c-8322-4166-ae13-f9e32a150ddd&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3DB1CF200B-ED1B-43F1-88E4-400A78A5198B
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=B1CF200B-ED1B-43F1-88E4-400A78A5198B
0
351 B
Image
General
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=B1CF200B-ED1B-43F1-88E4-400A78A5198B
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
H2
Server
54.239.168.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-239-168-49.kix56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 04:48:27 GMT
via
1.1 65753b73b2bb7bd6119e85228bfa4a56.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
KIX56-C2
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
dURG57Esv0nOVWli8vEy1Ac_HuzoBFvEALE6UMyHv5zXIpvSbemhqQ==

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=B1CF200B-ED1B-43F1-88E4-400A78A5198B
date
Fri, 23 Dec 2022 04:48:26 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ImgSync
image8.pubmatic.com/AdServer/ Frame AF24
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3962522359522143904&gdpr=0&gdpr_consent=&us_privacy=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
162 B
Image
General
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
H2
Server
198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 04:48:26 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Fri, 23 Dec 2022 04:48:26 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ImgSync
image8.pubmatic.com/AdServer/ Frame AF24
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6203174611632902727
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
110 B
Image
General
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
H2
Server
198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 04:48:27 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Fri, 23 Dec 2022 04:48:27 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
demconf.jpg
dpm.demdex.net/ Frame 797E
Redirect Chain
  • https://synchroscript.deliveryengine.adswizz.com/getUID?curl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D175765%26dpuuid%3D%24%7BUID%7D
  • https://dpm.demdex.net/ibs:dpid=175765&dpuuid=9c45c8a1f701a44bf3bd2839e3097740
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=175765&dpuuid=9c45c8a1f701a44bf3bd2839e3097740
42 B
940 B
Image
General
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=175765&dpuuid=9c45c8a1f701a44bf3bd2839e3097740
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
HTTP/1.1
Server
52.86.202.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-202-16.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

DCS
dcs-prod-va6-1-v044-01e9372e2.edge-va6.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
C5Zv6DHqT4I=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-va6-1-v044-02d40e8f3.edge-va6.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
UPi3zOYPTTw=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=175765&dpuuid=9c45c8a1f701a44bf3bd2839e3097740
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
afr.php
synchroscript.deliveryengine.adswizz.com/www/delivery/ Frame 0DD2
402 B
992 B
Document
General
Full URL
https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Requested by
Host: cdn.adswizz.com
URL: https://cdn.adswizz.com/adswizz/js/SynchroClient2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.242.140.136 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-242-140-136.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e317d72184f175517e5c71273b70cc53d88e1bf4887e3fac1c1c7e448f83b323

Request headers

Referer
https://sync.serverbid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Charset
utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
402
Content-Type
text/html;charset=UTF-8
Date
Fri, 23 Dec 2022 04:48:27 GMT
Instance-id
i-0e972cf0ca7d7d5a6
P3P
policyref="synchroscript.adswizz.com/docs/adswizz_adserver.htm", CP="CUR OUR NAV INT IND"
X-AdsWizz-Banner-Status-Code
-1
X-Adswizz-request-id
0acad020-827d-11ed-8fd9-06f8c438e4df
X-Application-Context
application:production
X-Clacks-Overhead
GNU Terry Pratchett
swfobject-2.2.min.js
delivery-cdn-cf.adswizz.com/adswizz/js/ Frame 0DD2
9 KB
9 KB
Script
General
Full URL
https://delivery-cdn-cf.adswizz.com/adswizz/js/swfobject-2.2.min.js
Requested by
Host: synchroscript.deliveryengine.adswizz.com
URL: https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-55.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a18cbdbb0fbb733d7f4cba5d2afd6b2706e3f141c743f491057e5800368cd8e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://synchroscript.deliveryengine.adswizz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 04:47:44 GMT
via
1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
last-modified
Wed, 01 Apr 2015 12:24:04 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
46
etag
"e6a40488a5f5774d02c06d0787ef01d8"
x-cache
Hit from cloudfront
content-type
application/x-javascript
accept-ranges
bytes
content-length
9211
x-amz-cf-id
yt2v8PNBSer9FdRa3oZKTdBwtai7945BbsIERPxlfFlKNohWxEzBmg==
sync.php
pixel.rubiconproject.com/exchange/ Frame 886F
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=12776&khaos=LC018DDZ-K-CVD7
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/
23 B
457 B
XHR
General
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=3227&u=https%3A%2F%2F975now.com%2Flisten-live%2F&pid=khcV7MnRIouJE&cb=1&ws=1600x1200&v=22.1213.2134&t=2000&slots=%5B%7B%22sd%22%3A%22tsm-ad-listenlive-728b%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F8328825%2Flocal%2FLansing%2FWJIM%2Ftsm-ad-listenlive-728b%22%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%22113667d3-98b2-4f25-8b84-9c052c546049%22%5D%7D%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%7D&cfgv=1&gdpre=1&gdprc=CPkcVsAPkcVsAAXADAENCwCgAAAAAH_AAAAAAAASZAJMNW4gC7MscGbQMIoEQIwrCQigUAEFAMLRAQAODgp2VgE-sIEACAUARgRAhwBRgQCAAASAJCIAJAiwQAAAiAQAAgAQCIQAMDAILACwMAgABANAxRCgAECQAyICIpTAgKgSCAlsqEEoLpDTCAKssAKARGwUACIJARWAAICwcAwRICViwQJMUb5ACMEKAUSoVqKT0wAA.YAAAAAAAAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.3.236 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-3-236.fra6.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 04:48:29 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA6-C1
x-amz-rid
WJ9C09VN966P883DBJQS
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://975now.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
Bb3hbBvImW7NXbPu6GT9WXN1ys9ZWj1PKAQoUwXDm0z7BRix5K_J8w==
chunk-9.72819ecd3d539b71bdd0.1671480485891.js
975now.com/public/dist/chunks/
3 KB
1 KB
Script
General
Full URL
https://975now.com/public/dist/chunks/chunk-9.72819ecd3d539b71bdd0.1671480485891.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.160 Saint Joseph, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6711) / Express
Resource Hash
13b6739c029316121e1132d8782812604803beac77c0030426f5a188eab07d39
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/listen-live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-abgroup
A
date
Fri, 23 Dec 2022 04:48:29 GMT
content-encoding
gzip
via
1.1 varnish
age
29201
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
1191
last-modified
Tue, 20 Dec 2022 20:09:57 GMT
server
ECS (frb/6711)
etag
W/"cdd-185312837f7"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
2293164916 2292084135
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
expires
