URL: https://theroxyturns50.com/
Submission: On August 22 via api from US — Scanned from DE

Summary

This website contacted 34 IPs in 5 countries across 27 domains to perform 96 HTTP transactions. The main IP is 34.68.39.163, located in Council Bluffs, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is theroxyturns50.com.
TLS certificate: Issued by R3 on July 18th 2023. Valid for: 3 months.
This is the only time theroxyturns50.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 34.68.39.163 396982 (GOOGLE-CL...)
14 52.239.228.100 8075 (MICROSOFT...)
3 2a02:26f0:350... 20940 (AKAMAI-ASN1)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 2600:9000:26d... 16509 (AMAZON-02)
2 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
5 23.38.98.53 20940 (AKAMAI-ASN1)
4 2600:9000:25e... 16509 (AMAZON-02)
2 108.138.40.116 16509 (AMAZON-02)
1 1 2600:1f18:730... 14618 (AMAZON-AES)
1 18.213.204.44 14618 (AMAZON-AES)
4 2a00:1450:400... 15169 (GOOGLE)
3 6 142.250.186.102 15169 (GOOGLE)
2 2a04:4e42:8d::84 54113 (FASTLY)
2 2a03:2880:f08... 32934 (FACEBOOK)
2 4 2606:4700::68... 13335 (CLOUDFLAR...)
1 2 52.46.155.104 16509 (AMAZON-02)
2 54.148.23.33 16509 (AMAZON-02)
5 23.206.208.183 16625 (AKAMAI-AS)
4 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a03:2880:f17... 32934 (FACEBOOK)
2 3 37.252.171.21 29990 (ASN-APPNEX)
4 6 54.152.217.18 14618 (AMAZON-AES)
4 4 99.84.88.8 16509 (AMAZON-02)
2 2 193.0.160.131 54312 (ROCKETFUEL)
2 35.244.174.68 15169 (GOOGLE)
2 2 2001:678:cb4:... 56396 (AMOBEE)
2 178.250.1.9 44788 (ASN-CRITE...)
2 18.193.211.202 16509 (AMAZON-02)
3 3.33.220.150 16509 (AMAZON-02)
2 185.29.132.245 30419 (MEDIAMATH...)
2 2 64.202.112.95 22075 (AS-OUTBRAIN)
2 2600:1f18:ed:... 14618 (AMAZON-AES)
2 4 2.23.197.190 16625 (AKAMAI-AS)
96 34
Apex Domain
Subdomains
Transfer
14 liadm.com
b-code.liadm.com — Cisco Umbrella Rank: 3422
rp.liadm.com — Cisco Umbrella Rank: 1839
rp4.liadm.com — Cisco Umbrella Rank: 6430
i.liadm.com — Cisco Umbrella Rank: 770
i6.liadm.com — Cisco Umbrella Rank: 2424
43 KB
14 windows.net
aegwebprod.blob.core.windows.net — Cisco Umbrella Rank: 315240
2 MB
12 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 122
googleads.g.doubleclick.net — Cisco Umbrella Rank: 55
9382130.fls.doubleclick.net — Cisco Umbrella Rank: 91002
10 KB
9 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2706
www.google.com — Cisco Umbrella Rank: 3
adservice.google.com — Cisco Umbrella Rank: 126
2 KB
6 google.de
www.google.de — Cisco Umbrella Rank: 5345
993 B
5 pinterest.com
ct.pinterest.com — Cisco Umbrella Rank: 986
3 KB
5 adsrvr.org
js.adsrvr.org — Cisco Umbrella Rank: 1743
match.adsrvr.org — Cisco Umbrella Rank: 396
insight.adsrvr.org — Cisco Umbrella Rank: 749 Failed
6 KB
5 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 882
132 KB
4 addthis.com
x.dlx.addthis.com — Cisco Umbrella Rank: 1884
2 KB
4 rezync.com
live.rezync.com — Cisco Umbrella Rank: 1950
3 KB
4 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 1025
s.tribalfusion.com — Cisco Umbrella Rank: 2306
4 KB
4 aegpresents.com
tracking.aegpresents.com — Cisco Umbrella Rank: 87330
b.aegpresents.com — Cisco Umbrella Rank: 84896
79 KB
4 typekit.net
use.typekit.net — Cisco Umbrella Rank: 637
p.typekit.net — Cisco Umbrella Rank: 805
69 KB
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 275
2 KB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 109
247 B
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 76
336 KB
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 667
582 B
2 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 1279
886 B
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 372
291 B
2 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 745
725 B
2 turn.com
d.turn.com — Cisco Umbrella Rank: 1708
832 B
2 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 462
140 B
2 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 1051
2 KB
2 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 349
2 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 183
135 KB
2 pinimg.com
s.pinimg.com — Cisco Umbrella Rank: 1031
20 KB
1 theroxyturns50.com
theroxyturns50.com
362 KB
96 27
Domain Requested by
14 aegwebprod.blob.core.windows.net theroxyturns50.com
aegwebprod.blob.core.windows.net
6 i.liadm.com 4 redirects b-code.liadm.com
6 9382130.fls.doubleclick.net 3 redirects www.googletagmanager.com
6 www.google.de theroxyturns50.com
5 ct.pinterest.com s.pinimg.com
theroxyturns50.com
5 analytics.tiktok.com theroxyturns50.com
analytics.tiktok.com
4 x.dlx.addthis.com 2 redirects i.liadm.com
4 live.rezync.com 4 redirects
4 www.google.com theroxyturns50.com
4 googleads.g.doubleclick.net www.googletagmanager.com
4 b-code.liadm.com www.googletagmanager.com
b-code.liadm.com
3 ib.adnxs.com 2 redirects theroxyturns50.com
3 www.facebook.com theroxyturns50.com
3 adservice.google.com 9382130.fls.doubleclick.net
3 www.googletagmanager.com theroxyturns50.com
tracking.aegpresents.com
www.googletagmanager.com
3 use.typekit.net theroxyturns50.com
use.typekit.net
2 i6.liadm.com i.liadm.com
2 b1sync.zemanta.com 2 redirects
2 sync.mathtag.com i.liadm.com
2 match.adsrvr.org i.liadm.com
2 x.bidswitch.net i.liadm.com
2 dis.criteo.com i.liadm.com
2 d.turn.com 2 redirects
2 idsync.rlcdn.com i.liadm.com
2 p.rfihub.com 2 redirects
2 s.tribalfusion.com 1 redirects a.tribalfusion.com
2 b.aegpresents.com tracking.aegpresents.com
2 s.amazon-adsystem.com 1 redirects theroxyturns50.com
2 a.tribalfusion.com 1 redirects www.googletagmanager.com
2 connect.facebook.net theroxyturns50.com
connect.facebook.net
2 s.pinimg.com www.googletagmanager.com
s.pinimg.com
2 js.adsrvr.org www.googletagmanager.com
2 stats.g.doubleclick.net www.googletagmanager.com
2 region1.analytics.google.com www.googletagmanager.com
2 tracking.aegpresents.com theroxyturns50.com
1 insight.adsrvr.org js.adsrvr.org
1 rp4.liadm.com theroxyturns50.com
1 rp.liadm.com 1 redirects
1 p.typekit.net use.typekit.net
1 theroxyturns50.com
96 40
Subject Issuer Validity Valid
theroxyturns50.com
R3
2023-07-18 -
2023-10-16
3 months crt.sh
*.blob.core.windows.net
Microsoft RSA TLS CA 01
2023-03-20 -
2024-03-20
a year crt.sh
use.typekit.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-09-14 -
2023-10-15
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-08-07 -
2023-10-30
3 months crt.sh
tracking.aegpresents.com
Amazon RSA 2048 M02
2023-04-25 -
2024-05-23
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-07-31 -
2023-10-23
3 months crt.sh
www.google.de
GTS CA 1C3
2023-08-07 -
2023-10-30
3 months crt.sh
*.tiktok.com
RapidSSL ECC CA 2018
2023-07-14 -
2024-08-13
a year crt.sh
*.liadm.com
Amazon RSA 2048 M02
2023-02-28 -
2024-01-30
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2023-04-12 -
2024-05-13
a year crt.sh
*.doubleclick.net
GTS CA 1C3
2023-08-07 -
2023-10-30
3 months crt.sh
*.pinterest.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-07-31 -
2024-08-07
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2023-06-01 -
2023-08-30
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-05-07 -
2024-05-06
a year crt.sh
www.google.com
GTS CA 1C3
2023-08-07 -
2023-10-30
3 months crt.sh
*.google.com
GTS CA 1C3
2023-08-07 -
2023-10-30
3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA
2023-03-23 -
2024-03-23
a year crt.sh
*.mathtag.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-03-30 -
2024-04-29
a year crt.sh

This page contains 9 frames:

Primary Page: https://theroxyturns50.com/
Frame ID: BBC15AEBF4163D626D7EB515A573EEE1
Requests: 70 HTTP requests in this frame

Frame: https://9382130.fls.doubleclick.net/activityi;dc_pre=CJTOvKGj8YADFagNogMdJNIOSg;src=9382130;type=retarget;cat=retarg0;ord=2307703891364;auiddc=659603674.1692741976;u1=undefined;u4=undefined;u5=The%20Roxy%20Turns%2050;u6=undefined;u7=undefined;u8=undefined;u9=undefined;u18=theroxyturns50.com;u19=undefined;u20=undefined;u21=undefined;u22=undefined;u23=null;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Ftheroxyturns50.com%2F
Frame ID: D6B9125E11A847EEA1561BD5597A25AB
Requests: 2 HTTP requests in this frame

Frame: https://9382130.fls.doubleclick.net/activityi;dc_pre=CLrKvKGj8YADFecNogMdpjsKzA;src=9382130;type=retarget;cat=retarg0;ord=1357596457420;auiddc=659603674.1692741976;u1=undefined;u4=undefined;u5=The%20Roxy%20Turns%2050;u6=undefined;u7=undefined;u8=undefined;u9=undefined;u18=theroxyturns50.com;u19=undefined;u20=undefined;u21=undefined;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Ftheroxyturns50.com%2F
Frame ID: 86FA62D1966CC806EF3332CCC0F492A0
Requests: 2 HTTP requests in this frame

Frame: https://9382130.fls.doubleclick.net/activityi;dc_pre=CKbQvKGj8YADFQVTGAodxlAIwQ;src=9382130;type=norev0;cat=unive0;ord=8637964758585;auiddc=659603674.1692741976;u1=undefined;u4=undefined;u5=The%20Roxy%20Turns%2050;u6=undefined;u7=undefined;u8=undefined;u9=undefined;u10=undefined;u12=undefined;u13=undefined;u14=undefined;u15=undefined;u16=undefined;u18=theroxyturns50.com;u19=undefined;u20=undefined;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Ftheroxyturns50.com%2F
Frame ID: 8596256FD501D90736D46CC70107FD89
Requests: 2 HTTP requests in this frame

Frame: https://i.liadm.com/s/c/a-08c7?s=&cim=&ps=true&ls=true&duid=5d0ba3796ade--01h8fmhfh6nhjgz2vh01js81sg&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Frame ID: 170C61B8833B12A1C1580C29EC413D74
Requests: 8 HTTP requests in this frame

Frame: https://i.liadm.com/s/c/a-08c7?s=&cim=&ps=true&ls=true&duid=5d0ba3796ade--01h8fmhfh6nhjgz2vh01js81sg&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Frame ID: B33A0FECF5682772B026C5C91D2B596A
Requests: 8 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=3rqwsjg&ref=https%3A%2F%2Ftheroxyturns50.com%2F&upid=55rk4fk&upv=1.1.0&td1=undefined&td2=undefined&td3=undefined&td4=undefined&td5=undefined&td6=undefined&td7=theroxyturns50.com&td8=undefined&td9=undefined
Frame ID: 0D7BC39260C047B398D28BC6304B1F82
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: DCDBFE86A1F4F8101FF5FD7FA800B500
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=3rqwsjg&ref=https%3A%2F%2Ftheroxyturns50.com%2F&upid=55rk4fk&upv=1.1.0&td1=undefined&td2=undefined&td3=The%20Roxy%20Turns%2050&td4=undefined&td5=undefined&td6=undefined&td7=theroxyturns50.com&td8=undefined&td9=undefined
Frame ID: 0EE6559327CC8B759AB11C15B29411A0
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

The Roxy Turns 50FacebookInstagramRedditTwitterTumblrSpotifyEmailTriangleYoutubeSnapchatMagnifyGlobeTikTokSoundcloudSearchClose

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • <link [^>]*href="[^"]+use\.typekit\.(?:net|com)

Page Statistics

96
Requests

88 %
HTTPS

47 %
IPv6

27
Domains

40
Subdomains

34
IPs

5
Countries

2916 kB
Transfer

4527 kB
Size

37
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31
  • https://rp.liadm.com/j?dtstmp=1692741975812&aid=a-08c7&se=e30&duid=5d0ba3796ade--01h8fmhfh6nhjgz2vh01js81sg&tna=v2.7.10&pu=https%3A%2F%2Ftheroxyturns50.com%2F&wpn=lc-bundle&c=PHRpdGxlPlRoZSBSb3h5IFR1cm5zIDUwPC90aXRsZT48dGl0bGU-RmFjZWJvb2s8L3RpdGxlPjx0aXRsZT5JbnN0YWdyYW08L3RpdGxlPjx0aXRsZT5SZWRkaXQ8L3RpdGxlPjx0aXRsZT5Ud2l0dGVyPC90aXRsZT48dGl0bGU-VHVtYmxyPC90aXRsZT48dGl0bGU-U3BvdGlmeTwvdGl0bGU-PHRpdGxlPkVtYWlsPC90aXRsZT48dGl0bGU-VHJpYW5nbGU8L3RpdGxlPjx0aXRsZT5Zb3V0dWJlPC90aXRsZT48dGl0bGU-U25hcGNoYXQ8L3RpdGxlPjx0aXRsZT5NYWduaWZ5PC90aXRsZT48dGl0bGU-R2xvYmU8L3RpdGxlPjx0aXRsZT5UaWtUb2s8L3RpdGxlPjx0aXRsZT5Tb3VuZGNsb3VkPC90aXRsZT48dGl0bGU-U2VhcmNoPC90aXRsZT48dGl0bGU-Q2xvc2U8L3RpdGxlPg HTTP 302
  • https://rp4.liadm.com/j?dtstmp=1692741975812&aid=a-08c7&se=e30&duid=5d0ba3796ade--01h8fmhfh6nhjgz2vh01js81sg&tna=v2.7.10&pu=https%3A%2F%2Ftheroxyturns50.com%2F&wpn=lc-bundle&c=PHRpdGxlPlRoZSBSb3h5IFR1cm5zIDUwPC90aXRsZT48dGl0bGU-RmFjZWJvb2s8L3RpdGxlPjx0aXRsZT5JbnN0YWdyYW08L3RpdGxlPjx0aXRsZT5SZWRkaXQ8L3RpdGxlPjx0aXRsZT5Ud2l0dGVyPC90aXRsZT48dGl0bGU-VHVtYmxyPC90aXRsZT48dGl0bGU-U3BvdGlmeTwvdGl0bGU-PHRpdGxlPkVtYWlsPC90aXRsZT48dGl0bGU-VHJpYW5nbGU8L3RpdGxlPjx0aXRsZT5Zb3V0dWJlPC90aXRsZT48dGl0bGU-U25hcGNoYXQ8L3RpdGxlPjx0aXRsZT5NYWduaWZ5PC90aXRsZT48dGl0bGU-R2xvYmU8L3RpdGxlPjx0aXRsZT5UaWtUb2s8L3RpdGxlPjx0aXRsZT5Tb3VuZGNsb3VkPC90aXRsZT48dGl0bGU-U2VhcmNoPC90aXRsZT48dGl0bGU-Q2xvc2U8L3RpdGxlPg&i6=MmEwMzoxYjIwOjY6ZjAxMTo6M2U%3D&n3pc=true
Request Chain 34
  • https://9382130.fls.doubleclick.net/activityi;src=9382130;type=retarget;cat=retarg0;ord=2307703891364;auiddc=659603674.1692741976;u1=undefined;u4=undefined;u5=The%20Roxy%20Turns%2050;u6=undefined;u7=undefined;u8=undefined;u9=undefined;u18=theroxyturns50.com;u19=undefined;u20=undefined;u21=undefined;u22=undefined;u23=null;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Ftheroxyturns50.com%2F HTTP 302
  • https://9382130.fls.doubleclick.net/activityi;dc_pre=CJTOvKGj8YADFagNogMdJNIOSg;src=9382130;type=retarget;cat=retarg0;ord=2307703891364;auiddc=659603674.1692741976;u1=undefined;u4=undefined;u5=The%20Roxy%20Turns%2050;u6=undefined;u7=undefined;u8=undefined;u9=undefined;u18=theroxyturns50.com;u19=undefined;u20=undefined;u21=undefined;u22=undefined;u23=null;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Ftheroxyturns50.com%2F
Request Chain 36
  • https://9382130.fls.doubleclick.net/activityi;src=9382130;type=retarget;cat=retarg0;ord=1357596457420;auiddc=659603674.1692741976;u1=undefined;u4=undefined;u5=The%20Roxy%20Turns%2050;u6=undefined;u7=undefined;u8=undefined;u9=undefined;u18=theroxyturns50.com;u19=undefined;u20=undefined;u21=undefined;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Ftheroxyturns50.com%2F HTTP 302
  • https://9382130.fls.doubleclick.net/activityi;dc_pre=CLrKvKGj8YADFecNogMdpjsKzA;src=9382130;type=retarget;cat=retarg0;ord=1357596457420;auiddc=659603674.1692741976;u1=undefined;u4=undefined;u5=The%20Roxy%20Turns%2050;u6=undefined;u7=undefined;u8=undefined;u9=undefined;u18=theroxyturns50.com;u19=undefined;u20=undefined;u21=undefined;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Ftheroxyturns50.com%2F
Request Chain 37
  • https://9382130.fls.doubleclick.net/activityi;src=9382130;type=norev0;cat=unive0;ord=8637964758585;auiddc=659603674.1692741976;u1=undefined;u4=undefined;u5=The%20Roxy%20Turns%2050;u6=undefined;u7=undefined;u8=undefined;u9=undefined;u10=undefined;u12=undefined;u13=undefined;u14=undefined;u15=undefined;u16=undefined;u18=theroxyturns50.com;u19=undefined;u20=undefined;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Ftheroxyturns50.com%2F HTTP 302
  • https://9382130.fls.doubleclick.net/activityi;dc_pre=CKbQvKGj8YADFQVTGAodxlAIwQ;src=9382130;type=norev0;cat=unive0;ord=8637964758585;auiddc=659603674.1692741976;u1=undefined;u4=undefined;u5=The%20Roxy%20Turns%2050;u6=undefined;u7=undefined;u8=undefined;u9=undefined;u10=undefined;u12=undefined;u13=undefined;u14=undefined;u15=undefined;u16=undefined;u18=theroxyturns50.com;u19=undefined;u20=undefined;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Ftheroxyturns50.com%2F
Request Chain 46
  • https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3D0eee77b1-c021-2f52-4b55-8c71bbad8383%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.aegworldwide.com/&ex-hargs=v%3D1.0%3Bc%3D581380979449813845%3Bp%3D0EEE77B1-C021-2F52-4B55-8C71BBAD8383 HTTP 302
  • https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3D0eee77b1-c021-2f52-4b55-8c71bbad8383%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.aegworldwide.com/&ex-hargs=v%3D1.0%3Bc%3D581380979449813845%3Bp%3D0EEE77B1-C021-2F52-4B55-8C71BBAD8383&dcc=t
Request Chain 74
  • https://s.tribalfusion.com/insights?%7B%22tagKey%22%3A%223254064236%22%2C%22th%22%3A7565916822%2C%22version%22%3A%221.0%22%2C%22tKey%22%3A%22aQmneMQmJC3tQn0HvZdmdaMSS38SBrgpO%22%2C%22url%22%3A%22https%3A%2F%2Ftheroxyturns50.com%2F%22%2C%22clientName%22%3A%22AEG%2520-%2520Rogers%2520Waters%22%2C%22clientID%22%3A797983%2C%22eventType%22%3A%22insights%22%2C%22segmentNumber%22%3A0%2C%22segmentName%22%3A%22AEGRogerWatersInsight%22%7D HTTP 302
  • https://ib.adnxs.com/getuidu?https://a.tribalfusion.com/i.match?p=b26&u=$UID&redirect=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D305%26code%3D%24TF_USER_ID_ENC%24 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuidu%3Fhttps%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db26%26u%3D%24UID%26redirect%3Dhttps%253A%252F%252Fib.adnxs.com%252Fsetuid%253Fentity%253D305%2526code%253D%2524TF_USER_ID_ENC%2524 HTTP 302
  • https://a.tribalfusion.com/i.match?p=b26&u=1573183525769124613&redirect=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D305%26code%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://ib.adnxs.com/setuid?entity=305&code=18072662106367513903
Request Chain 78
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=027a5a03-77f6-4f84-9c33-888b98f5ba7d HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=6d202501-b3d1-41a5-9bc0-f2e864741bd2%3A1692741977.6216466&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D6d202501-b3d1-41a5-9bc0-f2e864741bd2%253A1692741977.6216466%26_%3D1692741977.6272497&cb=1692741977.627296 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5142336724842706230&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D6d202501-b3d1-41a5-9bc0-f2e864741bd2%253A1692741977.6216466%26_%3D1692741977.6272497 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=6d202501-b3d1-41a5-9bc0-f2e864741bd2%3A1692741977.6216466&_=1692741977.6272497
Request Chain 79
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D HTTP 302
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=2846705687199187233 HTTP 303
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Request Chain 83
  • https://b1sync.zemanta.com/usersync/liveintent/?cb=//i.liadm.com/s/35004?bidder_id%3D98254%26bidder_uuid%3D__ZUID__ HTTP 302
  • https://i.liadm.com/s/35004?bidder_id=98254&bidder_uuid= HTTP 303
  • https://i6.liadm.com/s/35004?bidder_id=98254&bidder_uuid=
Request Chain 84
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=027a5a03-77f6-4f84-9c33-888b98f5ba7d HTTP 302
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=027a5a03-77f6-4f84-9c33-888b98f5ba7d&rd=Y
Request Chain 85
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D HTTP 302
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=2342302528933691681 HTTP 303
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Request Chain 86
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=027a5a03-77f6-4f84-9c33-888b98f5ba7d HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=d7b5083d-f078-430a-8744-2a488c5cf1aa%3A1692741977.6198332&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dd7b5083d-f078-430a-8744-2a488c5cf1aa%253A1692741977.6198332%26_%3D1692741977.624094&cb=1692741977.6241465 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5144588525988358656&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dd7b5083d-f078-430a-8744-2a488c5cf1aa%253A1692741977.6198332%26_%3D1692741977.624094 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=d7b5083d-f078-430a-8744-2a488c5cf1aa%3A1692741977.6198332&_=1692741977.624094
Request Chain 90
  • https://b1sync.zemanta.com/usersync/liveintent/?cb=//i.liadm.com/s/35004?bidder_id%3D98254%26bidder_uuid%3D__ZUID__ HTTP 302
  • https://i.liadm.com/s/35004?bidder_id=98254&bidder_uuid= HTTP 303
  • https://i6.liadm.com/s/35004?bidder_id=98254&bidder_uuid=
Request Chain 91
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=027a5a03-77f6-4f84-9c33-888b98f5ba7d HTTP 302
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=027a5a03-77f6-4f84-9c33-888b98f5ba7d&rd=Y

96 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
theroxyturns50.com/
361 KB
362 KB
Document
General
Full URL
https://theroxyturns50.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
34.68.39.163 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
163.39.68.34.bc.googleusercontent.com
Software
nginx/1.16.1 / PHP/7.3.22
Resource Hash
9ee5289e15b841e93b77e06957fb19d74f8492c376455036db41676982c10b0a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Tue, 22 Aug 2023 22:06:14 GMT
Server
nginx/1.16.1
Transfer-Encoding
chunked
X-Powered-By
PHP/7.3.22
flickity.min.css
aegwebprod.blob.core.windows.net/content/assets/
2 KB
2 KB
Stylesheet
General
Full URL
https://aegwebprod.blob.core.windows.net/content/assets/flickity.min.css
Requested by
Host: theroxyturns50.com
URL: https://theroxyturns50.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.228.100 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
8eef2ef6cf882d5e2e9167cb7c8b0ebbeb75b28a698835488733d149326fab4f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://theroxyturns50.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Tue, 22 Aug 2023 22:06:14 GMT
Last-Modified
Wed, 15 Mar 2023 22:28:31 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
7U6e1YcODUvyUyzj7crxfQ==
ETag
0x8DB25A49B1C7D2B
Content-Type
text/css
Access-Control-Allow-Origin
*
x-ms-request-id
b3092fbd-d01e-0062-1444-d5dd8d000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
1797
flickity-fade.css
aegwebprod.blob.core.windows.net/content/assets/
211 B
828 B
Stylesheet
General
Full URL
https://aegwebprod.blob.core.windows.net/content/assets/flickity-fade.css
Requested by
Host: theroxyturns50.com
URL: https://theroxyturns50.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.228.100 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
2a98d71e9acd8e999a4b7d9dc4140340203230b12f2f06cf24e1ed38e8fa8cca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://theroxyturns50.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Tue, 22 Aug 2023 22:06:14 GMT
Last-Modified
Wed, 15 Mar 2023 22:38:26 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
sEOhhOgXJTHmo2bDTGF+fw==
ETag
0x8DB25A5FE40493E
Content-Type
text/css
Access-Control-Allow-Origin
*
x-ms-request-id
bceb5dd9-201e-0004-3c44-d592ad000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
211
fullscreen.css
aegwebprod.blob.core.windows.net/content/assets/
1 KB
2 KB
Stylesheet
General
Full URL
https://aegwebprod.blob.core.windows.net/content/assets/fullscreen.css
Requested by
Host: theroxyturns50.com
URL: https://theroxyturns50.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.228.100 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d4c1270f7869730d1490f7df3d4bf63e21b5baa51ebbc67c31001317d4e50dbb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://theroxyturns50.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Tue, 22 Aug 2023 22:06:14 GMT
Last-Modified
Wed, 15 Mar 2023 22:35:18 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
g18u6ssdm/iYKC+VEcZlKw==
ETag
0x8DB25A58DE6B7E3
Content-Type
text/css
Access-Control-Allow-Origin
*
x-ms-request-id
bb458ec2-201e-002b-7044-d59f66000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
1135
jquery.fancybox.min.css
aegwebprod.blob.core.windows.net/content/assets/
12 KB
13 KB
Stylesheet
General
Full URL
https://aegwebprod.blob.core.windows.net/content/assets/jquery.fancybox.min.css
Requested by
Host: theroxyturns50.com
URL: https://theroxyturns50.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.228.100 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://theroxyturns50.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Tue, 22 Aug 2023 22:06:14 GMT
Last-Modified
Wed, 15 Mar 2023 22:36:42 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
otQlhCkvZMWCfotnsbOHJg==
ETag
0x8DB25A5BFC3E658
Content-Type
text/css
Access-Control-Allow-Origin
*
x-ms-request-id
042f7f11-501e-0031-6644-d5feb9000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
12795
style.css
aegwebprod.blob.core.windows.net/templates/template5/
94 KB
94 KB
Stylesheet
General
Full URL
https://aegwebprod.blob.core.windows.net/templates/template5/style.css
Requested by
Host: theroxyturns50.com
URL: https://theroxyturns50.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.228.100 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
294429f23aa2612eac0468439f3a5a500a9d6c8006c0de7a8b96c31fd7dc959c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://theroxyturns50.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Tue, 22 Aug 2023 22:06:13 GMT
Last-Modified
Fri, 10 Mar 2023 22:15:28 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
YGd4HkYWRXMTvLwsce4Mfg==
ETag
0x8DB21B4F4C1A7E2
Content-Type
text/css
Access-Control-Allow-Origin
*
x-ms-request-id
7ebe0291-101e-0030-2044-d5a165000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
96005
dso8hiw.css
use.typekit.net/
11 KB
1 KB
Stylesheet
General
Full URL
https://use.typekit.net/dso8hiw.css
Requested by
Host: theroxyturns50.com
URL: https://theroxyturns50.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
d3f70d18b807bab899ea3a1ba69474a2ca8ef51e00f3ba7a576987ddedf0931c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://theroxyturns50.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Tue, 22 Aug 2023 22:06:14 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1262
js
www.googletagmanager.com/gtag/
265 KB
89 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-H8FV7Z0R60
Requested by
Host: theroxyturns50.com
URL: https://theroxyturns50.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7057231213fc5a9d44caa50d1b98a6bd7d6e9027e53163f92c48fe98979e5d9f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://theroxyturns50.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 22:06:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
90249
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 22 Aug 2023 22:06:15 GMT
p.css
p.typekit.net/
5 B
172 B
Stylesheet
General
Full URL
https://p.typekit.net/p.css?s=1&k=dso8hiw&ht=tk&f=564.13378.18220.18221.18222.18223.18304.18305.18306.18307.18219.18239.18240.18241.18242&a=131151432&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/dso8hiw.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://use.typekit.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 22:06:14 GMT
last-modified
Fri, 23 Jun 2023 17:09:47 GMT
server
nginx
etag
"6495d1db-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
hMAe74K1H7WDk15CVE6Dr0XCDTqEd9vTQ5xXK6SY.png
aegwebprod.blob.core.windows.net/content/content_images/432/
186 KB
186 KB
Image
General
Full URL
https://aegwebprod.blob.core.windows.net/content/content_images/432/hMAe74K1H7WDk15CVE6Dr0XCDTqEd9vTQ5xXK6SY.png
Requested by
Host: theroxyturns50.com
URL: https://theroxyturns50.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.228.100 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
ae39d668007b139f33171fbca1e071b7a3d5ba503f3e989efc69a518392ca41b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://theroxyturns50.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Tue, 22 Aug 2023 22:06:14 GMT
Last-Modified
Mon, 17 Jul 2023 21:18:42 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
qYSkOad4G5B3cUqKtxlwZQ==
ETag
0x8DB870B66022E41
Content-Type
image/png
Access-Control-Allow-Origin
*
x-ms-request-id
7ebe03ba-101e-0030-2b44-d5a165000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
190187
uoBohakkXEdnZ6Y1fOKjHoNMuHMKrhxHGLoYTSAQ.png
aegwebprod.blob.core.windows.net/content/content_images/432/
16 KB
17 KB
Image
General
Full URL
https://aegwebprod.blob.core.windows.net/content/content_images/432/uoBohakkXEdnZ6Y1fOKjHoNMuHMKrhxHGLoYTSAQ.png
Requested by
Host: theroxyturns50.com
URL: https://theroxyturns50.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.228.100 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
08e47618ed8e893b5beed26b218bf80c6135f1d46a278a0cdfb7744e7a9f4bfa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://theroxyturns50.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Tue, 22 Aug 2023 22:06:14 GMT
Last-Modified
Tue, 15 Aug 2023 01:26:18 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
1sAjhu5F/OgliVPycuRZ5Q==
ETag
0x8DB9D2EA0635C33
Content-Type
image/png
Access-Control-Allow-Origin
*
x-ms-request-id
bceb5fe2-201e-0004-1b44-d592ad000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
16331
OwkddKNpGG4YdT7LxQPEeEK4i4UwxFR8GgKGtmgD.png
aegwebprod.blob.core.windows.net/content/content_images/432/
16 KB
16 KB
Image
General
Full URL
https://aegwebprod.blob.core.windows.net/content/content_images/432/OwkddKNpGG4YdT7LxQPEeEK4i4UwxFR8GgKGtmgD.png
Requested by
Host: theroxyturns50.com
URL: https://theroxyturns50.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.228.100 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e0ec047b822474f3f1f24f8d16b7e36560712b6b8e8ced4bbd36c8cca73e3898