Fri, 23 Dec 2022 04:48:28 GMT
chunk-13.160551b2c398e9d58ab7.1671480485891.js
975now.com/public/dist/chunks/
28 KB
7 KB
Script
General
Full URL
https://975now.com/public/dist/chunks/chunk-13.160551b2c398e9d58ab7.1671480485891.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.160 Saint Joseph, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67D4) / Express
Resource Hash
010bb296c99a6d9f3c4c119a4d95b0cf785f43fedb9ba2f8af49b918e0dfe691
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/listen-live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-abgroup
A
date
Fri, 23 Dec 2022 04:48:29 GMT
content-encoding
gzip
via
1.1 varnish
age
28301
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
7334
last-modified
Tue, 20 Dec 2022 20:09:59 GMT
server
ECS (frb/67D4)
etag
W/"70c2-18531283e4f"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
1780703005 1779799595
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
expires
Fri, 23 Dec 2022 04:48:28 GMT
chunk-15.087fcd49df0d13f10ecb.1671480485891.js
975now.com/public/dist/chunks/
5 KB
2 KB
Script
General
Full URL
https://975now.com/public/dist/chunks/chunk-15.087fcd49df0d13f10ecb.1671480485891.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.160 Saint Joseph, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67E2) / Express
Resource Hash
597ec3e12c43b7c435b76a1d7ff4e3d491c19fd9eee236f43c5037bc09b30035
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/listen-live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-abgroup
A
date
Fri, 23 Dec 2022 04:48:29 GMT
content-encoding
gzip
via
1.1 varnish
age
29585
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
2019
last-modified
Tue, 20 Dec 2022 20:10:04 GMT
server
ECS (frb/67E2)
etag
W/"13d9-1853128529e"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
2292006396
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
expires
Fri, 23 Dec 2022 04:48:28 GMT
chunk-2.158fab88e994fe9c9286.1671480485891.js
975now.com/public/dist/chunks/
573 B
670 B
Script
General
Full URL
https://975now.com/public/dist/chunks/chunk-2.158fab88e994fe9c9286.1671480485891.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.160 Saint Joseph, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6731) / Express
Resource Hash
4d38f7c556090df12f89dc798033145b11c42518957323b5ddaebedc71e9e9cf
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/listen-live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-abgroup
A
date
Fri, 23 Dec 2022 04:48:29 GMT
via
1.1 varnish
age
28301
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
573
last-modified
Tue, 20 Dec 2022 20:09:59 GMT
server
ECS (frb/6731)
etag
W/"23d-18531283f2a"
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
1780417357 1779799596
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
expires
Fri, 23 Dec 2022 04:48:28 GMT
cogitoergosum
975now.com/rest/high/api/
22 B
90 B
Fetch
General
Full URL
https://975now.com/rest/high/api/cogitoergosum
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.160 Saint Joseph, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx / Express
Resource Hash
38e1e6c680ef39235e64726496ece6b39355e5fb5d2ff9f94881393427ef9d67
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://975now.com/listen-live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 23 Dec 2022 04:48:29 GMT
server
nginx
etag
W/"16-hwbt/zjXQQMHygKQH7w48NgHuys"
x-powered-by
Express
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
x-ua-device
desktop
cache-control
no-cache
gdpr-source
DE
x-device
desktop
content-length
22
expires
Fri, 23 Dec 2022 04:48:28 GMT
chunk-19.80e5c2ea58d21dc38155.1671480485891.js
975now.com/public/dist/chunks/
65 KB
16 KB
Script
General
Full URL
https://975now.com/public/dist/chunks/chunk-19.80e5c2ea58d21dc38155.1671480485891.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.160 Saint Joseph, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/669F) / Express
Resource Hash
7c21bd4e9ed8595eb9d454b2c9e67aa6e0165055b08d88c26371a934c40e15ac
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/listen-live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-abgroup
A
date
Fri, 23 Dec 2022 04:48:29 GMT
content-encoding
gzip
via
1.1 varnish
age
29364
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
16770
last-modified
Tue, 20 Dec 2022 20:09:57 GMT
server
ECS (frb/669F)
etag
W/"10557-185312837ef"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
1779616358 1779585449
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
expires
Fri, 23 Dec 2022 04:48:28 GMT
chunk-18.d1ef0c9dc79331039e33.1671480485891.js
975now.com/public/dist/chunks/
64 KB
14 KB
Script
General
Full URL
https://975now.com/public/dist/chunks/chunk-18.d1ef0c9dc79331039e33.1671480485891.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.160 Saint Joseph, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6731) / Express
Resource Hash
631015613b92e30d069df7210b5af840588253f6f406635503e39dcfc1250791
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/listen-live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-abgroup
A
date
Fri, 23 Dec 2022 04:48:29 GMT
content-encoding
gzip
via
1.1 varnish
age
29363
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
14141
last-modified
Tue, 20 Dec 2022 20:09:59 GMT
server
ECS (frb/6731)
etag
W/"1014f-18531283e4f"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
1779616355 1779585553
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
expires
Fri, 23 Dec 2022 04:48:28 GMT
like.php
www.facebook.com/v2.8/plugins/ Frame 1D35
0
20 B
Document
General
Full URL
https://www.facebook.com/v2.8/plugins/like.php?action=like&app_id=1302639166803547&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa9f338096688%26domain%3D975now.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252F975now.com%252Ff31531fd1130594%26relation%3Dparent.parent&container_width=51&href=https%3A%2F%2F975now.com%2Flisten-live%2F&layout=button&locale=en_US&sdk=joey&share=false&show_faces=false&size=large
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://975now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html;charset=utf-8
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 23 Dec 2022 04:48:29 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
priority
u=3,i
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-content-type-options
nosniff
x-fb-debug
MFxacjOAausv+gHonLlMZpdudQ4Tyop+pPG3m90X41uEi5ClMtbswEHngThFjYg0C+bw8dA1etgh6dK2FHroSA==
x-xss-protection
0
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=2020690957&t=event&_s=2&dl=https%3A%2F%2F975now.com%2Flisten-live%2F&dp=%2Flisten-live%2F&ul=en-us&de=UTF-8&dt=97.5%20NOW%20FM%20-%20Listen%20Live&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=social%20overlay&ea=impression&el=sailthru&_u=6GDAgAADAAAAAGg~&jid=&gjid=&cid=344673256.1671770903&tid=UA-45652235-4&_gid=1780041790.1671770903&_av=2.4.1&_au=20&did=i5iSjo&z=2067730786
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 02:49:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
7121
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=2020690957&t=event&_s=2&dl=https%3A%2F%2F975now.com%2Flisten-live%2F&dp=%2Flisten-live%2F&ul=en-us&de=UTF-8&dt=97.5%20NOW%20FM%20-%20Listen%20Live&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=social%20overlay&ea=impression&el=sailthru&_u=6GDAgAADAAAAAGg~&jid=&gjid=&cid=344673256.1671770903&tid=UA-19109753-1&_gid=1780041790.1671770903&_av=2.4.1&_au=20&did=i5iSjo&z=1097158784