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://theroxyturns50.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Tue, 22 Aug 2023 22:06:15 GMT
Last-Modified
Tue, 18 Jul 2023 00:33:20 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
Wv6+1fE94virkCMUTXu8NQ==
ETag
0x8DB8726965F3730
Content-Type
image/png
Access-Control-Allow-Origin
*
x-ms-request-id
bb4590b3-201e-002b-3e44-d59f66000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
16099
FlPAKGZ7oqMFJYUaG8Ee5zP37whu3kQ0P7b4k9ur.png
aegwebprod.blob.core.windows.net/content/content_images/432/
16 KB
17 KB
Image
General
Full URL
https://aegwebprod.blob.core.windows.net/content/content_images/432/FlPAKGZ7oqMFJYUaG8Ee5zP37whu3kQ0P7b4k9ur.png
Requested by
Host: theroxyturns50.com
URL: https://theroxyturns50.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.228.100 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
08e47618ed8e893b5beed26b218bf80c6135f1d46a278a0cdfb7744e7a9f4bfa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://theroxyturns50.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Tue, 22 Aug 2023 22:06:14 GMT
Last-Modified
Tue, 18 Jul 2023 00:27:30 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
1sAjhu5F/OgliVPycuRZ5Q==
ETag
0x8DB8725C6086188
Content-Type
image/png
Access-Control-Allow-Origin
*
x-ms-request-id
b30930e6-d01e-0062-1a44-d5dd8d000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
16331
MY4BNbKHgffH7q82Elw7o93cl7BMkoUrnovgjCIx.png
aegwebprod.blob.core.windows.net/content/content_images/432/
49 KB
49 KB
Image
General
Full URL
https://aegwebprod.blob.core.windows.net/content/content_images/432/MY4BNbKHgffH7q82Elw7o93cl7BMkoUrnovgjCIx.png
Requested by
Host: theroxyturns50.com
URL: https://theroxyturns50.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.228.100 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
91a0dd1b375244a1885437227461c017dd4a1b46d0272963f7a1a83e3c84ca4e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://theroxyturns50.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Tue, 22 Aug 2023 22:06:14 GMT
Last-Modified
Mon, 17 Jul 2023 23:23:16 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
4XGeW4G8ct7NbGrGRc/nmA==
ETag
0x8DB871CCCC9BE8A
Content-Type
image/png
Access-Control-Allow-Origin
*
x-ms-request-id
bceb60a8-201e-0004-4944-d592ad000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
49750
app.js
aegwebprod.blob.core.windows.net/templates/template5/js/
888 KB
888 KB
Script
General
Full URL
https://aegwebprod.blob.core.windows.net/templates/template5/js/app.js
Requested by
Host: theroxyturns50.com
URL: https://theroxyturns50.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.228.100 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
b07a3189298ec358e3dc87bd2a068a33e8dd0b469afaee0218dd7a5a308355fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://theroxyturns50.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Tue, 22 Aug 2023 22:06:14 GMT
Last-Modified
Tue, 18 Apr 2023 20:02:29 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
Ltx+nueUsf9WCIYonAW49w==
ETag
0x8DB4047D7269399
Content-Type
application/javascript
Access-Control-Allow-Origin
*
x-ms-request-id
042f7fb4-501e-0031-0144-d5feb9000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
909096
universalpixel.js
tracking.aegpresents.com/universalpixel/
353 B
722 B
Script
General
Full URL
https://tracking.aegpresents.com/universalpixel/universalpixel.js?t=1692748800000
Requested by
Host: theroxyturns50.com
URL: https://theroxyturns50.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:9800:11:65f0:c080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
860982f7df0344e1608e42a5279603244e7bb6c6c92f99a7d8442ff61a4637a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://theroxyturns50.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
yzC2d5nyWhAWpaIfBFOzFwofkVYfpPI6
date
Tue, 22 Aug 2023 01:58:58 GMT
via
1.1 fe6d656eba9969a63bb94889f81e9bf8.cloudfront.net (CloudFront)
last-modified
Thu, 25 Oct 2018 06:36:50 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P3
age
72545
etag
"43b149699f79e5268943f6db2d7e2edb"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
353
x-amz-cf-id
LgpsU4hbRaLa14Ypx1KAmniE3RQIKWoMYUXWmMIr2Er6FQGxxZtiOA==
roxy-bg-01.jpg
aegwebprod.blob.core.windows.net/content/roxy/
386 KB
386 KB
Image
General
Full URL
https://aegwebprod.blob.core.windows.net/content/roxy/roxy-bg-01.jpg
Requested by
Host: theroxyturns50.com
URL: https://theroxyturns50.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.228.100 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
0605c3ca54ef0e99de82a99640b0c7ac331dd83cce98e50a7fc80f3b56b52e22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://theroxyturns50.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Tue, 22 Aug 2023 22:06:15 GMT
Last-Modified
Mon, 17 Jul 2023 21:06:58 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
GZkWARDxvUcvrNFeAo9ikA==
ETag
0x8DB8709C1E3BE44
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
x-ms-request-id
bb4591a5-201e-002b-1b44-d59f66000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
394804
privacyoptions29x14.png
aegwebprod.blob.core.windows.net/content/aegpresents/
697 B
1 KB
Image
General
Full URL
https://aegwebprod.blob.core.windows.net/content/aegpresents/privacyoptions29x14.png
Requested by
Host: aegwebprod.blob.core.windows.net
URL: https://aegwebprod.blob.core.windows.net/templates/template5/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.228.100 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f2f5996735ffed762a680d48858858502b52c2c32509a5c5f598c5d9f2fdcaea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aegwebprod.blob.core.windows.net/templates/template5/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Tue, 22 Aug 2023 22:06:14 GMT
Last-Modified
Tue, 24 Jan 2023 22:19:45 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
O+zAsAaWIlRKH/stqQ7r4w==
ETag
0x8DAFE5919432A12
Content-Type
image/png
Access-Control-Allow-Origin
*
x-ms-request-id
b309312d-d01e-0062-5f44-d5dd8d000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
697
l
use.typekit.net/af/9ff5df/0000000000000000000131a3/27/
41 KB
41 KB
Font
General
Full URL
https://use.typekit.net/af/9ff5df/0000000000000000000131a3/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/dso8hiw.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
469970139b65ffa44961ccbd68cdd60bce4138ad6ce132a4ff094040289cec86

Request headers

Referer
https://use.typekit.net/dso8hiw.css
Origin
https://theroxyturns50.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 22:06:15 GMT
server
nginx
etag
"8e888b8d02a8813da28688c50bc8e81b90385815"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
41724
l
use.typekit.net/af/24da34/000000000000000077359720/30/
26 KB
27 KB
Font
General
Full URL
https://use.typekit.net/af/24da34/000000000000000077359720/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/dso8hiw.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
9249d0cecd630a0898036652b3014a04d522da592e9c67ace2db098770404408

Request headers

Referer
https://use.typekit.net/dso8hiw.css
Origin
https://theroxyturns50.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 22:06:15 GMT
server
nginx
etag
"be0431215244d1722223a2af039ac4d0f5db146b"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
27024
AlteHaasGrotesk_Bold.woff2
aegwebprod.blob.core.windows.net/content/gv_april_2023/fonts/
43 KB
43 KB
Font
General
Full URL
https://aegwebprod.blob.core.windows.net/content/gv_april_2023/fonts/AlteHaasGrotesk_Bold.woff2
Requested by
Host: theroxyturns50.com
URL: https://theroxyturns50.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.228.100 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
769e4faed4561c5f7912f6f86cfaf1b0d487835b8c3be0e24e0cdb846be4c12b