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 02:49:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
7121
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=2020690957&t=event&_s=2&dl=https%3A%2F%2F975now.com%2Flisten-live%2F&dp=%2Flisten-live%2F&ul=en-us&de=UTF-8&dt=97.5%20NOW%20FM%20-%20Listen%20Live&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=social%20overlay&ea=impression&el=sailthru&_u=6GDAgAADAAAAAGg~&jid=&gjid=&cid=344673256.1671770903&tid=UA-45652235-1&_gid=1780041790.1671770903&_av=2.4.1&_au=20&did=i5iSjo&z=1475961282
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 02:49:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
7121
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=2020690957&t=event&_s=2&dl=https%3A%2F%2F975now.com%2Flisten-live%2F&dp=%2Flisten-live%2F&ul=en-us&de=UTF-8&dt=97.5%20NOW%20FM%20-%20Listen%20Live&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=social%20overlay&ea=impression&el=sailthru&_u=6GDAgAADAAAAAGg~&jid=&gjid=&cid=344673256.1671770903&tid=UA-28825804-1&_gid=1780041790.1671770903&_av=2.4.1&_au=20&did=i5iSjo&z=481831531
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 02:49:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
7121
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=2020690957&t=event&_s=2&dl=https%3A%2F%2F975now.com%2Flisten-live%2F&dp=%2Flisten-live%2F&ul=en-us&de=UTF-8&dt=97.5%20NOW%20FM%20-%20Listen%20Live&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=social%20overlay&ea=impression&el=sailthru&_u=6GDAgAADAAAAAGg~&jid=&gjid=&cid=344673256.1671770903&tid=UA-45260060-4&_gid=1780041790.1671770903&_av=2.4.1&_au=20&did=i5iSjo&z=1704227726
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 02:49:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
7121
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=2020690957&t=event&_s=2&dl=https%3A%2F%2F975now.com%2Flisten-live%2F&dp=%2Flisten-live%2F&ul=en-us&de=UTF-8&dt=97.5%20NOW%20FM%20-%20Listen%20Live&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=social%20overlay&ea=impression&el=sailthru&_u=6GDAgAADAAAAAGg~&jid=&gjid=&cid=344673256.1671770903&tid=UA-45260060-9&_gid=1780041790.1671770903&_av=2.4.1&_au=20&did=i5iSjo&z=437992136
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 02:49:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
7121
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
7a1-WJIM-97.5-stakec.png
townsquare.media/site/692/files/2018/03/
53 KB
53 KB
Image
General
Full URL
https://townsquare.media/site/692/files/2018/03/7a1-WJIM-97.5-stakec.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.144.129 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (sgb/C6C8) / Express
Resource Hash
d724fc76a53244832eb97c22420ce2076aeb8743117cf8cc560cbaeaa700b739
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://975now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-abgroup
B
date
Fri, 23 Dec 2022 04:48:29 GMT
via
1.1 varnish
age
25494977
x-powered-by
Express
x-cache
HIT
x-carbon-image
compressed-gm
x-ua-device
desktop
x-device
desktop
content-length
54028
last-modified
Wed, 11 Sep 2019 04:21:45 GMT
server
ECS (sgb/C6C8)
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
x-varnish
1832481529
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
expires
Fri, 23 Dec 2022 04:48:28 GMT
KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v30/
17 KB
17 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,500,500italic,700,300italic,300%7CRoboto+Condensed:300,400,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://975now.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 19:38:58 GMT
x-content-type-options
nosniff
age
119371
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17368
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Dec 2023 19:38:58 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame AF24
0
48 B
Script
General
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156319&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 04:48:28 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame 4CF6
1 KB
2 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=98439417&p=156725&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156725
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
12c8a80c0eb10d49efa2eafd6c3cd71ef8d4e4632b7cdafa5981c7d62b2def5f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Fri, 23 Dec 2022 04:48:29 GMT
content-length
1148
content-type
text/html; charset=UTF-8
cm
ipac.ctnsnet.com/int/ Frame C34B
43 B
369 B
Document
General
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156725
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 -, , ASN (),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Fri, 23 Dec 2022 04:48:30 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
Pug
image2.pubmatic.com/AdServer/ Frame F994
Redirect Chain
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=15u6ooas9f7h
42 B
288 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=15u6ooas9f7h
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156725
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 23 Dec 2022 04:48:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-encoding
utf-8
cache-control
no-cache, no-store
content-length
0
date
Fri, 23 Dec 2022 04:48:31 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=15u6ooas9f7h
lws
222
strict-transport-security
max-age=31536000; includeSubDomains
time-ms
0
Pug
simage2.pubmatic.com/AdServer/ Frame 152C
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:BFD270F183914856BF1E48A4E7BBAB43&gdpr=0&gdpr_consent=
1 B
53 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:BFD270F183914856BF1E48A4E7BBAB43&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156725
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Fri, 23 Dec 2022 04:48:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Fri, 23 Dec 2022 04:48:31 GMT
expires
Thu, 22 Dec 2022 04:48:31 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:BFD270F183914856BF1E48A4E7BBAB43&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
p
a.audrte.com/ Frame 4CF6
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=B1CF200B-ED1B-43F1-88E4-400A78A5198B
  • https://a.audrte.com/p
68 B
424 B
Image
General
Full URL
https://a.audrte.com/p
Protocol
HTTP/1.1
Server
52.7.44.10 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 23 Dec 2022 04:48:31 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Fri, 23 Dec 2022 04:48:31 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
info2
uipglob.semasio.net/pubmatic/1/ Frame 4CF6
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=B1CF200B-ED1B-43F1-88E4-400A78A5198B&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=B1CF200B-ED1B-43F1-88E4-400A78A5198B&sInitiator=external&gdpr=0&gdpr_consent=
42 B
604 B
Image
General
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=B1CF200B-ED1B-43F1-88E4-400A78A5198B&sInitiator=external&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
77.243.60.138 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 04:48:34 GMT
frontend-id
13
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 23 Dec 2022 04:48:34 GMT
frontend-id
4