Request headers

Referer
https://theroxyturns50.com/
Origin
https://theroxyturns50.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Tue, 22 Aug 2023 22:06:15 GMT
Last-Modified
Tue, 14 Feb 2023 21:35:59 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
AZDJbeB9ir+6l3k+xygpcA==
ETag
0x8DB0ED376A7648D
Content-Type
font/woff2
Access-Control-Allow-Origin
*
x-ms-request-id
6f48b811-a01e-0025-1c44-d5b6d6000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
43920
gtm.js
www.googletagmanager.com/
633 KB
164 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M9NK8HW
Requested by
Host: tracking.aegpresents.com
URL: https://tracking.aegpresents.com/universalpixel/universalpixel.js?t=1692748800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
32b5f833e8b0f1c07c0744eb9e72aac10f1c5ec8778c6f78342a8a7d82a80e08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://theroxyturns50.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 22:06:15 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
167547
x-xss-protection
0
last-modified
Tue, 22 Aug 2023 21:09:12 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 22 Aug 2023 22:06:15 GMT
collect
region1.analytics.google.com/g/
0
256 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-H8FV7Z0R60&gtm=45je38l0&_p=318331468&_gaz=1&cid=1776390440.1692741975&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1692741975&sct=1&seg=0&dl=https%3A%2F%2Ftheroxyturns50.com%2F&dt=The%20Roxy%20Turns%2050&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H8FV7Z0R60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://theroxyturns50.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 22:06:15 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://theroxyturns50.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
256 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-H8FV7Z0R60&cid=1776390440.1692741975&gtm=45je38l0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H8FV7Z0R60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://theroxyturns50.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 22:06:15 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://theroxyturns50.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
408 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-H8FV7Z0R60&cid=1776390440.1692741975&gtm=45je38l0&aip=1&z=396245465
Requested by
Host: theroxyturns50.com
URL: https://theroxyturns50.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://theroxyturns50.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 22:06:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
events.js
analytics.tiktok.com/i18n/pixel/
5 KB
2 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C2T72MSAJ6IAHR393GU0&lib=ttq
Requested by
Host: theroxyturns50.com
URL: https://theroxyturns50.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.98.53 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-38-98-53.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
c7b85b97b913e911076bf2a1af845ff6d23f3ced19f23669a19ffafbad05ebe5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://theroxyturns50.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-akamai-request-id
48de8424
date
Tue, 22 Aug 2023 22:06:15 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-38-99-117.deploy.akamaitechnologies.com (AkamaiGHost/11.2.2-50274567) (-)
server-timing
inner; dur=3, cdn-cache; desc=MISS, edge; dur=0, origin; dur=98
content-length
1850
pragma
no-cache
server
nginx
x-tt-logid
202308222206154CF39B7EC1A4777F2C5F
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
98,23.38.99.117
x-tt-trace-host
011176e688eb45422a7c21af8c7bd555abd28a4d3ce4f6eb097034688a6672c2b1e31ee2e1adbe0f02ee448a843afb66f018f90f63c793c5126293da3ac81deca9bc6c7d8e47a10cd28553e79e25f519e126a9b2857e0a05ab0cd70065ae5288c7
expires
Tue, 22 Aug 2023 22:06:15 GMT
a-08c7.min.js
b-code.liadm.com/
44 KB
15 KB
Script
General
Full URL
https://b-code.liadm.com/a-08c7.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M9NK8HW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25e9:ea00:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
facb3580df0682292a16c4cb1cb710463a110c77e44c0846907141ce3437abec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://theroxyturns50.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 10:11:21 GMT
content-encoding
gzip
via
1.1 159e16027561f2440d64c3f79534611e.cloudfront.net (CloudFront)
x-amz-cf-pop
MXP53-P1
age
42894
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
"public, max-age=86400"
x-amz-cf-id
A-ebiy0cCoRZLBGJcWbYTMwcqXIyPYorjKQrwHPVTJurTxvimmQy2w==
up_loader.1.1.0.js
js.adsrvr.org/
5 KB
3 KB
Script
General
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M9NK8HW
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.40.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-40-116.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://theroxyturns50.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Tue, 22 Aug 2023 06:16:42 GMT
Content-Encoding
gzip
Via
1.1 82fdc4c167a56caabe3a8a99b02abee4.cloudfront.net (CloudFront)
Last-Modified
Tue, 01 Aug 2023 20:10:44 GMT
Server
AmazonS3
X-Amz-Cf-Pop
MUC50-P2
Age
56974
x-amz-server-side-encryption
AES256
ETag
W/"b7474eac210849250426a8f6a39d00f3"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
P0tEVqfwZjBYCldOMBb9QgPvmE_rctgIYs82AIfPAhN5QePBPACmdw==
sync-container.js
b-code.liadm.com/
6 KB
3 KB
Script
General
Full URL
https://b-code.liadm.com/sync-container.js
Requested by
Host: b-code.liadm.com
URL: https://b-code.liadm.com/a-08c7.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25e9:ea00:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://theroxyturns50.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 10:11:06 GMT
x-amz-version-id
P2G05QRInXqMbYiaQAfs8F93v0Opxze8
content-encoding
gzip
last-modified
Mon, 24 Jul 2023 11:11:51 GMT
server
AmazonS3
via
1.1 159e16027561f2440d64c3f79534611e.cloudfront.net (CloudFront)
x-amz-cf-pop
MXP53-P1
etag
W/"ae5e94de938b0387eda6df8f20da811a"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=2592000
age
1252510
x-amz-cf-id
rvRwusKzW9HHT1AeMs-cacb7hzLJQ0Aplewkmvn-t70jOMsxQcdnYQ==
main.MTAwYzY4Y2VmMQ.js
analytics.tiktok.com/i18n/pixel/static/
358 KB
97 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MTAwYzY4Y2VmMQ.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C2T72MSAJ6IAHR393GU0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.98.53 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-38-98-53.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5ccf4991f47947a07e1b9bd330e12b2f257b32cc305067e39c1b7cafba03eaa3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://theroxyturns50.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-akamai-request-id
48de84c3
date
Tue, 22 Aug 2023 22:06:15 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
202308101445263AF918207DC08E80118A
vary
Accept-Encoding
x-cache
TCP_HIT from a23-38-99-117.deploy.akamaitechnologies.com (AkamaiGHost/11.2.2-50274567) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
012e1382f636ff5c3f69344cf789ccc4d23e8fd63d1d041d42cc1b2af3360817b1109f2029ff70a0a423d28217868783b55fbe479b0874a0a889fba36cba4f00884cdcf29d27d2792ed6e5c334a49979e272cfd547310d43fd81f262bf532758ff
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=4
content-length
98958
identify_2ff01.js
analytics.tiktok.com/i18n/pixel/static/
114 KB
31 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_2ff01.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTAwYzY4Y2VmMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.98.53 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-38-98-53.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
2d3ff80dc49c08bd9982df33d6dc5c6c0d223dab3636a7c9115f65f0a8af342b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://theroxyturns50.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-akamai-request-id
48de850a
date
Tue, 22 Aug 2023 22:06:15 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20230810144445EF8DCB7E2D6C0F7A64CA
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a23-38-99-117.deploy.akamaitechnologies.com (AkamaiGHost/11.2.2-50274567) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01d6f8086e781a14814fd065ad85e144d013143d4b130c78043517b8b1d37a3b6cf0acaacbaee245155dfc72db68a8a6ccb571c970d9a7d736a4add036178534ca7a84c0a0f152900d23167413b6895a21a4984072d350da1953f25d89f46fedcc
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length
30832
pixel
analytics.tiktok.com/api/v2/
0
551 B
Ping
General
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTAwYzY4Y2VmMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.98.53 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-38-98-53.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://theroxyturns50.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 22:06:15 GMT
x-akamai-request-id
48de8570
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
server
nginx
x-tt-logid
202308222206154CF39B7EC1A4777F2C7C
x-cache
TCP_MISS from a23-38-99-117.deploy.akamaitechnologies.com (AkamaiGHost/11.2.2-50274567) (-)
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
123,23.38.99.117
x-tt-trace-host
011176e688eb45422a7c21af8c7bd555abd28a4d3ce4f6eb097034688a6672c2b1e31ee2e1adbe0f02ee448a843afb66f0a9b0681139599f878db6975d5c159479339cbc688a16a9d874092175a927a41ff93278c1f6d5f2a5f3d8b203bf80c7cb
server-timing
inner; dur=28, cdn-cache; desc=MISS, edge; dur=6, origin; dur=123
content-length
0
expires
Tue, 22 Aug 2023 22:06:15 GMT
j
rp4.liadm.com/
Redirect Chain
  • https://rp.liadm.com/j?dtstmp=1692741975812&aid=a-08c7&se=e30&duid=5d0ba3796ade--01h8fmhfh6nhjgz2vh01js81sg&tna=v2.7.10&pu=https%3A%2F%2Ftheroxyturns50.com%2F&wpn=lc-bundle&c=PHRpdGxlPlRoZSBSb3h5IF...
  • https://rp4.liadm.com/j?dtstmp=1692741975812&aid=a-08c7&se=e30&duid=5d0ba3796ade--01h8fmhfh6nhjgz2vh01js81sg&tna=v2.7.10&pu=https%3A%2F%2Ftheroxyturns50.com%2F&wpn=lc-bundle&c=PHRpdGxlPlRoZSBSb3h5I...
13 B
553 B
XHR
General
Full URL
https://rp4.liadm.com/j?dtstmp=1692741975812&aid=a-08c7&se=e30&duid=5d0ba3796ade--01h8fmhfh6nhjgz2vh01js81sg&tna=v2.7.10&pu=https%3A%2F%2Ftheroxyturns50.com%2F&wpn=lc-bundle&c=PHRpdGxlPlRoZSBSb3h5IFR1cm5zIDUwPC90aXRsZT48dGl0bGU-RmFjZWJvb2s8L3RpdGxlPjx0aXRsZT5JbnN0YWdyYW08L3RpdGxlPjx0aXRsZT5SZWRkaXQ8L3RpdGxlPjx0aXRsZT5Ud2l0dGVyPC90aXRsZT48dGl0bGU-VHVtYmxyPC90aXRsZT48dGl0bGU-U3BvdGlmeTwvdGl0bGU-PHRpdGxlPkVtYWlsPC90aXRsZT48dGl0bGU-VHJpYW5nbGU8L3RpdGxlPjx0aXRsZT5Zb3V0dWJlPC90aXRsZT48dGl0bGU-U25hcGNoYXQ8L3RpdGxlPjx0aXRsZT5NYWduaWZ5PC90aXRsZT48dGl0bGU-R2xvYmU8L3RpdGxlPjx0aXRsZT5UaWtUb2s8L3RpdGxlPjx0aXRsZT5Tb3VuZGNsb3VkPC90aXRsZT48dGl0bGU-U2VhcmNoPC90aXRsZT48dGl0bGU-Q2xvc2U8L3RpdGxlPg&i6=MmEwMzoxYjIwOjY6ZjAxMTo6M2U%3D&n3pc=true
Requested by
Host: theroxyturns50.com
URL: https://theroxyturns50.com/
Protocol
H2
Server
18.213.204.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-213-204-44.compute-1.amazonaws.com
Software
/
Resource Hash
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://theroxyturns50.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 22:06:16 GMT
x-pixel-event-id
3602815e-cec5-493b-b8e8-a58cb57dadfb
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
strict-transport-security
max-age=31536000; includeSubDomains
x-frame-options
DENY
vary
Origin
content-type
application/json
request-time
6
access-control-allow-origin
null
access-control-allow-credentials
true
trace-id
f10a2854b0936006
content-length
13
x-xss-protection
1; mode=block