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=B1CF200B-ED1B-43F1-88E4-400A78A5198B&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Artemis
aud.pubmatic.com/AdServer/ Frame 4CF6
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=B1CF200B-ED1B-43F1-88E4-400A78A5198B&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=B1CF200B-ED1B-43F1-88E4-400A78A5198B&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=B1CF200B-ED1B-43F1-88E4-400A78A5198B&addseg=19,36,42
0
0
Image
General
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=B1CF200B-ED1B-43F1-88E4-400A78A5198B&addseg=19,36,42
Protocol
H2
Server
185.64.189.229 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Redirect headers

date
Fri, 23 Dec 2022 04:48:31 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=B1CF200B-ED1B-43F1-88E4-400A78A5198B&addseg=19,36,42
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141
generic
match.adsrvr.org/track/cmf/ Frame 4CF6
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=B1CF200B-ED1B-43F1-88E4-400A78A5198B&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Protocol
H2
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 23 Dec 2022 04:48:31 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
nodeny.targetspot.com
URL
https://nodeny.targetspot.com/callback/uuid?https%3A%2F%2Fgc-ue2.atemda.com%2FUserMatch.ashx%3Fbidderid%3DZADu5pyUg3xGDhhIUiUGw8DInpVl3ShW8cVYXLO%2bJdLknDuwSm%2fuE1rosOfdqsqVR7Tc2B3Ixl9epojvFMdXRgKwfNeE2bh3nfmqxDdKBM8%3d%26bidderuid%3D%24UID

Verdicts & Comments Add Verdict or Comment

134 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| oncontentvisibilityautostatechange object| TSM object| taskQ function| ga object| globalDimensionData object| dataLayer function| __tcfapi function| cmpFactory function| __cmp function| __uspapi object| cnvr_launcher_options object| googletag object| pbjs number| PREBID_TIMEOUT boolean| REQUEST_BIDS_ON_PAGE_LOAD boolean| SHOW_ADS_ON_PAGE_LOAD function| pbjsChunk object| _pbjsGlobals object| mnet object| pbjsBidderSettings object| apstag object| twttr object| ZERG object| _taboola function| dealWithAlephCount object| __INITIAL_STATE__ object| headertag number| $WLXRmAd object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| gapi object| ___jsl object| conversant object| ggeac object| google_js_reporting_queue object| google_tag_manager boolean| apstagLOADED string| aleph object| cQ object| FB object| TRC object| _tblConsole undefined| msg object| _comscore object| __s object| instgrm object| __twttrll object| __twttr number| PIN_19349 function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl object| COMSCORE function| udm_ object| __buffer object| PublisherCommonId object| cmpConfig function| onYouTubeIframeAPIReady undefined| google_measure_js_timing object| webpackChunkexpressblog object| bidLog function| initCarbon object| globalActionCreators function| fbAsyncInit function| onYtEvent object| google_reactive_ads_global_state object| gaDevIds object| core object| PIN_1671770904481 string| value object| key object| PinUtils object| hindsight object| teads_analytics object| osapi object| gadgets object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow function| setImmediate function| clearImmediate object| ns_p boolean| hindsight_loaded object| __bt_tag_d object| __bt_tag_am object| __bt_intrnl boolean| __bt_already_invoked object| __bt

122 Cookies

Domain/Path Name / Value
975now.com/rest/carbon/api/nowplaying/playertype Name: gdpr-source
Value: DE
975now.com/public/dist/chunks Name: gdpr-source
Value: DE
975now.com/internal-ad-api Name: gdpr-source
Value: DE
975now.com/styles/desktop Name: gdpr-source
Value: DE
975now.com/rest/high/api Name: gdpr-source
Value: DE
975now.com/listen-live Name: gdpr-source
Value: DE
975now.com/ Name: abgroup
Value: A
975now.com/ Name: connect.sid
Value: s%3AMlalBI2CUTYgpJY-8g65w2lgl7klcoHn.EFKr9ipJoTwL1y0sNFAzfB7M%2B82b3KOKEg7UvRBcL4E
cdn.production.townsquareblogs.com/ Name: aleph
Value: f2be344e-cba0-5ee9-b424-07feec1de7f4
.975now.com/ Name: _gid
Value: GA1.2.1780041790.1671770903
975now.com/ Name: aleph
Value: f2be344e-cba0-5ee9-b424-07feec1de7f4
975now.com/ Name: aleph-count
Value: 1
.975now.com/ Name: _ga_GGT2X929YG
Value: GS1.1.1671770903.1.0.1671770903.60.0.0
975now.com/ Name: cogitoergosum
Value: eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJGcmksIDIzIERlYyAyMDIyIDA0OjQ4OjI0IEdNVCJ9
.kargo.com/ Name: ktcid
Value: 59edcbf0-177a-0248-1120-83bad0233e5b
.gumgum.com/ Name: cs
Value: true
.gumgum.com/ Name: loc
Value: SfolTs1ZIlPB8MVKEK8IyKSvg4rUpAiO8hszRu6MQdwXgciFy314eCa8DRCNeggGXhiT-f7JeZzLddO_-ZeqByeQVcyafU09Z_Dn94038kpcRXAVFOf9dw
.975now.com/ Name: _gat_primary
Value: 1
.975now.com/ Name: _ga
Value: GA1.2.344673256.1671770903
.975now.com/ Name: _gat_UA191097531
Value: 1
.975now.com/ Name: _gat_UA456522351
Value: 1
.975now.com/ Name: _gat_UA288258041
Value: 1
.975now.com/ Name: _gat_UA452600604
Value: 1
.rubiconproject.com/ Name: khaos
Value: LC018DDZ-K-CVD7
.rubiconproject.com/ Name: audit
Value: 1|hLZGFuTafB31+CYyTDISFj5APvdogVCbaTd6KyMQnaub55ZO9yeic02DkGw/etlA4y4cUpXFnCRo2B05UvZjL8KziisdPQ3BsqlSNZOaaDQ=
.975now.com/ Name: _gat_UA452600609
Value: 1
975now.com/ Name: blingblocksession
Value: 1
.975now.com/ Name: _gat_UA1150030077
Value: 1
.serverbid.com/ Name: CONSUMABLEID
Value: 107036c2f4b64dd8b036c2f4b69dd8d5
.go.sonobi.com/ Name: HAPLB8A
Value: s8751|Y6UzG
.youtube.com/ Name: YSC
Value: -WaAcaYEVOw
.975now.com/ Name: cmp-data
Value: . . a57c5c33-1b3c-4a13-986f-2ce781c16f75
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 4cf51b5365c48294
fksnk.com/ Name: AWSALBCORS
Value: naEp/RgfFuscDnPytSujoeyYIZ7u+mlegjKeU+NsclputsB/w7ARMSgT4fp5StPw8CeDoTCLMe7V2U6sWrDq95mSx4pwmQrxtsMxfWyoFyr40LQXLNVgd2WAnFMX
.fksnk.com/ Name: f_001
Value: E5921868736836A7
.fksnk.com/ Name: wo_001
Value: 1
.gc-ue2.atemda.com/ Name: vi
Value: d1712fd587a1c44e31ad2041da4f830e
.gc-ue2.atemda.com/ Name: fid
Value: d1712fd587a1c44e31ad2041da4f830e
.gc-ue2.atemda.com/ Name: UM1
Value: dAAAAB-LCAAAAAAAAAvjcuIoELLjUrBMNjFNtkg0TDM3MEw0MUlKM05KMbIwtkw1NrA0NzcxEOLmOPPh2rN7qzZZC7BKgTifNq_s3wzkaDFw6XEkCmlx8XhluubnFlRmhGRaGAHVz9n5CqF-zs5FjV8-Q9QDALGAzjJ0AAAA0
.atemda.com/ Name: UM1
Value: qAAAAB-LCAAAAAAAAAvjcuIoELLjUrBMNjFNtkg0TDM3MEw0MUlKM05KMbIwtkw1NrA0NzcxEOLmOPPh2rN7qzZZC7BKgTifNq_s3wzkaDFw6XEkCmlx8XhluubnFlRmhGRaGAHVz9n5CqF-zs5FjV8-Q9UbcZQJ6XEJuJpaGhlamFmYG5tZGJs5mgP1vNqz-Dlcz6s9t-F6ALLxfqaoAAAA0
.atemda.com/ Name: vi
Value: d1712fd587a1c44e31ad2041da4f830e
.atemda.com/ Name: fid
Value: d1712fd587a1c44e31ad2041da4f830e
.yahoo.com/ Name: A3
Value: d=AQABBBszpWMCEHaCiWCs3SfHSEKwRRfekMUFEgEBAQGEpmOvYwAAAAAA_eMAAA&S=AQAAAlATgrmQK_Qq9lUPyAGBW6w
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&c5b51458-8503-42fa-8881-91828cc20a62"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NzE3NzA5MDc7MjswMjEqZEBUBzkSoGnJY4Oda5SAkg+QnMGUrcQWzLk4XaLJDA==
.linkedin.com/ Name: lidc
Value: "b=VGST07:s=V:r=V:a=V:p=V:g=2523:u=1:x=1:i=1671770907:t=1671857307:v=2:sig=AQGyVPMLeJ2Z25Ky0B7gxR6hK8GTr2hc"
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.doubleclick.net/ Name: IDE
Value: AHWqTUmQ7tQuXfnzix0UA4ev7R_g-oFJWMV1ZSlWX-caZReVq8dMBBekhNdG5j1Zy_s
.amazon-adsystem.com/ Name: ad-id
Value: A_QfMKnt7E0llovHxw-JQSs
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.adnxs.com/ Name: uuid2
Value: 6203174611632902727
.casalemedia.com/ Name: CMID
Value: Y6UzG4UZ4Ac70Z2UgRvQtAAA
.casalemedia.com/ Name: CMPS
Value: 5131
.casalemedia.com/ Name: CMPRO
Value: 5131
.advertising.com/ Name: A3
Value: d=AQABBBwzpWMCEBM9IrHYMPZFXbK4sbIQPYsFEgEBAQGEpmOvYwAAAAAA_eMAAA&S=AQAAAoLPTEhFm39OmAkkbPp5Ayo
.pubmatic.com/ Name: KADUSERCOOKIE
Value: B1CF200B-ED1B-43F1-88E4-400A78A5198B
.pubmatic.com/ Name: DPSync3
Value: 1672963200%3A245_241_201_227
.pubmatic.com/ Name: SyncRTB3
Value: 1672617600%3A63%7C1673049600%3A35%7C1672963200%3A220_56_233_165_13_176_238_99_21_234_54_8_71_22_204_81_243_7_3_55_166_88_161_251%7C1674345600%3A203%7C1672358400%3A223_2_15
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.adfarm1.adition.com/ Name: UserID1
Value: 7180201376267630734
.quantserve.com/ Name: d
Value: EJcBCwHwJ_ijAA
.quantserve.com/ Name: mc
Value: 63a5331c-24411-1d948-61cad
.analytics.yahoo.com/ Name: IDSYNC
Value: "199r~2904:1969~2904:18z9~2904:18z8~2904"
.casalemedia.com/ Name: CMTS
Value: 5174
.de17a.com/ Name: guid
Value: 1.2193928732539263481
.simpli.fi/ Name: suid
Value: BFD270F183914856BF1E48A4E7BBAB43
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-67ee2dfb-2395-4f67-8498-71dee41cdd85-003%22%2C%22zdxidn%22%3A%221508%22%2C%22nxtrdr%22%3Afalse%7D
.adsby.bidtheatre.com/ Name: __kuid
Value: 7112111c-8322-4166-ae13-f9e32a150ddd.440984908
.zeotap.com/ Name: zc
Value: 0746e2dd-538f-495b-7943-30e6e465f8e2
.adform.net/ Name: C
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-6203174611632902727&KRTB&23339-6203174611632902727
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7180201376267630734&KRTB&23278-7180201376267630734&KRTB&23369-7180201376267630734
.csync.loopme.me/ Name: viewer_token
Value: 4560bd87-cd34-47f8-b9b0-884046d29f45
.adform.net/ Name: uid
Value: 6600052789309305912
.brand-display.com/ Name: _knxq_
Value: 1effc93b-f0e2-2867-bbc7b742.1671770908.0.1671770908.1671770908
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y6UzHAAAASeKDAAZ
.weborama.fr/ Name: AFFICHE_W
Value: oxxKgi8a9x6j74
.onaudience.com/ Name: cookie
Value: 88dd61375ef2f20e
.onaudience.com/ Name: done_redirects104
Value: 1
.bidr.io/ Name: bito
Value: AAAhJE7HSmYAACEnh2QMQw
.bidr.io/ Name: bitoIsSecure
Value: ok
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-Yjsb2Gc7S455Ok7ZZTlX3DAxTtV5PkuONWyAMaxQ&KRTB&19420-Yjsb2Gc7S455Ok7ZZTlX3DAxTtV5PkuONWyAMaxQ&KRTB&22979-Yjsb2Gc7S455Ok7ZZTlX3DAxTtV5PkuONWyAMaxQ&KRTB&23403-Yjsb2Gc7S455Ok7ZZTlX3DAxTtV5PkuONWyAMaxQ
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-2193928732539263481
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEE2zj_X1g8pqt56VBJDdTLc&KRTB&16514-CAESEE2zj_X1g8pqt56VBJDdTLc&KRTB&23025-CAESEE2zj_X1g8pqt56VBJDdTLc&KRTB&23386-CAESEE2zj_X1g8pqt56VBJDdTLc
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-Y6UzHAAAASeKDAAZ&KRTB&22978-Y6UzHAAAASeKDAAZ&KRTB&23194-Y6UzHAAAASeKDAAZ&KRTB&23209-Y6UzHAAAASeKDAAZ
.pubmatic.com/ Name: pi
Value: 0:3
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-6600052789309305912&KRTB&23263-6600052789309305912
ads.playground.xyz/ Name: connect.sid
Value: s%3A2qQvgLVI0vKQBbaw1lGz9mH1qV_XnyaF.EZCPfAmfuN2k46ApcWvtBX3OEasYoUXmkuq83OgzdXg
.turn.com/ Name: uid
Value: 3962522359522143904
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-3962522359522143904&KRTB&23150-3962522359522143904
.go.sonobi.com/ Name: HAPLB8S
Value: s87159|Y6UzH
.bidswitch.net/ Name: tuuid
Value: 3431d3f6-c4c7-4e61-bce4-f979f30dd97d
.bidswitch.net/ Name: c
Value: 1671770908
.bidswitch.net/ Name: tuuid_lu
Value: 1671770908
.nrich.ai/ Name: _nauid
Value: 4d6fa5dd-2658-47bb-9006-f5e1292a7e0a
.tribalfusion.com/ Name: ANON_ID
Value: aDnseFrwZayaQXwrSQErU43ZcenZdu3vVyuteNsuqeD9FBnY54A7HCaobmZdHTEZbnvwqogomM4X3DOYVUYgJ4EGd
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-3431d3f6-c4c7-4e61-bce4-f979f30dd97d
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 7
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-96198c71-1910-47e4-4a92-8ccdcb680a42.5oJMP7j1CI%2BZcGPcJhoU1lgFFzuUNY1qkpFNGQndRzg
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AlhmMcRkQR-RKkozNy2gKQrnVm6k.ApuhnUcS9V55piaobSFlBgFigJj2HWiWqEsTzq8O4mk
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-lhmMcRkQR-RKkozNy2gKQrnVm6k&KRTB&23334-lhmMcRkQR-RKkozNy2gKQrnVm6k&KRTB&23417-lhmMcRkQR-RKkozNy2gKQrnVm6k&KRTB&23426-lhmMcRkQR-RKkozNy2gKQrnVm6k
.mathtag.com/ Name: uuid
Value: a98c63a5-331c-4100-bf49-b5dc057edfcd
.smartadserver.com/ Name: pid
Value: 8772423444955627747
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 127:AAAhJE7HSmYAACEnh2QMQw
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:a98c63a5-331c-4100-bf49-b5dc057edfcd&KRTB&16736-uid:a98c63a5-331c-4100-bf49-b5dc057edfcd&KRTB&23019-uid:a98c63a5-331c-4100-bf49-b5dc057edfcd&KRTB&23208-uid:a98c63a5-331c-4100-bf49-b5dc057edfcd
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAAhJE7HSmYAACEnh2QMQw
.pubmatic.com/ Name: PugT
Value: 1671770908
.demdex.net/ Name: demdex
Value: 31534630826547155982074992936676532811
.dpm.demdex.net/ Name: dpm
Value: 31534630826547155982074992936676532811
.undertone.com/ Name: UID_EXT_53
Value: B1CF200B-ED1B-43F1-88E4-400A78A5198B
.undertone.com/ Name: UID_EXT_57
Value: Y6UzG4UZ4Ac70Z2UgRvQtAAAFAsAAAAB
975now.com/ Name: usprivacy
Value: 1---
975now.com/ Name: newsletter-overlay-notspam
Value: completed-newsletter
.undertone.com/ Name: UID_EXT_56
Value: y-cXce.nFE2uHKh1HbmbMM2DLiBw7USmalsNskZq8-~A
.pubmatic.com/ Name: SPugT
Value: 1671770908

7 Console Messages

Source Level URL
Text
network error URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://ad.crwdcntrl.net/5/c=6394/pe=y/var=lotameAudience
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://tags.crwdcntrl.net/c/6395/cc_af.js
Message:
Failed to load resource: the server responded with a status of 403 ()
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://nodeny.targetspot.com/callback/uuid?https%3A%2F%2Fgc-ue2.atemda.com%2FUserMatch.ashx%3Fbidderid%3DZADu5pyUg3xGDhhIUiUGw8DInpVl3ShW8cVYXLO%2bJdLknDuwSm%2fuE1rosOfdqsqVR7Tc2B3Ixl9epojvFMdXRgKwfNeE2bh3nfmqxDdKBM8%3d%26bidderuid%3D%24UID
Message:
Failed to load resource: net::ERR_CONNECTION_REFUSED
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=B1CF200B-ED1B-43F1-88E4-400A78A5198B&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=88dd61375ef2f20e/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253D0E2y59DCSSQQUbYTVnMXMXan
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

975now.com
a.audrte.com
a.teads.tv
a.tribalfusion.com
aax-dtb-cf.amazon-adsystem.com
aax-eu.amazon-adsystem.com
accounts.google.com
action.dstillery.com
action.media6degrees.com
ad-delivery.net
ad.crwdcntrl.net
ad.doubleclick.net
ad.turn.com
ads.playground.xyz
ads.pubmatic.com
ap.lijit.com
apex.go.sonobi.com
api.btloader.com
api.clarity.amperwave.net
api.conversant.mgr.consensu.org
api.rlcdn.com
apis.google.com
as-sec.casalemedia.com
assets.pinterest.com
atemda.com
aud.pubmatic.com
bh.contextweb.com
btloader.com
c.amazon-adsystem.com
c1.adform.net
cdn.adswizz.com
cdn.conversant.mgr.consensu.org
cdn.production.townsquareblogs.com
cdn.taboola.com
cdn.undertone.com
cm-supply-web.gammaplatform.com
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
contextual.media.net
core.iprom.net
cr.frontend.weborama.fr
csync.loopme.me
d.adroll.com
d5p.de17a.com
delivery-cdn-cf.adswizz.com
dis.criteo.com
dmp.brand-display.com
doi3unldljdx6.cloudfront.net.