Redirect headers

date
Tue, 22 Aug 2023 22:06:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
vary
Origin
location
https://rp4.liadm.com/j?dtstmp=1692741975812&aid=a-08c7&se=e30&duid=5d0ba3796ade--01h8fmhfh6nhjgz2vh01js81sg&tna=v2.7.10&pu=https%3A%2F%2Ftheroxyturns50.com%2F&wpn=lc-bundle&c=PHRpdGxlPlRoZSBSb3h5IFR1cm5zIDUwPC90aXRsZT48dGl0bGU-RmFjZWJvb2s8L3RpdGxlPjx0aXRsZT5JbnN0YWdyYW08L3RpdGxlPjx0aXRsZT5SZWRkaXQ8L3RpdGxlPjx0aXRsZT5Ud2l0dGVyPC90aXRsZT48dGl0bGU-VHVtYmxyPC90aXRsZT48dGl0bGU-U3BvdGlmeTwvdGl0bGU-PHRpdGxlPkVtYWlsPC90aXRsZT48dGl0bGU-VHJpYW5nbGU8L3RpdGxlPjx0aXRsZT5Zb3V0dWJlPC90aXRsZT48dGl0bGU-U25hcGNoYXQ8L3RpdGxlPjx0aXRsZT5NYWduaWZ5PC90aXRsZT48dGl0bGU-R2xvYmU8L3RpdGxlPjx0aXRsZT5UaWtUb2s8L3RpdGxlPjx0aXRsZT5Tb3VuZGNsb3VkPC90aXRsZT48dGl0bGU-U2VhcmNoPC90aXRsZT48dGl0bGU-Q2xvc2U8L3RpdGxlPg&i6=MmEwMzoxYjIwOjY6ZjAxMTo6M2U%3D&n3pc=true
access-control-allow-origin
https://theroxyturns50.com
request-time
0
access-control-allow-credentials
true
trace-id
12f9d0f7b8507443
content-length
0
x-xss-protection
1; mode=block
sp_2_16_3.js
tracking.aegpresents.com/
77 KB
78 KB
Script
General
Full URL
https://tracking.aegpresents.com/sp_2_16_3.js
Requested by
Host: theroxyturns50.com
URL: https://theroxyturns50.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:9800:11:65f0:c080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bf72c42dffb746770f2d19c47619718c400b840b8bf3218a60137bee7f9a16d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://theroxyturns50.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
S0PSeETRZEGlDS2kDiQQw_ui5Gf9x1Hi
date
Mon, 21 Aug 2023 23:30:45 GMT
via
1.1 fe6d656eba9969a63bb94889f81e9bf8.cloudfront.net (CloudFront)
last-modified
Mon, 23 Nov 2020 19:35:25 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P3
age
81331
etag
"061218953601a45264b449ad25f296c7"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
78920
x-amz-cf-id
JVPRvtPdn-NTaBu73pE6KurocCGnmLHCFdyuIWUoFy5DD3j3iTvRuw==
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/854631222/
3 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/854631222/?random=1692741975983&cv=11&fst=1692741975983&bg=ffffff&guid=ON&async=1&gtm=45He38l0&u_w=1600&u_h=1200&url=https%3A%2F%2Ftheroxyturns50.com%2F&hn=www.googleadservices.com&frm=0&tiba=The%20Roxy%20Turns%2050&auid=659603674.1692741976&uamb=0&uaw=0&data=venueName%3DThe%20Roxy%20Turns%2050&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M9NK8HW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1314e08dc4404427528324c92e1940b0508ec51c8c783cb8ab377f017ca22d19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://theroxyturns50.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 22:06:16 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1323
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activityi;dc_pre=CJTOvKGj8YADFagNogMdJNIOSg;src=9382130;type=retarget;cat=retarg0;ord=2307703891364;auiddc=659603674.1692741976;u1=undefined;u4=undefined;u5=The%20Roxy%20Turns%2050;u6=undefined;u7=...
9382130.fls.doubleclick.net/ Frame D6B9
Redirect Chain
  • https://9382130.fls.doubleclick.net/activityi;src=9382130;type=retarget;cat=retarg0;ord=2307703891364;auiddc=659603674.1692741976;u1=undefined;u4=undefined;u5=The%20Roxy%20Turns%2050;u6=undefined;u...
  • https://9382130.fls.doubleclick.net/activityi;dc_pre=CJTOvKGj8YADFagNogMdJNIOSg;src=9382130;type=retarget;cat=retarg0;ord=2307703891364;auiddc=659603674.1692741976;u1=undefined;u4=undefined;u5=The%...
646 B
623 B
Document
General
Full URL
https://9382130.fls.doubleclick.net/activityi;dc_pre=CJTOvKGj8YADFagNogMdJNIOSg;src=9382130;type=retarget;cat=retarg0;ord=2307703891364;auiddc=659603674.1692741976;u1=undefined;u4=undefined;u5=The%20Roxy%20Turns%2050;u6=undefined;u7=undefined;u8=undefined;u9=undefined;u18=theroxyturns50.com;u19=undefined;u20=undefined;u21=undefined;u22=undefined;u23=null;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Ftheroxyturns50.com%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M9NK8HW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.102 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f6.1e100.net
Software
cafe /
Resource Hash
4005c8fe748f590daa5255fc8548c9fe56c8af1976f6ddcd534837b8a20fb3c1
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://theroxyturns50.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
325
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 22 Aug 2023 22:06:16 GMT
expires
Tue, 22 Aug 2023 22:06:16 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 22 Aug 2023 22:06:16 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://9382130.fls.doubleclick.net/activityi;dc_pre=CJTOvKGj8YADFagNogMdJNIOSg;src=9382130;type=retarget;cat=retarg0;ord=2307703891364;auiddc=659603674.1692741976;u1=undefined;u4=undefined;u5=The%20Roxy%20Turns%2050;u6=undefined;u7=undefined;u8=undefined;u9=undefined;u18=theroxyturns50.com;u19=undefined;u20=undefined;u21=undefined;u22=undefined;u23=null;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Ftheroxyturns50.com%2F?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/760537739/
3 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/760537739/?random=1692741975994&cv=11&fst=1692741975994&bg=ffffff&guid=ON&async=1&gtm=45He38l0&u_w=1600&u_h=1200&url=https%3A%2F%2Ftheroxyturns50.com%2F&hn=www.googleadservices.com&frm=0&tiba=The%20Roxy%20Turns%2050&auid=659603674.1692741976&uamb=0&uaw=0&data=venueName%3DThe%20Roxy%20Turns%2050&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M9NK8HW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
490362a5d70afb31da69e2d39d8b05e0986221c308a8fc66427fbac6f07bb92d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://theroxyturns50.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 22:06:16 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1324
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activityi;dc_pre=CLrKvKGj8YADFecNogMdpjsKzA;src=9382130;type=retarget;cat=retarg0;ord=1357596457420;auiddc=659603674.1692741976;u1=undefined;u4=undefined;u5=The%20Roxy%20Turns%2050;u6=undefined;u7=...
9382130.fls.doubleclick.net/ Frame 86FA
Redirect Chain
  • https://9382130.fls.doubleclick.net/activityi;src=9382130;type=retarget;cat=retarg0;ord=1357596457420;auiddc=659603674.1692741976;u1=undefined;u4=undefined;u5=The%20Roxy%20Turns%2050;u6=undefined;u...
  • https://9382130.fls.doubleclick.net/activityi;dc_pre=CLrKvKGj8YADFecNogMdpjsKzA;src=9382130;type=retarget;cat=retarg0;ord=1357596457420;auiddc=659603674.1692741976;u1=undefined;u4=undefined;u5=The%...
623 B
618 B
Document
General
Full URL
https://9382130.fls.doubleclick.net/activityi;dc_pre=CLrKvKGj8YADFecNogMdpjsKzA;src=9382130;type=retarget;cat=retarg0;ord=1357596457420;auiddc=659603674.1692741976;u1=undefined;u4=undefined;u5=The%20Roxy%20Turns%2050;u6=undefined;u7=undefined;u8=undefined;u9=undefined;u18=theroxyturns50.com;u19=undefined;u20=undefined;u21=undefined;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Ftheroxyturns50.com%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M9NK8HW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.102 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f6.1e100.net
Software
cafe /
Resource Hash
10ef10167fd03474dfdce5b5dc237702e7c1d38a193d34db72671a239250d331
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://theroxyturns50.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
320
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 22 Aug 2023 22:06:16 GMT
expires
Tue, 22 Aug 2023 22:06:16 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 22 Aug 2023 22:06:16 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://9382130.fls.doubleclick.net/activityi;dc_pre=CLrKvKGj8YADFecNogMdpjsKzA;src=9382130;type=retarget;cat=retarg0;ord=1357596457420;auiddc=659603674.1692741976;u1=undefined;u4=undefined;u5=The%20Roxy%20Turns%2050;u6=undefined;u7=undefined;u8=undefined;u9=undefined;u18=theroxyturns50.com;u19=undefined;u20=undefined;u21=undefined;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Ftheroxyturns50.com%2F?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activityi;dc_pre=CKbQvKGj8YADFQVTGAodxlAIwQ;src=9382130;type=norev0;cat=unive0;ord=8637964758585;auiddc=659603674.1692741976;u1=undefined;u4=undefined;u5=The%20Roxy%20Turns%2050;u6=undefined;u7=und...
9382130.fls.doubleclick.net/ Frame 8596
Redirect Chain
  • https://9382130.fls.doubleclick.net/activityi;src=9382130;type=norev0;cat=unive0;ord=8637964758585;auiddc=659603674.1692741976;u1=undefined;u4=undefined;u5=The%20Roxy%20Turns%2050;u6=undefined;u7=u...
  • https://9382130.fls.doubleclick.net/activityi;dc_pre=CKbQvKGj8YADFQVTGAodxlAIwQ;src=9382130;type=norev0;cat=unive0;ord=8637964758585;auiddc=659603674.1692741976;u1=undefined;u4=undefined;u5=The%20R...
690 B
672 B
Document
General
Full URL
https://9382130.fls.doubleclick.net/activityi;dc_pre=CKbQvKGj8YADFQVTGAodxlAIwQ;src=9382130;type=norev0;cat=unive0;ord=8637964758585;auiddc=659603674.1692741976;u1=undefined;u4=undefined;u5=The%20Roxy%20Turns%2050;u6=undefined;u7=undefined;u8=undefined;u9=undefined;u10=undefined;u12=undefined;u13=undefined;u14=undefined;u15=undefined;u16=undefined;u18=theroxyturns50.com;u19=undefined;u20=undefined;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Ftheroxyturns50.com%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M9NK8HW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.102 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f6.1e100.net
Software
cafe /
Resource Hash
dbb5685090d0d543bc01a799e2176b4aac0e774f10dc98aa15e08959fc3bd6e7
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://theroxyturns50.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
333
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 22 Aug 2023 22:06:16 GMT
expires
Tue, 22 Aug 2023 22:06:16 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 22 Aug 2023 22:06:16 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://9382130.fls.doubleclick.net/activityi;dc_pre=CKbQvKGj8YADFQVTGAodxlAIwQ;src=9382130;type=norev0;cat=unive0;ord=8637964758585;auiddc=659603674.1692741976;u1=undefined;u4=undefined;u5=The%20Roxy%20Turns%2050;u6=undefined;u7=undefined;u8=undefined;u9=undefined;u10=undefined;u12=undefined;u13=undefined;u14=undefined;u15=undefined;u16=undefined;u18=theroxyturns50.com;u19=undefined;u20=undefined;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Ftheroxyturns50.com%2F?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/674378718/
3 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/674378718/?random=1692741976025&cv=11&fst=1692741976025&bg=ffffff&guid=ON&async=1&gtm=45He38l0&u_w=1600&u_h=1200&url=https%3A%2F%2Ftheroxyturns50.com%2F&hn=www.googleadservices.com&frm=0&tiba=The%20Roxy%20Turns%2050&auid=659603674.1692741976&uamb=0&uaw=0&data=venueName%3DThe%20Roxy%20Turns%2050&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M9NK8HW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
080c8dab179a1d13736bdd868495b5ed548570c97e3703f39af620c922af267f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://theroxyturns50.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 22:06:16 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1323
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/616115828/
3 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/616115828/?random=1692741976026&cv=11&fst=1692741976026&bg=ffffff&guid=ON&async=1&gtm=45He38l0&u_w=1600&u_h=1200&url=https%3A%2F%2Ftheroxyturns50.com%2F&label=XmJUCOic3dYBEPTc5KUC&hn=www.googleadservices.com&frm=0&tiba=The%20Roxy%20Turns%2050&auid=659603674.1692741976&uamb=0&uaw=0&data=venueName%3DThe%20Roxy%20Turns%2050&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M9NK8HW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5fd9fe370c2b48726802d07f82a40bb2cff4585171b8a4255a8ba95c0a7b6e24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://theroxyturns50.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 22:06:16 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1371
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
core.js
s.pinimg.com/ct/
3 KB
2 KB
Script
General
Full URL
https://s.pinimg.com/ct/core.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M9NK8HW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:8d::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d045ab0a39895392a25e52ccef01397989534a60195d6b9ae227624f600884f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://theroxyturns50.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 22:06:16 GMT
content-encoding
br
x-cdn
fastly
etag
"6e7ebcfa37884d78352253e11cfcd656"
x-amz-server-side-encryption
AES256
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
X-CDN
vary
Accept-Encoding, Origin
cache-control
max-age=7200
alt-svc
h3=":443";ma=600
content-length
1474
fbevents.js
connect.facebook.net/en_US/
173 KB
47 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: theroxyturns50.com
URL: https://theroxyturns50.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ec140ae8baa4b61226d96beba9277a0072e45b805004b8ea983c5d43402aeb66
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://theroxyturns50.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 22 Aug 2023 22:06:16 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
47412
x-xss-protection
0
pragma
public
x-fb-debug
vzSWrEr+YYGzH3Df0XmhbSAqs2ENHOx4g5/ppurETzJNtLoDcPMH3S4Jx+UmcWg20HTMbJkrWtFbfeK5NKf4pw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
x-fb-optimizer
0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
pixel.js
a.tribalfusion.com/pixel/tags/AEG%20-%20Rogers%20Waters/797983/
8 KB
2 KB
Script
General
Full URL
https://a.tribalfusion.com/pixel/tags/AEG%20-%20Rogers%20Waters/797983/pixel.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M9NK8HW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cae6c65803b1bad48a4ac48174807f3535a1f0b69eb4bf422afa1c416ac4a0cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://theroxyturns50.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 22:06:16 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
p3p
CP="NOI DEVo TAIa OUR BUS"
alt-svc
h3=":443"; ma=86400
content-length
2012
x-function
151
last-modified
Wed, 26 Jul 2023 06:51:38 GMT
server
cloudflare
x-reuse-index
463
etag
6932268461290881949
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=3600, private
cf-ray
7fae6c066b2618f9-FRA
expires
Tue, 22 Aug 2023 23:06:16 GMT
a-08c7.min.js
b-code.liadm.com/
44 KB
15 KB
Script
General
Full URL
https://b-code.liadm.com/a-08c7.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M9NK8HW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25e9:ea00:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
facb3580df0682292a16c4cb1cb710463a110c77e44c0846907141ce3437abec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://theroxyturns50.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 10:11:21 GMT
content-encoding
gzip
via
1.1 159e16027561f2440d64c3f79534611e.cloudfront.net (CloudFront)
x-amz-cf-pop
MXP53-P1
age
42895
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
"public, max-age=86400"
x-amz-cf-id
PBVZp_DOn2XTWrYsQvJj9CqKBU8z_XVdq6FE-BsPcqowzfjRF-50AA==
up_loader.1.1.0.js
js.adsrvr.org/
5 KB
3 KB
Script
General
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M9NK8HW
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.40.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-40-116.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://theroxyturns50.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Tue, 22 Aug 2023 06:16:42 GMT
Content-Encoding
gzip
Via
1.1 82fdc4c167a56caabe3a8a99b02abee4.cloudfront.net (CloudFront)
Last-Modified
Tue, 01 Aug 2023 20:10:44 GMT
Server
AmazonS3
X-Amz-Cf-Pop
MUC50-P2
Age
56975
x-amz-server-side-encryption
AES256
ETag
W/"b7474eac210849250426a8f6a39d00f3"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
18GvAcx8QMjDzjI2nzFaDYbh09B5vgk9IdsJWuhSOkDTJSSOdpi_tQ==
js
www.googletagmanager.com/gtag/
243 KB
84 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-QKEQR920KZ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M9NK8HW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
807c38925ca7ecc7f3811bae72cd54900286f3b8fb24fd8619511baf9fc19127
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://theroxyturns50.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 22:06:16 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85410
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 22 Aug 2023 22:06:16 GMT
iui3
s.amazon-adsystem.com/
Redirect Chain
  • https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3D0eee77b1-c021-2f52-4b55-8c71bbad8383%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.aegworldwide.com/&ex-hargs=v%3D1.0%3Bc%3...
  • https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3D0eee77b1-c021-2f52-4b55-8c71bbad8383%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.aegworldwide.com/&ex-hargs=v%3D1.0%3Bc%3...
43 B
855 B
Image
General
Full URL
https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3D0eee77b1-c021-2f52-4b55-8c71bbad8383%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.aegworldwide.com/&ex-hargs=v%3D1.0%3Bc%3D581380979449813845%3Bp%3D0EEE77B1-C021-2F52-4B55-8C71BBAD8383&dcc=t
Requested by
Host: theroxyturns50.com
URL: https://theroxyturns50.com/
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://theroxyturns50.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Aug 2023 22:06:16 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
D1C5S839WJP2QYV78H45
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 22 Aug 2023 22:06:16 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
Z4PKY97KXGMED2372T7R
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3D0eee77b1-c021-2f52-4b55-8c71bbad8383%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.aegworldwide.com/&ex-hargs=v%3D1.0%3Bc%3D581380979449813845%3Bp%3D0EEE77B1-C021-2F52-4B55-8C71BBAD8383&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
act
analytics.tiktok.com/api/v2/pixel/
0
692 B
Ping
General
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTAwYzY4Y2VmMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.98.53 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-38-98-53.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://theroxyturns50.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
b68bdff6.48de86b6
date
Tue, 22 Aug 2023 22:06:16 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-38-99-117.deploy.akamaitechnologies.com (AkamaiGHost/11.2.2-50274567) (-)
x-parent-response-time
105,23.38.99.117
server-timing
cdn-cache; desc=MISS, edge; dur=92, origin; dur=19, inner; dur=15
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20230822220616183B737B23A92A779AB6
x-cache-remote
TCP_MISS from a23-220-106-89.deploy.akamaitechnologies.com (AkamaiGHost/11.2.2-50274567) (-)
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
19,23.220.106.89
x-tt-trace-host
011176e688eb45422a7c21af8c7bd555ab8114ecb20c7d2fe86d0a1db675a43905e241bcac469f53379c5f6a0fe93da5c68f7e2a2382d69739e15edb029833907b4aba87e7e9aa7775572b195499dc975a4d4fcc9cc70f0a6ce7b7d195ee03833c18d811cd3921b40802177ade384ffc22
expires
Tue, 22 Aug 2023 22:06:16 GMT
tp2
b.aegpresents.com/com.snowplowanalytics.snowplow/ Frame
0
0
Preflight
General
Full URL
https://b.aegpresents.com/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.148.23.33 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-148-23-33.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://theroxyturns50.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-allow-origin
https://theroxyturns50.com
access-control-max-age
600
content-length
0
date
Tue, 22 Aug 2023 22:06:16 GMT
server
nginx
tp2
b.aegpresents.com/com.snowplowanalytics.snowplow/
2 B
323 B
XHR
General
Full URL
https://b.aegpresents.com/com.snowplowanalytics.snowplow/tp2
Requested by
Host: tracking.aegpresents.com
URL: https://tracking.aegpresents.com/sp_2_16_3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.148.23.33 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-148-23-33.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://theroxyturns50.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
https://theroxyturns50.com
date
Tue, 22 Aug 2023 22:06:17 GMT
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
server
nginx
content-length
2
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
217011611820041
connect.facebook.net/signals/config/
307 KB
88 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/217011611820041?v=2.9.124&r=stable&domain=theroxyturns50.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b3f5033b168fc285113cec44959cca36d00a236e9a24329ce7979b56b150a12c
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://theroxyturns50.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 22 Aug 2023 22:06:16 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
1wXP6+6eXZZH7bWtb9jDrx8IOlCrfe4NKUL4QfeiCufQ/Qjanz7jguLtOsnnoivusOt3SCCD70Cpqknr4X8sfA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
main.85b84545.js
s.pinimg.com/ct/lib/
63 KB
18 KB
Script
General
Full URL
https://s.pinimg.com/ct/lib/main.85b84545.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:8d::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1aa00cb6c11b0869393daefa90700e47d7e08001d1972a42e85b6dc78c64d835