dpm.demdex.net
dsp.adfarm1.adition.com
dsp.nrich.ai
dsum-sec.casalemedia.com
e.serverbid.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fksnk.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
gc-ue2.atemda.com
green.erne.co
gu.dyntrk.com
hb.undertone.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.clean.gg
ib.adnxs.com
id5-sync.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
ipac.ctnsnet.com
js-sec.indexww.com
krk.kargo.com
live.wostreaming.net
log.pinterest.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
matching.truffle.bid
mwzeom.zeotap.com
nodeny.targetspot.com
onetag-sys.com
p287.atemda.com
pagead2.googlesyndication.com
pixel-eu.onaudience.com
pixel-sync.sitescout.com
pixel-us-west.rubiconproject.com
pixel.advertising.com
pixel.onaudience.com
pixel.rubiconproject.com
platform.instagram.com
platform.twitter.com
pr-bh.ybp.yahoo.com
prebid.media.net
proc.ad.cpe.dotomi.com
prod-54-87-129-189.wostreaming.net
prt.wostreaming.net
pubmatic-match.dotomi.com
px.ads.linkedin.com
region1.analytics.google.com
rtb-csync.smartadserver.com
rtb.openx.net
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
s3.amazonaws.com
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssl.gstatic.com
ssl.p.jwpcdn.com
ssum-sec.casalemedia.com
static.solutionshindsight.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.go.sonobi.com
sync.mathtag.com
sync.serverbid.com
sync.smartadserver.com
sync.srv.stackadapt.com
synchrobox.adswizz.com
synchroscript.deliveryengine.adswizz.com
syndication.twitter.com
tags.crwdcntrl.net
tlx.3lift.com
token.rubiconproject.com
townsquare.media
townsquaremedia-d.openx.net
trc-events.taboola.com
tsm-css.s3.amazonaws.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usr.undertone.com
v7player.wostreaming.net
visitor.fiftyt.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.instagram.com
www.youtube.com
x.bidswitch.net
x.serverbid.com
nodeny.targetspot.com
104.244.42.136
104.87.141.138
104.96.149.237
13.32.27.127
13.32.28.197
13.32.99.55
130.211.23.194
141.226.228.48
141.94.171.216
141.95.171.140
142.250.180.198
142.251.39.34
143.204.215.111
146.59.148.16
15.197.193.217
151.101.130.49
151.101.193.44
151.101.64.84
159.65.194.197
159.89.246.130
162.19.138.83
162.19.80.92
162.55.120.196
172.64.151.162
172.64.154.237
173.231.180.197
178.250.0.163
18.66.112.8
18.66.97.14
184.30.21.51
185.29.134.244
185.64.189.110
185.64.189.229
185.64.190.77
185.64.190.80
185.80.39.216
185.86.137.110
185.86.137.132
192.229.144.129
192.229.233.160
192.229.233.218
195.5.165.20
198.148.27.139
198.47.127.18
198.47.127.19
198.47.127.20
2.18.233.180
2.19.35.65
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
213.155.156.181
213.19.147.44
23.37.42.132
2600:9000:211e:2000:1f:2473:9080:93a1
2600:9000:225e:7c00:7:7419:8e80:21
2602:803:c004:200::140
2606:4700:10::6816:1857
2606:4700:20::681a:246
2606:4700:20::681a:78b
2606:4700::6812:17ea
2606:4700::6812:19ad
2620:116:800d:21:7eb1:3826:be7e:d981
2620:1ec:21::14
2a00:1450:4001:809::200e
2a00:1450:4001:80e::2004
2a00:1450:4001:810::200a
2a00:1450:4001:812::2006
2a00:1450:4001:813::2008
2a00:1450:4001:827::2003
2a00:1450:4001:828::200e
2a00:1450:4001:829::200d
2a00:1450:4001:82b::2002
2a00:1450:400c:c07::9a
2a00:1450:400d:803::200a
2a00:1450:400d:807::2002
2a00:1450:400d:808::2003
2a00:1450:400d:80a::2002
2a00:1450:400d:80c::200e
2a00:1450:400d:80e::2003
2a02:26f0:6c00:294::1931
2a02:fa8:8806:12::1370
2a02:fa8:8806:12::1460
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f11c:8183:face:b00c:0:25de
2a03:2880:f207:c4:face:b00c:0:43fe
2a03:2880:f207:e5:face:b00c:0:4420
2a04:4e42:400::626
2a05:d018:cc3:fe05:b397:52c1:600f:51f0
2a05:d018:d29:3605:965e:3ef:16d0:9a4c
3.122.66.11
3.125.142.130
3.126.56.137
3.229.187.21
34.102.253.54
34.107.148.139
34.111.129.221
34.111.131.239
34.111.151.213
34.120.133.55
34.242.140.136
34.91.62.186
34.95.69.49
34.98.64.218
35.186.193.173
35.186.253.211
35.190.113.31
35.201.96.126
35.214.223.115
37.157.4.25
37.252.171.52
37.252.171.84
44.197.136.214
51.255.68.171
51.75.86.98
52.205.53.251
52.209.167.52
52.214.61.187
52.217.174.97
52.217.195.248
52.220.229.2
52.28.173.192
52.30.134.174
52.46.143.56
52.55.14.74
52.7.44.10
52.86.202.16
52.94.220.185
54.161.107.103
54.239.168.49
54.72.111.64
54.87.129.189
69.166.1.10
69.166.1.14
69.173.144.138
72.251.249.9
76.223.111.18
77.243.60.138
8.39.36.142
85.114.159.118
92.123.38.97
93.184.220.66
98.98.134.243
99.84.88.80
99.86.3.236
99.86.4.2
010bb296c99a6d9f3c4c119a4d95b0cf785f43fedb9ba2f8af49b918e0dfe691
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0767c070293f17944c5246f47d8c610131ee16556a032dc3b5820bdac5ec725f
0a88d4e297bb26581548f0b45593322cebbf20593fd98e5b9b8b52c70bc580a1
0ac97c3debcbc74cca8ea6f0425eea4bd2167dc6740dc8c4ece5565fec3b31b1
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0d05aa7fda69e5a6629806fe1b77d18eb6ce5a777eed211f77b51b728f62b4a6
0d173137e6d7fab67e8e696fea473731e28fed08d552de686256d0d9dfa21275
0d9a27fd9dae745efd1e5cfa8230966e755516501b152a8a9783ed4045d3ead0
0ffd16515adc2d77b7c5228e87ecf4a89d2041806fc3d9eda5ecd76701764152
10fc98318d2b1839f0d1783b5dc616cc96954174df0fd185f49a5a51d6b5e361
1266de99e3e50f86b52fbfdaec5629e956f1f5b6137013ba2fdb9a77b00365db
12c8a80c0eb10d49efa2eafd6c3cd71ef8d4e4632b7cdafa5981c7d62b2def5f
13b6739c029316121e1132d8782812604803beac77c0030426f5a188eab07d39
1485460341dd7acce60bbff4b235101869025328e39f205fea7c0ea0f4b23ac6
1726a6b151460112b54d7c2bd823147bf5b5b30eeb8a7bac83cf417871f3dcbe
17c048bfb0138677a5774ee0301b7858b6d3fa8620fcaf62b6b81a0b5a37996a
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18ac825a3f9402c89eafd6c75bebd8ea0e988ed04ff12091ef8fc1b44989bb87
1a718e27fd0df6d791b9038ae5640afdd677afa35b5e080ce20118a9e11553c4
1aa2ac9b66aef789c34e7b0391288cc8ceda2b18c6f474bfcfb94aa293e96a3b
1b78062fd602e653c1eefccf152d1fce46f6929ad8d5b53f78383dd5127237f5
1d94d729b93a68de0e69f1a395afa9b45efc65d6216a9d552e71bb2ec9be88a2
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
20751d64251edf4ecf2e1e3cc4bbe212521d2252fc11d13fc86a4359914f53af
20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e
221e69003af87e6e8f934828ab416477126f3c062500e3bcb636bb9d87bf9b06
232334d177f358c07f8271994e6fc0c018abfce7c8910deb604de1440d741c45
236dca679b9983d1fbea0415d584b17d80f1c6942506fc508a5384db924e8795
24015e87dffbcb2aff83c109e1bb04da370a79c6a2a54b008dcf4a501db4473a
24be12bb2ecb74456ea67838bf072c47cadeace3e157335747596a7f7300ad63
24f8e96053b8b78171c451bed4e41315282f13fd94d3f02947fe75f825b5076e
2671d7c7400b9398aea12a761c1f7bc098223f42e5a92f0eb3fa7bd94b54d58f
26fa43e3ca39688dfc2f6a9d41eb1e57c3618dca5d67b8e413e056782fecf124
2a04fa46b4ebc4bb2c93126695f45b0acf711870e1f169bb95247592c28c24a8
2a4794a5fad7bf658e4522f7b68f6e71938691465e7cfc14cadb8e109dae4ffa
2a8e9133bf942e3ab0adb33fba5caffa5c1b9c0030c1c10b30649c43ecfa0390
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b0e18d026f801cfbb4fdf886e99a811a4befbeb289daf315a8d30c963242943
2cb05c308e43ce50d204752327f4e4079ff7153e219b0e6e2b66985b2e4e0e92
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e7771833e3970c8b2969d8037065c1fcc9b0e8aeca6079611e2381558e1347d
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2feac74532150192c7e613da8fcaae0dc4c69f9227aa9f823bb994dccf0bec48
31dba8981e85e61638b599eb4bdd156b3779589041fe500ef42d32b308e27f3e
33065136be1cbda35cef776911bed5d7ee5c7158d611de0c83bcaf81f949aaa3
33e35e9cfc120a2f7a56d46bd1abb9e882362d11f5c89fc521b5f204ac423d71
3400c27c9329fc2805aa324d61c60db41f90c338450da456b31cde72fd83122c
34c32ac95371e5f575f307f1e6d886f8b9052ecdeb46f9decd37b4e4b9f239bc
35196923692f06f97491caf22422cce4b612d5ef07c51842ca94a088b15456e2
36876823e9a71754563dec62cf0bc59dc353648806459910c0ddd8cf99535e06
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
38bd3f39132c26dfc8ea894c62aee1a5e91e77a5ee078308868a247c931a0c03
38e1e6c680ef39235e64726496ece6b39355e5fb5d2ff9f94881393427ef9d67
3b04308443b1a7829221d8b70278c8c241b72915951855c9e13199a5502dedbb
3c75e52a2ca2ffcc05363d11854f68977f2d376c15d231b396816e90bde25ad9
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
402a85b5cb3b9b63fdfefc53be24269bc8547dfd5c57ef341bc5e4878b8a9d2f
41067f1a228895ed6af13b0928a0fd036ad14c76922f1732162f614dbe895b66
411f21278180f62617f63716ff8a7db529f1f322e1dd4edc6723989c7fbe1a29
44083192a7c5ab22067a368f343e7748df51112eb2fca560382de61a6ae438e9
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
47676f84abdd2c392404db444032b095faa0845a828957dd6f6ebd281e89b4e4
4771dd78028f4fc52c31d3411917a7e0aa81151f0707465325ce66e79ea6d26d
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4d38f7c556090df12f89dc798033145b11c42518957323b5ddaebedc71e9e9cf
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
52898b6fa287f2454428170402474408e5c20323aee0bad6ee1e1cb70180e819
5344a56838387f8c7eb07e175b2915d9d6abdc1ddf8b6ea8e53b24c3ad5df10b
597ec3e12c43b7c435b76a1d7ff4e3d491c19fd9eee236f43c5037bc09b30035
629d62adfad8d2674fb6b83a8ba85e3d76dd9f0e63a7a51b5753d0ea223af396
631015613b92e30d069df7210b5af840588253f6f406635503e39dcfc1250791
63ca3c78b1248e597d3d7e20ab2598deb13bd79f8af8c2c3e110801ddafb715d
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66fea73d2bde03047e1392ca58ed7b1b59ff0b9f063e59e93dbbfe7a8132235a
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b2f387031c2c3711da5a43718d4582b57241542568b0e486c7f4a028d6d5344
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c7884164b248cb8d87de9edf64dc810e5753bb8ec0cd015800d7f39e08371c1
6cdf647f85a6afc3f24d19fe866bf8d91f1a40108b2cd7d851493635df41f98d
704ba027c35fc792e85de1f4101a2340a5f4a2ff0262ee3b7093684d1aac262d
71a6b096b5ffdcd5d84ab086ddb84997e7e98e71b24291dd25681d6c9d870701
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
782cbc0b991e0fc6e42562851a7a83b4207a9fd8fd9b830050d8f793d781fb85
7beb96ef759b267b4159270a64ca009646a2e9a725882896b3dd431198b92058
7c1f2766775d6451f14b4d26af1e09104d13b2b4e20745980a2f662c60a45b7a
7c21bd4e9ed8595eb9d454b2c9e67aa6e0165055b08d88c26371a934c40e15ac
7c370d9536d7d0d6a0f7cd7f9826692acd93e4fb05ba46f7b630b879740343d3
7df09d7c88b7597e8fe1025839401e454daf81d5e4c3a51ff79ce9e227849fde
7ee7901ec40e1bd240a3da86100fcb155fc2169bf2a3fabc860a4bea29bba3d5
7f500782cb117cf91e9efdb60a0f9dcc445cdcf735f4399690d7d8079f346d68
7fa3bd42ab5871f9255c0f54f0ab6fb65d782bdf63c79e689a13ea64cdd35cf7
7fa3e27dfae80b747a92d43d213c2936e0249f5ebe1709b7a486ce893d75ec68
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8480f9d30431883d66ead66d489fb5b84e55fec1ef298740d5e9057ac6fab7ff
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9
876b97c7f2cfcc175e1e7956a70abc529877cf8b702f6a1c20254421a89bccaa