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://theroxyturns50.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 22:06:16 GMT
content-encoding
br
x-cdn
fastly
etag
"5ac911c7d00351e2c4d834e7141ed9df"
x-amz-server-side-encryption
AES256
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
X-CDN
vary
Accept-Encoding, Origin
cache-control
max-age=1209600
alt-svc
h3=":443";ma=600
content-length
18158
/
ct.pinterest.com/user/
562 B
903 B
XHR
General
Full URL
https://ct.pinterest.com/user/?tid=2612470221403&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1692741976106&dep=2%2CPAGE_LOAD
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.85b84545.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.208.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-183.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
192b2ece4178a456159703b5520ffc72585e066d5d09a446f88ad2a57977343f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://theroxyturns50.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 22:06:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
x-cdn
akamai
akamai-grn
0.d8d5ce17.1692741976.7f71b4e
x-envoy-upstream-service-time
0
content-length
385
x-pinterest-rid
1537118299777929
pin-unauth
dWlkPU4yUm1Nelk0TlRrdFkyUXlZUzAwT0dSbExUZzJNREF0T1dZME1EZzROMlF4TW1FeA
pragma
no-cache
referrer-policy
origin
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://theroxyturns50.com
access-control-expose-headers
Epik,Pin-Unauth
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
pinterest-version
2aab430320b88faaad4c2c112b7a9c75e32167e1
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ct.pinterest.com/user/
562 B
903 B
XHR
General
Full URL
https://ct.pinterest.com/user/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2612470221403&cb=1692741976107&dep=5%2CEVENT_TAGS_ABSENT
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.85b84545.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.208.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-183.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
192b2ece4178a456159703b5520ffc72585e066d5d09a446f88ad2a57977343f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://theroxyturns50.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 22:06:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
x-cdn
akamai
akamai-grn
0.d8d5ce17.1692741976.7f71b4f
x-envoy-upstream-service-time
1
content-length
385
x-pinterest-rid
3233837776814662
pin-unauth
dWlkPVltTmpNakZqTmpZdFpEVTVNUzAwTkRrNExUazBNbUl0TlRZeE5qZzFObVl4TXpObA
pragma
no-cache
referrer-policy
origin
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://theroxyturns50.com
access-control-expose-headers
Epik,Pin-Unauth
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
pinterest-version
2aab430320b88faaad4c2c112b7a9c75e32167e1
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ct.pinterest.com/v3/
35 B
367 B
Image
General
Full URL
https://ct.pinterest.com/v3/?tid=2612470221403&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Ftheroxyturns50.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2285b84545%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1692741976108
Requested by
Host: theroxyturns50.com
URL: https://theroxyturns50.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.208.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-183.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://theroxyturns50.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 22:06:16 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
referrer-policy
origin
x-cdn
akamai
akamai-grn
0.d8d5ce17.1692741976.7f71b50
content-type
image/gif
access-control-allow-origin
*
pinterest-version
2aab430320b88faaad4c2c112b7a9c75e32167e1
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
3
content-length
35
x-pinterest-rid
5973989528320332
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
region1.analytics.google.com/g/
0
54 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-QKEQR920KZ&gtm=45je38l0&_p=318331468&_gaz=1&cid=1776390440.1692741975&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1692741976&sct=1&seg=0&dl=https%3A%2F%2Ftheroxyturns50.com%2F&dt=The%20Roxy%20Turns%2050&en=page_view&_fv=1&_ss=1&ep.venue_name=The%20Roxy%20Turns%2050&ep.content_type=venue%20site
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QKEQR920KZ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://theroxyturns50.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 22:06:16 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://theroxyturns50.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
45 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-QKEQR920KZ&cid=1776390440.1692741975&gtm=45je38l0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QKEQR920KZ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://theroxyturns50.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 22:06:16 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://theroxyturns50.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
107 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-QKEQR920KZ&cid=1776390440.1692741975&gtm=45je38l0&aip=1&z=1479068527
Requested by
Host: theroxyturns50.com
URL: https://theroxyturns50.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://theroxyturns50.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 22:06:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/854631222/
42 B
108 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/854631222/?random=1692741975983&cv=11&fst=1692741600000&bg=ffffff&guid=ON&async=1&gtm=45He38l0&u_w=1600&u_h=1200&url=https%3A%2F%2Ftheroxyturns50.com%2F&frm=0&tiba=The%20Roxy%20Turns%2050&data=venueName%3DThe%20Roxy%20Turns%2050&fmt=3&is_vtc=1&random=2928693969&rmt_tld=0&ipr=y
Requested by
Host: theroxyturns50.com
URL: https://theroxyturns50.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://theroxyturns50.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 22:06:16 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/854631222/
42 B
108 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/854631222/?random=1692741975983&cv=11&fst=1692741600000&bg=ffffff&guid=ON&async=1&gtm=45He38l0&u_w=1600&u_h=1200&url=https%3A%2F%2Ftheroxyturns50.com%2F&frm=0&tiba=The%20Roxy%20Turns%2050&data=venueName%3DThe%20Roxy%20Turns%2050&fmt=3&is_vtc=1&random=2928693969&rmt_tld=1&ipr=y
Requested by
Host: theroxyturns50.com
URL: https://theroxyturns50.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://theroxyturns50.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 22:06:16 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/760537739/
42 B
455 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/760537739/?random=1692741975994&cv=11&fst=1692741600000&bg=ffffff&guid=ON&async=1&gtm=45He38l0&u_w=1600&u_h=1200&url=https%3A%2F%2Ftheroxyturns50.com%2F&frm=0&tiba=The%20Roxy%20Turns%2050&data=venueName%3DThe%20Roxy%20Turns%2050&fmt=3&is_vtc=1&random=3242976359&rmt_tld=0&ipr=y
Requested by
Host: theroxyturns50.com
URL: https://theroxyturns50.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://theroxyturns50.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 22:06:16 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/760537739/
42 B
154 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/760537739/?random=1692741975994&cv=11&fst=1692741600000&bg=ffffff&guid=ON&async=1&gtm=45He38l0&u_w=1600&u_h=1200&url=https%3A%2F%2Ftheroxyturns50.com%2F&frm=0&tiba=The%20Roxy%20Turns%2050&data=venueName%3DThe%20Roxy%20Turns%2050&fmt=3&is_vtc=1&random=3242976359&rmt_tld=1&ipr=y
Requested by
Host: theroxyturns50.com
URL: https://theroxyturns50.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://theroxyturns50.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 22:06:16 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/674378718/
42 B
108 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/674378718/?random=1692741976025&cv=11&fst=1692741600000&bg=ffffff&guid=ON&async=1&gtm=45He38l0&u_w=1600&u_h=1200&url=https%3A%2F%2Ftheroxyturns50.com%2F&frm=0&tiba=The%20Roxy%20Turns%2050&data=venueName%3DThe%20Roxy%20Turns%2050&fmt=3&is_vtc=1&random=1156798093&rmt_tld=0&ipr=y
Requested by
Host: theroxyturns50.com
URL: https://theroxyturns50.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://theroxyturns50.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 22:06:16 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/674378718/
42 B
108 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/674378718/?random=1692741976025&cv=11&fst=1692741600000&bg=ffffff&guid=ON&async=1&gtm=45He38l0&u_w=1600&u_h=1200&url=https%3A%2F%2Ftheroxyturns50.com%2F&frm=0&tiba=The%20Roxy%20Turns%2050&data=venueName%3DThe%20Roxy%20Turns%2050&fmt=3&is_vtc=1&random=1156798093&rmt_tld=1&ipr=y
Requested by
Host: theroxyturns50.com
URL: https://theroxyturns50.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://theroxyturns50.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 22:06:16 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/616115828/
42 B
108 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/616115828/?random=1692741976026&cv=11&fst=1692741600000&bg=ffffff&guid=ON&async=1&gtm=45He38l0&u_w=1600&u_h=1200&url=https%3A%2F%2Ftheroxyturns50.com%2F&label=XmJUCOic3dYBEPTc5KUC&frm=0&tiba=The%20Roxy%20Turns%2050&data=venueName%3DThe%20Roxy%20Turns%2050&fmt=3&is_vtc=1&random=3772457518&rmt_tld=0&ipr=y
Requested by
Host: theroxyturns50.com
URL: https://theroxyturns50.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://theroxyturns50.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 22:06:16 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/616115828/
42 B
108 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/616115828/?random=1692741976026&cv=11&fst=1692741600000&bg=ffffff&guid=ON&async=1&gtm=45He38l0&u_w=1600&u_h=1200&url=https%3A%2F%2Ftheroxyturns50.com%2F&label=XmJUCOic3dYBEPTc5KUC&frm=0&tiba=The%20Roxy%20Turns%2050&data=venueName%3DThe%20Roxy%20Turns%2050&fmt=3&is_vtc=1&random=3772457518&rmt_tld=1&ipr=y
Requested by
Host: theroxyturns50.com
URL: https://theroxyturns50.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://theroxyturns50.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 22:06:16 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
ct.pinterest.com/v3/
35 B
612 B
Image
General
Full URL
https://ct.pinterest.com/v3/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2612470221403&cb=1692741976215&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22np%22%3A%22gtm%22%2C%22pin_unauth%22%3A%22dWlkPU4yUm1Nelk0TlRrdFkyUXlZUzAwT0dSbExUZzJNREF0T1dZME1EZzROMlF4TW1FeA%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Ftheroxyturns50.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2285b84545%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D
Requested by
Host: theroxyturns50.com
URL: https://theroxyturns50.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.208.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-183.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://theroxyturns50.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 22:06:16 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
referrer-policy
origin
x-cdn
akamai
akamai-grn
0.d8d5ce17.1692741976.7f71b99
content-type
image/gif
access-control-allow-origin
*
pinterest-version
2aab430320b88faaad4c2c112b7a9c75e32167e1
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
4
content-length
35
x-pinterest-rid
1079160139422751
expires
Sat, 01 Jan 2000 00:00:00 GMT
dc_pre=CKbQvKGj8YADFQVTGAodxlAIwQ;src=9382130;type=norev0;cat=unive0;ord=8637964758585;auiddc=*;u1=undefined;u4=undefined;u5=The%20Roxy%20Turns%2050;u6=undefined;u7=undefined;u8=undefined;u9=undefi...
adservice.google.com/ddm/fls/z/ Frame 8596
42 B
401 B
Image
General
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CKbQvKGj8YADFQVTGAodxlAIwQ;src=9382130;type=norev0;cat=unive0;ord=8637964758585;auiddc=*;u1=undefined;u4=undefined;u5=The%20Roxy%20Turns%2050;u6=undefined;u7=undefined;u8=undefined;u9=undefined;u10=undefined;u12=undefined;u13=undefined;u14=undefined;u15=undefined;u16=undefined;u18=theroxyturns50.com;u19=undefined;u20=undefined;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Ftheroxyturns50.com%2F
Requested by
Host: 9382130.fls.doubleclick.net
URL: https://9382130.fls.doubleclick.net/activityi;dc_pre=CKbQvKGj8YADFQVTGAodxlAIwQ;src=9382130;type=norev0;cat=unive0;ord=8637964758585;auiddc=659603674.1692741976;u1=undefined;u4=undefined;u5=The%20Roxy%20Turns%2050;u6=undefined;u7=undefined;u8=undefined;u9=undefined;u10=undefined;u12=undefined;u13=undefined;u14=undefined;u15=undefined;u16=undefined;u18=theroxyturns50.com;u19=undefined;u20=undefined;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Ftheroxyturns50.com%2F?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9382130.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 22:06:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
displayAd.js
s.tribalfusion.com/
678 B
666 B
Script
General
Full URL
https://s.tribalfusion.com/displayAd.js?dver=0.8&th=7565916822
Requested by
Host: a.tribalfusion.com
URL: https://a.tribalfusion.com/pixel/tags/AEG%20-%20Rogers%20Waters/797983/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4af7584af5155260aa9796b0bcd305c9b4486f1d1f7e0daee8813b853ec51918