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8be3b9c01943eae22432a7d1ccd42ab30447c9b1b07918b918fb5e5d7b5116e7
8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d8de3829d2383650a9308f175c7017fe6f3a60c3888d6d61e089f9b19141323
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c
91f9cf2a07a560cfc712b3fdf8912ffab988838f623b450331be85384590dc9e
92366a2c5ab614cb93515a1f7283ea8d144f206a6a8c211037f4e8814cdf9e85
9325cb86c14e757a3266ab710efa8294b3cd00403310dfe09e6f561f7c94b438
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb
95b968e13d205a7842b355f9bd82f9f64f6f272ff0810734c49d2bb89d64a336
9667402dd5fdcb5e5491eacd701a8b509d3ecf038f56c697c8c66fd5a869806a
984601230d8cbfe18370425e8e897037cc1a7adf831a691a9ede573cf44479d4
989d966478017241f13944dd7b6a1ff77171ff643ce2eb45af3f54de5685c3b6
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98c9729b6be21d82fbcde2417b2ee6ffdfa020b3a1ae0de5a419422ae478c559
98e0e2c1604d92dbca722c9c1498ab1e76834d8cfaa29d1f02c8ff4ffd6721b2
994110725b2c091b245271931293a3171a9ae7b55104b2018d22f2ea541abaa3
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9da236ec81f184812e8a0f2f3503c881346d1cbef97c1ee472e6b778541ae8b3
9fe8e056e719eda00a080764b82240552e04ca6b449c5cb5ef36d5554e3bce9f
a025aa3113d6218e4969be6cf96f623b11d8f9b0ce204844882ebd5090913d64
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0b81c9b9e3f5889faa9ae2bb61877b0ccaf5f5246a28d2d8576f29acb3dd485
a16d627fccd0fadd4f02db9de6a07c4e7ca17abcf832a0cf87b0374cbff64b2c
a18cbdbb0fbb733d7f4cba5d2afd6b2706e3f141c743f491057e5800368cd8e5
a210472ac38302d7409cf51d970a784328f08d693bff372227dfc68b29c01b64
a22c518b7a7cb42d1ad2be8c60b63248ba3ef51189c2999603da60ecbd0cba3c
a24927ae400182ae906574c9c5ea9a47034d7c13579392e027dca0a04e6db380
a4328f84095d3a834c790d9a4443a2595e56cb67ad6451a9a4b2c457c13bd2ee
a4da91ed0e411547d3e8c29dbc4d65353ef1b4ab99f7bd06a97fa975c638942a
a640e0d9b924e6ac6d1c222bfc1e1ee55f830ea4ab6ca0e998831237933419a8
a72a95f45380c28a3d910c4f43c02ce7992a1ba853f410f9f53a45f18433470b
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aea719c98c9b1a0ed5150b00837be7ef3feb2598dbc23b4ca08b223dd6112fa6
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b237ccfbe660d9be2bbab85986e1cf5ef1b4d99096613b8e24a6afc4dca196cf
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b4514d24d95bede70c69e4a0630150f4c0866364fbdc1c3842ba1fbd8c660d02
b727d69f232338b49fa71a59123cae5af40b4a655ee7efe04539ffc620fd1ef3
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd174ee329b0758153d639b11a90dd7d91b51d0dbd029506ba041aa43feb119a
bde44eccac80c71dd86d89030245d1b2e605e94d2b00159a421797000a75475a
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
c02444f391e8655e79ff8d7d4cb69c3426c3bffbf8731a994fa23aed0f641d12
c15053c3c9c18a6b5a07a60d84ac4e23c1541b7e850b98559f654a7db0e6bf68
c1f87b6ebedfe2a978cb946c520baf745f8e3a4b47c690f9c7b353a84f7b53ca
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c5ce585015433e8c2e3488acd77585474b2b452580f49529a8633be8fa053773
c8de81a1acb5f3788959ecc04eaa6526d5bdb29991157cecbef71042268c0374
cdb5ca36664e6906c51c4336873d7b45f29cb48c3b3188c853980813da650712
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d077bddddbdaa40522c86e8c7cbcd535f6abc3ff9e296c03f67a1c230941d0e1
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d1bda1899ff65d6976d36ab217c6df87122fe1e3f1698e1aa7084ef08eb5e36e
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f
d5467a654435a27baddfdbc6b5f2172f188d6cc12ed470471a91134788231596
d724fc76a53244832eb97c22420ce2076aeb8743117cf8cc560cbaeaa700b739
d753c69717b244a5225324ebbb4af652e067b9856b9081cf21c672f0dd7d9017
d8b32397d085a6bfe86984167facd508076bfac95bd76d9cca580ff701f0ea0a
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
daddc4cac9219428b7b5e9c9fcd71dcb2000a836abd3ed406fdb4393b4f04b35
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
dc3a0e2e935e1287780338713472a6ab77cfddcd82259c9d6bb4317de0d93898
dc99a8df7b6ee1496ed732d875e0aee5ce128caded7686c8410e8b9d9368a821
de9727942565b2603765eceb0a311d44cf38cdd731db72acf0f207e776f491b6
e317d72184f175517e5c71273b70cc53d88e1bf4887e3fac1c1c7e448f83b323
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e31b332d9e80d487dc5b23a3e861bd942755b7afb0d7ae32e8b11a6cf8cf3c
e455c9481ab43afb3fe882d539f47ad82eb560651f6c68a99f4dfb8ff4249d88
e533aa8b1cd8002c05dfd711e18ac03974ddaad1cd915004fd9b5c3aac50e377
e550048aa8208aa0e9ece114c913d2097d5ad65073bb86d8d88fa37f137d0370
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
e7b459d354bdd2193c0b951801d62b5a054b7c1b41e2aac3047a01e3be6ece9d
ea9b259fd4b1dbbb36b4e8738052f58d84a0de21386423630388d11fc5692bfe
ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b
eda5d5b702579e91e3fbaf5639ec7b66a1ecfd36f85c7c83066bbf78ace70aaf
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
eee332deb5eab5716edb7def6ca596a51a534291628de431c6af15c6af5cb02a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0648dd60b72161450eb93d6fa81bb6ec46bb9dffb2d2d0c6f3b5d4ac1e01dda
f557eace0ab7f5c416209ea3b01c21e6bb36e52bb87b8e1ddc762c9b4ad2f94f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fa66aca5d6c732ce42ef1219f5840cdacd6515b45115a9cfb51d69eee53b0249
fff7b5b76321e4080e4cf8a5b312d74a943b7ebc2aec9081ac7e17458123fcb2
ffff6b55ed28ee7e2dba13de6941cb4bdb984eac380a19ef20583dba2d29795f