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://theroxyturns50.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 22:06:16 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
x-function
153
last-modified
Wed, 26 Jul 2023 06:51:38 GMT
server
cloudflare
x-reuse-index
274
vary
Accept-Encoding
content-type
application/x-javascript
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
private
cf-ray
7fae6c08bdfb18f9-FRA
alt-svc
h3=":443"; ma=86400
content-length
331
expires
Mon, 20 Nov 2023 22:06:16 GMT
sync-container.js
b-code.liadm.com/
6 KB
3 KB
Script
General
Full URL
https://b-code.liadm.com/sync-container.js
Requested by
Host: b-code.liadm.com
URL: https://b-code.liadm.com/a-08c7.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25e9:ea00:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://theroxyturns50.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 10:11:06 GMT
x-amz-version-id
P2G05QRInXqMbYiaQAfs8F93v0Opxze8
content-encoding
gzip
last-modified
Mon, 24 Jul 2023 11:11:51 GMT
server
AmazonS3
via
1.1 159e16027561f2440d64c3f79534611e.cloudfront.net (CloudFront)
x-amz-cf-pop
MXP53-P1
etag
W/"ae5e94de938b0387eda6df8f20da811a"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=2592000
age
1252511
x-amz-cf-id
BHANtHSQiu7EkytlDNqIkN7OVqi3_aTmRXJCYmXmt59aw4sxR3j_kg==
dc_pre=CJTOvKGj8YADFagNogMdJNIOSg;src=9382130;type=retarget;cat=retarg0;ord=2307703891364;auiddc=*;u1=undefined;u4=undefined;u5=The%20Roxy%20Turns%2050;u6=undefined;u7=undefined;u8=undefined;u9=und...
adservice.google.com/ddm/fls/z/ Frame D6B9
42 B
107 B
Image
General
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CJTOvKGj8YADFagNogMdJNIOSg;src=9382130;type=retarget;cat=retarg0;ord=2307703891364;auiddc=*;u1=undefined;u4=undefined;u5=The%20Roxy%20Turns%2050;u6=undefined;u7=undefined;u8=undefined;u9=undefined;u18=theroxyturns50.com;u19=undefined;u20=undefined;u21=undefined;u22=undefined;u23=null;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Ftheroxyturns50.com%2F
Requested by
Host: 9382130.fls.doubleclick.net
URL: https://9382130.fls.doubleclick.net/activityi;dc_pre=CJTOvKGj8YADFagNogMdJNIOSg;src=9382130;type=retarget;cat=retarg0;ord=2307703891364;auiddc=659603674.1692741976;u1=undefined;u4=undefined;u5=The%20Roxy%20Turns%2050;u6=undefined;u7=undefined;u8=undefined;u9=undefined;u18=theroxyturns50.com;u19=undefined;u20=undefined;u21=undefined;u22=undefined;u23=null;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Ftheroxyturns50.com%2F?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9382130.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 22:06:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pre=CLrKvKGj8YADFecNogMdpjsKzA;src=9382130;type=retarget;cat=retarg0;ord=1357596457420;auiddc=*;u1=undefined;u4=undefined;u5=The%20Roxy%20Turns%2050;u6=undefined;u7=undefined;u8=undefined;u9=und...
adservice.google.com/ddm/fls/z/ Frame 86FA
42 B
107 B
Image
General
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CLrKvKGj8YADFecNogMdpjsKzA;src=9382130;type=retarget;cat=retarg0;ord=1357596457420;auiddc=*;u1=undefined;u4=undefined;u5=The%20Roxy%20Turns%2050;u6=undefined;u7=undefined;u8=undefined;u9=undefined;u18=theroxyturns50.com;u19=undefined;u20=undefined;u21=undefined;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Ftheroxyturns50.com%2F
Requested by
Host: 9382130.fls.doubleclick.net
URL: https://9382130.fls.doubleclick.net/activityi;dc_pre=CLrKvKGj8YADFecNogMdpjsKzA;src=9382130;type=retarget;cat=retarg0;ord=1357596457420;auiddc=659603674.1692741976;u1=undefined;u4=undefined;u5=The%20Roxy%20Turns%2050;u6=undefined;u7=undefined;u8=undefined;u9=undefined;u18=theroxyturns50.com;u19=undefined;u20=undefined;u21=undefined;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Ftheroxyturns50.com%2F?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9382130.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 22:06:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/
0
185 B
Image
General
Full URL
https://www.facebook.com/tr/?id=217011611820041&ev=PageView&dl=https%3A%2F%2Ftheroxyturns50.com%2F&rl=&if=false&ts=1692741976441&sw=1600&sh=1200&v=2.9.124&r=stable&ec=0&o=30&fbp=fb.1.1692741976440.1279777461&it=1692741976088&coo=false&tm=1&rqm=GET
Requested by
Host: theroxyturns50.com
URL: https://theroxyturns50.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://theroxyturns50.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 22 Aug 2023 22:06:16 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/
0
31 B
Image
General
Full URL
https://www.facebook.com/tr/?id=217011611820041&ev=ViewContent&dl=https%3A%2F%2Ftheroxyturns50.com%2F&rl=&if=false&ts=1692741976442&cd[host]=theroxyturns50.com&cd[funnelStep]=venuesite&cd[venueName]=The%20Roxy%20Turns%2050&cd[trigger]=gtm&sw=1600&sh=1200&v=2.9.124&r=stable&ec=1&o=30&fbp=fb.1.1692741976440.1279777461&it=1692741976088&coo=false&tm=1&rqm=GET
Requested by
Host: theroxyturns50.com
URL: https://theroxyturns50.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://theroxyturns50.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 22 Aug 2023 22:06:16 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
setuid
ib.adnxs.com/
Redirect Chain
  • https://s.tribalfusion.com/insights?%7B%22tagKey%22%3A%223254064236%22%2C%22th%22%3A7565916822%2C%22version%22%3A%221.0%22%2C%22tKey%22%3A%22aQmneMQmJC3tQn0HvZdmdaMSS38SBrgpO%22%2C%22url%22%3A%22ht...
  • https://ib.adnxs.com/getuidu?https://a.tribalfusion.com/i.match?p=b26&u=$UID&redirect=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D305%26code%3D%24TF_USER_ID_ENC%24
  • https://ib.adnxs.com/bounce?%2Fgetuidu%3Fhttps%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db26%26u%3D%24UID%26redirect%3Dhttps%253A%252F%252Fib.adnxs.com%252Fsetuid%253Fentity%253D305%2526code%253D%...
  • https://a.tribalfusion.com/i.match?p=b26&u=1573183525769124613&redirect=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D305%26code%3D%24TF_USER_ID_ENC%24
  • https://ib.adnxs.com/setuid?entity=305&code=18072662106367513903
43 B
835 B
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=305&code=18072662106367513903
Requested by
Host: theroxyturns50.com
URL: https://theroxyturns50.com/
Protocol
H2
Server
37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://theroxyturns50.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 22:06:17 GMT
an-x-request-uuid
30b2f51b-24be-4aff-bffb-91129f6738da
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
185.213.155.151; 185.213.155.151; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Aug 2023 22:06:17 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
416
content-type
text/html
location
https://ib.adnxs.com/setuid?entity=305&code=18072662106367513903
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7fae6c0bc84d1c32-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
www.facebook.com/tr/
0
31 B
Image
General
Full URL
https://www.facebook.com/tr/?id=217011611820041&ev=Microdata&dl=https%3A%2F%2Ftheroxyturns50.com%2F&rl=&if=false&ts=1692741976943&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22The%20Roxy%20Turns%2050%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22The%20Roxy%20Turns%2050%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.124&r=stable&ec=2&o=30&fbp=fb.1.1692741976440.1279777461&it=1692741976088&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: theroxyturns50.com
URL: https://theroxyturns50.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://theroxyturns50.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 22 Aug 2023 22:06:16 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
a-08c7
i.liadm.com/s/c/ Frame 170C
1 KB
1 KB
Document
General
Full URL
https://i.liadm.com/s/c/a-08c7?s=&cim=&ps=true&ls=true&duid=5d0ba3796ade--01h8fmhfh6nhjgz2vh01js81sg&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Requested by
Host: b-code.liadm.com
URL: https://b-code.liadm.com/sync-container.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.152.217.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-152-217-18.compute-1.amazonaws.com
Software
/
Resource Hash
8659b7e92527b851f4551da934ff9f6681a7f8d72657c9cbdaa6283f2d16ade9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://theroxyturns50.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, max-age=0
Connection
keep-alive
Content-Encoding
gzip
Content-Length
683
Content-Type
text/html; charset=UTF-8
Date
Tue, 22 Aug 2023 22:06:17 GMT
Request-Time
25
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
a-08c7
i.liadm.com/s/c/ Frame B33A
1 KB
1 KB
Document
General
Full URL
https://i.liadm.com/s/c/a-08c7?s=&cim=&ps=true&ls=true&duid=5d0ba3796ade--01h8fmhfh6nhjgz2vh01js81sg&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Requested by
Host: b-code.liadm.com
URL: https://b-code.liadm.com/sync-container.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.152.217.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-152-217-18.compute-1.amazonaws.com
Software
/
Resource Hash
cf57c56a45e7ef9d545dedff048a1765a5526fd18c25ab3e58760c5d9f9995ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://theroxyturns50.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, max-age=0
Connection
keep-alive
Content-Encoding
gzip
Content-Length
682
Content-Type
text/html; charset=UTF-8
Date
Tue, 22 Aug 2023 22:06:17 GMT
Request-Time
12
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
501709.gif
idsync.rlcdn.com/ Frame 170C
Redirect Chain
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=027a5a03-77f6-4f84-9c33-888b98f5ba7d
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=6d202501-b3d1-41a5-9bc0-f2e864741bd2%3A1692741977.6216466&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D6d202501-b3d1-41a5-9bc0-f2e8647...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5142336724842706230&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D6d202501-b3d1-41a5-9b...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=6d202501-b3d1-41a5-9bc0-f2e864741bd2%3A1692741977.6216466&_=1692741977.6272497
0
98 B
Image
General
Full URL
https://idsync.rlcdn.com/501709.gif?partner_uid=6d202501-b3d1-41a5-9bc0-f2e864741bd2%3A1692741977.6216466&_=1692741977.6272497
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-08c7?s=&cim=&ps=true&ls=true&duid=5d0ba3796ade--01h8fmhfh6nhjgz2vh01js81sg&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol
H2
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 22:06:18 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0

Redirect headers

date
Tue, 22 Aug 2023 22:06:17 GMT
via
1.1 c60fec1b7e3a36f4232723195f10e64c.cloudfront.net (CloudFront)
server
lighttpd/1.4.69
x-amz-cf-pop
MUC50-C1
vary
Cookie
x-cache
Miss from cloudfront
content-type
text/html; charset=utf-8
location
https://idsync.rlcdn.com/501709.gif?partner_uid=6d202501-b3d1-41a5-9bc0-f2e864741bd2%3A1692741977.6216466&_=1692741977.6272497
content-length
447
x-amz-cf-id
B2w4KUYm4leDUFfJLYXdOspbToJM3P6V6CKcb5utflSyyx07Ho6wiQ==
usersync.aspx
dis.criteo.com/dis/ Frame 170C
Redirect Chain
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=2846705687199187233
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
43 B
362 B
Image
General
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-08c7?s=&cim=&ps=true&ls=true&duid=5d0ba3796ade--01h8fmhfh6nhjgz2vh01js81sg&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 22:06:17 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
240942
expires
Tue, 22 Aug 2023 00:00:00 GMT

Redirect headers

Location
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Date
Tue, 22 Aug 2023 22:06:17 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
2
syncd
x.bidswitch.net/ Frame 170C
43 B
146 B
Image
General
Full URL
https://x.bidswitch.net/syncd?dsp_id=256&user_group=2&user_id=027a5a03-77f6-4f84-9c33-888b98f5ba7d&redir=//i.liadm.com/s/52176?bidder_id%3D5298%26bidder_uuid%3D$%7BBSW_UID%7D
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-08c7?s=&cim=&ps=true&ls=true&duid=5d0ba3796ade--01h8fmhfh6nhjgz2vh01js81sg&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.211.202 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-211-202.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 22:06:17 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
generic
match.adsrvr.org/track/cmf/ Frame 170C
70 B
265 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-08c7?s=&cim=&ps=true&ls=true&duid=5d0ba3796ade--01h8fmhfh6nhjgz2vh01js81sg&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 22 Aug 2023 22:06:17 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
img
sync.mathtag.com/sync/ Frame 170C
43 B
443 B
Image
General
Full URL
https://sync.mathtag.com/sync/img?mt_exid=36&027a5a03-77f6-4f84-9c33-888b98f5ba7d
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-08c7?s=&cim=&ps=true&ls=true&duid=5d0ba3796ade--01h8fmhfh6nhjgz2vh01js81sg&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 1031 59fd23a master zrh zrh-pixel-x25 config_version:"1524" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Tue, 22 Aug 2023 22:06:17 GMT
Server
MT3 1031 59fd23a master zrh zrh-pixel-x25 config_version:"1524"
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
43
Expires
Tue, 22 Aug 2023 22:06:16 GMT
35004
i6.liadm.com/s/ Frame 170C
Redirect Chain
  • https://b1sync.zemanta.com/usersync/liveintent/?cb=//i.liadm.com/s/35004?bidder_id%3D98254%26bidder_uuid%3D__ZUID__
  • https://i.liadm.com/s/35004?bidder_id=98254&bidder_uuid=
  • https://i6.liadm.com/s/35004?bidder_id=98254&bidder_uuid=
43 B
548 B
Image
General
Full URL
https://i6.liadm.com/s/35004?bidder_id=98254&bidder_uuid=
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-08c7?s=&cim=&ps=true&ls=true&duid=5d0ba3796ade--01h8fmhfh6nhjgz2vh01js81sg&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol
HTTP/1.1
Server
2600:1f18:ed:550e:759c:ba70:7b1f:d0bc Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Tue, 22 Aug 2023 22:06:18 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
0
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/35004?bidder_id=98254&bidder_uuid=
Date
Tue, 22 Aug 2023 22:06:17 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
2
live_intent_sync
x.dlx.addthis.com/e/ Frame 170C
Redirect Chain
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=027a5a03-77f6-4f84-9c33-888b98f5ba7d
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=027a5a03-77f6-4f84-9c33-888b98f5ba7d&rd=Y
43 B
595 B
Image
General
Full URL
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=027a5a03-77f6-4f84-9c33-888b98f5ba7d&rd=Y
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-08c7?s=&cim=&ps=true&ls=true&duid=5d0ba3796ade--01h8fmhfh6nhjgz2vh01js81sg&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol
H2
Server
2.23.197.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-23-197-190.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=2628000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

expires
Tue, 22 Aug 2023 22:06:17 GMT
pragma
no-cache
date
Tue, 22 Aug 2023 22:06:17 GMT
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=2628000
content-length
43
content-type
image/gif

Redirect headers

location
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=027a5a03-77f6-4f84-9c33-888b98f5ba7d&rd=Y
pragma
no-cache
date
Tue, 22 Aug 2023 22:06:17 GMT
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=2628000
content-length
0
expires
Tue, 22 Aug 2023 22:06:17 GMT
usersync.aspx
dis.criteo.com/dis/ Frame B33A
Redirect Chain
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=2342302528933691681
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
43 B
363 B
Image
General
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-08c7?s=&cim=&ps=true&ls=true&duid=5d0ba3796ade--01h8fmhfh6nhjgz2vh01js81sg&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 22:06:16 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
159820
expires
Tue, 22 Aug 2023 00:00:00 GMT

Redirect headers

Location
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Date
Tue, 22 Aug 2023 22:06:17 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
2
501709.gif
idsync.rlcdn.com/ Frame B33A
Redirect Chain
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=027a5a03-77f6-4f84-9c33-888b98f5ba7d
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=d7b5083d-f078-430a-8744-2a488c5cf1aa%3A1692741977.6198332&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dd7b5083d-f078-430a-8744-2a488c5...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5144588525988358656&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dd7b5083d-f078-430a-87...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=d7b5083d-f078-430a-8744-2a488c5cf1aa%3A1692741977.6198332&_=1692741977.624094
0
42 B
Image
General
Full URL
https://idsync.rlcdn.com/501709.gif?partner_uid=d7b5083d-f078-430a-8744-2a488c5cf1aa%3A1692741977.6198332&_=1692741977.624094
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-08c7?s=&cim=&ps=true&ls=true&duid=5d0ba3796ade--01h8fmhfh6nhjgz2vh01js81sg&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol
H2
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 22:06:18 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0

Redirect headers

date
Tue, 22 Aug 2023 22:06:17 GMT
via
1.1 c60fec1b7e3a36f4232723195f10e64c.cloudfront.net (CloudFront)
server
lighttpd/1.4.69
x-amz-cf-pop
MUC50-C1
vary
Cookie
x-cache
Miss from cloudfront
content-type
text/html; charset=utf-8
location
https://idsync.rlcdn.com/501709.gif?partner_uid=d7b5083d-f078-430a-8744-2a488c5cf1aa%3A1692741977.6198332&_=1692741977.624094
content-length
445
x-amz-cf-id
LrqNYzC6YGIaI_h00NYjtQMeppFWUCyumLPJVUMvyNvJxKxId7YgNg==
syncd
x.bidswitch.net/ Frame B33A
43 B
145 B
Image
General
Full URL
https://x.bidswitch.net/syncd?dsp_id=256&user_group=2&user_id=027a5a03-77f6-4f84-9c33-888b98f5ba7d&redir=//i.liadm.com/s/52176?bidder_id%3D5298%26bidder_uuid%3D$%7BBSW_UID%7D
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-08c7?s=&cim=&ps=true&ls=true&duid=5d0ba3796ade--01h8fmhfh6nhjgz2vh01js81sg&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.211.202 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-211-202.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 22:06:17 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
generic
match.adsrvr.org/track/cmf/ Frame B33A
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-08c7?s=&cim=&ps=true&ls=true&duid=5d0ba3796ade--01h8fmhfh6nhjgz2vh01js81sg&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 22 Aug 2023 22:06:17 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
img
sync.mathtag.com/sync/ Frame B33A
43 B
443 B
Image
General
Full URL
https://sync.mathtag.com/sync/img?mt_exid=36&027a5a03-77f6-4f84-9c33-888b98f5ba7d
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-08c7?s=&cim=&ps=true&ls=true&duid=5d0ba3796ade--01h8fmhfh6nhjgz2vh01js81sg&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 1031 59fd23a master zrh zrh-pixel-x27 config_version:"1524" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Tue, 22 Aug 2023 22:06:17 GMT
Server
MT3 1031 59fd23a master zrh zrh-pixel-x27 config_version:"1524"
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
43
Expires
Tue, 22 Aug 2023 22:06:16 GMT
35004
i6.liadm.com/s/ Frame B33A
Redirect Chain
  • https://b1sync.zemanta.com/usersync/liveintent/?cb=//i.liadm.com/s/35004?bidder_id%3D98254%26bidder_uuid%3D__ZUID__
  • https://i.liadm.com/s/35004?bidder_id=98254&bidder_uuid=
  • https://i6.liadm.com/s/35004?bidder_id=98254&bidder_uuid=
43 B
548 B
Image
General
Full URL
https://i6.liadm.com/s/35004?bidder_id=98254&bidder_uuid=
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-08c7?s=&cim=&ps=true&ls=true&duid=5d0ba3796ade--01h8fmhfh6nhjgz2vh01js81sg&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol
HTTP/1.1
Server
2600:1f18:ed:550e:759c:ba70:7b1f:d0bc Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Tue, 22 Aug 2023 22:06:18 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
0
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/35004?bidder_id=98254&bidder_uuid=
Date
Tue, 22 Aug 2023 22:06:17 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
3
live_intent_sync
x.dlx.addthis.com/e/ Frame B33A
Redirect Chain
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=027a5a03-77f6-4f84-9c33-888b98f5ba7d
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=027a5a03-77f6-4f84-9c33-888b98f5ba7d&rd=Y
43 B
595 B
Image
General
Full URL
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=027a5a03-77f6-4f84-9c33-888b98f5ba7d&rd=Y
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-08c7?s=&cim=&ps=true&ls=true&duid=5d0ba3796ade--01h8fmhfh6nhjgz2vh01js81sg&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol
H2
Server
2.23.197.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-23-197-190.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=2628000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

expires
Tue, 22 Aug 2023 22:06:17 GMT
pragma
no-cache
date
Tue, 22 Aug 2023 22:06:17 GMT
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=2628000
content-length
43
content-type
image/gif

Redirect headers

location
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=027a5a03-77f6-4f84-9c33-888b98f5ba7d&rd=Y
pragma
no-cache
date
Tue, 22 Aug 2023 22:06:17 GMT
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=2628000
content-length
0
expires
Tue, 22 Aug 2023 22:06:17 GMT
up
insight.adsrvr.org/track/ Frame 0D7B
0
0

ct.html
ct.pinterest.com/ Frame DCDB
565 B
624 B
Document
General
Full URL
https://ct.pinterest.com/ct.html
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.85b84545.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.208.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-183.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer
https://theroxyturns50.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

akamai-grn
0.d8d5ce17.1692741978.7f72bea
cache-control
max-age=86400
content-encoding
gzip
content-length
323
content-type
text/html; charset=utf-8
date
Tue, 22 Aug 2023 22:06:18 GMT
pinterest-version
2aab430320b88faaad4c2c112b7a9c75e32167e1
referrer-policy
origin
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
vary
Accept-Encoding
x-cdn
akamai
x-envoy-upstream-service-time
1
x-pinterest-rid
5213413806376778
up
insight.adsrvr.org/track/ Frame 0EE6
0
181 B
Document
General
Full URL
https://insight.adsrvr.org/track/up?adv=3rqwsjg&ref=https%3A%2F%2Ftheroxyturns50.com%2F&upid=55rk4fk&upv=1.1.0&td1=undefined&td2=undefined&td3=The%20Roxy%20Turns%2050&td4=undefined&td5=undefined&td6=undefined&td7=theroxyturns50.com&td8=undefined&td9=undefined
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://theroxyturns50.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-type
text/html
date
Tue, 22 Aug 2023 22:06:18 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
insight.adsrvr.org
URL
https://insight.adsrvr.org/track/up?adv=3rqwsjg&ref=https%3A%2F%2Ftheroxyturns50.com%2F&upid=55rk4fk&upv=1.1.0&td1=undefined&td2=undefined&td3=undefined&td4=undefined&td5=undefined&td6=undefined&td7=theroxyturns50.com&td8=undefined&td9=undefined

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| documentPictureInPicture function| gtag object| dataLayer function| kl object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal string| TiktokAnalyticsObject object| ttq object| LI object| __li__evt_bus object| liQ object| liQ_instances function| ttd_dom_ready function| TTDUniversalPixelApi function| _typeof2 function| __liSync object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks function| sendAccordRequest function| sendMCFormSubmission object| GlobalSnowplowNamespace function| aeg object| cfData object| GooglebQhCsO function| pintrk function| fbq function| _fbq object| a9 object| Snowplow object| tagConfig object| A9PIXEL object| a9PixelQue undefined| e9Manager undefined| e9 object| expoDisplayAd

37 Cookies

Domain/Path Name / Value
i.liadm.com/s Name: _li_ss
Value: CkgKBQgKEOsVCgYI3QEQ7RUKBQgGEOsVCgYIgQEQ6xUKBgiiARDrFQoJCP____8HEPUVCgUICxDrFQoGCIsBEOsVCgYI0gEQ6xU
i6.liadm.com/s Name: _li_ss
Value: CgA
.theroxyturns50.com/ Name: _ga_H8FV7Z0R60
Value: GS1.1.1692741975.1.0.1692741975.60.0.0
.theroxyturns50.com/ Name: _ga
Value: GA1.1.1776390440.1692741975
.theroxyturns50.com/ Name: _gcl_au
Value: 1.1.659603674.1692741976
.theroxyturns50.com/ Name: _li_dcdm_c
Value: .theroxyturns50.com
.theroxyturns50.com/ Name: _lc2_fpi
Value: 5d0ba3796ade--01h8fmhfh6nhjgz2vh01js81sg
.tiktok.com/ Name: _ttp
Value: 2UMGKw8E1YtIQweVENrwriT8cUx
.theroxyturns50.com/ Name: _tt_enable_cookie
Value: 1
.theroxyturns50.com/ Name: _ttp
Value: I0QnezdhtEqT8wuH_lv6ZouB1L7
.theroxyturns50.com/ Name: _sp_ses.4658
Value: *
.theroxyturns50.com/ Name: _sp_id.4658
Value: dfc27f6b-21bb-4e55-8105-79a73c372a5a.1692741976.1.1692741976.1692741976.5ac7f7c9-bcb7-42ea-a4b6-d115206d059c
.theroxyturns50.com/ Name: _ga_QKEQR920KZ
Value: GS1.1.1692741976.1.0.1692741976.60.0.0
.theroxyturns50.com/ Name: _pin_unauth
Value: dWlkPU4yUm1Nelk0TlRrdFkyUXlZUzAwT0dSbExUZzJNREF0T1dZME1EZzROMlF4TW1FeA
.ct.pinterest.com/ Name: _pinterest_ct_ua
Value: "TWc9PSZ2TWlRQlREQ3NiNTVORmRsRHNZaEZQb1ozUlZ3Z21wTlAxcXMwV2V6cXNnZGcyNU5WWEUrQWhZZ01GdjdvNHI1TjlDaWxYZERNaW1jY3JrNlZNQzFoajk0Z0YrTFdHLzJuM0JFVmE2OUZZUT0mUnFMSDV4UHNFMUtoUW5EUUpoMjM0cnY3S3pJPQ=="
.doubleclick.net/ Name: IDE
Value: AHWqTUk--DLVvx_RqSGJQpVODcErh1zHPcTsb-bcPcwKbwn0Y8qrYyzZC86oGKP1sg4
.liadm.com/ Name: lidid
Value: 027a5a03-77f6-4f84-9c33-888b98f5ba7d
.theroxyturns50.com/ Name: _fbp
Value: fb.1.1692741976440.1279777461
.amazon-adsystem.com/ Name: ad-id
Value: A3MCGATT3UEKsAEz9kBWDDs
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.adnxs.com/ Name: uuid2
Value: 1573183525769124613
theroxyturns50.com/ Name: _liChk
Value: 0.947812961277539
.tribalfusion.com/ Name: ANON_ID
Value: a9ntPKs2aFepAJsbX5nR1kUBSB7ZcAHXQcbyaMH5S3OWUBwZaMT2MEx1XHmbOx9pG02dM4JqqyW64bJtlC3tMaEHIZdjCJZa
.adnxs.com/ Name: anj
Value: dTM7k!M4/YEVNsVF']wIg2GVPpkVx2!]tbPl1Mis([?psUadBmN`ut5VCA4tVFe3o[Q0WsN`-$<:tTd`<QG=%9sk@3@'s>TF_YoX
b.aegpresents.com/ Name: _cf
Value: c6c7fc9e-5938-45f7-8989-42caed56a54f
.turn.com/ Name: uid
Value: 2342302528933691681
.rezync.com/ Name: zync-uuid
Value: 6d202501-b3d1-41a5-9bc0-f2e864741bd2:1692741977.6216466
.addthis.com/ Name: na_tc
Value: Y
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MTI2NjM3MrEwMTI3MDMyNhDiM9Q1Lw61jPAJyki1cE8GAFHnhQklAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MTI2NjM3MrEwMTI3MDMyNhDiM9Q1Lw61jPAJyki1cE8GAFHnhQklAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_1XIsRWAMAhF0QmsMgceIOSTuI2IDmRp6aTaeezefWdxpLI2FoqaQiZroxEb06F7h7lJpC6CoW8O9xkqMOAq0ze71ftvewDqWC-nWgAAAA
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_w3GwRGAQAgDwI_t4JDIBc9uRLQQK9d97bukms7hsNoaFjiHzbrcHt67IgPVPKDJvzNzFaGQPrcVGEQ6AAAA
.dlx.addthis.com/ Name: na_sc_x
Value: 1
.addthis.com/ Name: na_id
Value: 2023082222061700094895950823
.addthis.com/ Name: uid
Value: 64e53159246701b9
.addthis.com/ Name: ouid
Value: 64e531590001e28cdb31e62d07c97365f1643969227da5d21235
live.rezync.com/ Name: sd-session-id
Value: .eJwNykEOgyAQQNG7zFoaZhgG4TJGZZqQVtqIbmq8e9n9l_wLpq_u21y1HpCO_dQB1nfpapAuaOW36QsSeGRyTgLxyBSskLNwD9C0tfKpU8n9kUyWvEWzuIyGcfYmLqs1T9JRODAumRJKpJ4xhIcQCovA_QeYOyUm.ZOUxWQ.ywmdlt9RRsk-a4kB4CrazQBhoTk

2 Console Messages

Source Level URL
Text
network error URL: https://idsync.rlcdn.com/501709.gif?partner_uid=6d202501-b3d1-41a5-9bc0-f2e864741bd2%3A1692741977.6216466&_=1692741977.6272497
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://idsync.rlcdn.com/501709.gif?partner_uid=d7b5083d-f078-430a-8744-2a488c5cf1aa%3A1692741977.6198332&_=1692741977.624094
Message:
Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9382130.fls.doubleclick.net
a.tribalfusion.com
adservice.google.com
aegwebprod.blob.core.windows.net
analytics.tiktok.com
b-code.liadm.com
b.aegpresents.com
b1sync.zemanta.com
connect.facebook.net
ct.pinterest.com
d.turn.com
dis.criteo.com
googleads.g.doubleclick.net
i.liadm.com
i6.liadm.com
ib.adnxs.com
idsync.rlcdn.com
insight.adsrvr.org
js.adsrvr.org
live.rezync.com
match.adsrvr.org
p.rfihub.com
p.typekit.net
region1.analytics.google.com
rp.liadm.com
rp4.liadm.com
s.amazon-adsystem.com
s.pinimg.com
s.tribalfusion.com
stats.g.doubleclick.net
sync.mathtag.com
theroxyturns50.com
tracking.aegpresents.com
use.typekit.net
www.facebook.com
www.google.com
www.google.de
www.googletagmanager.com
x.bidswitch.net
x.dlx.addthis.com
insight.adsrvr.org
108.138.40.116
142.250.186.102
178.250.1.9
18.193.211.202
18.213.204.44
185.29.132.245
193.0.160.131
2.23.197.190
2001:4860:4802:34::36
2001:678:cb4:bbbb::13
23.206.208.183
23.38.98.53
2600:1f18:730:b120:280e:3026:f44f:b76d
2600:1f18:ed:550e:759c:ba70:7b1f:d0bc
2600:9000:25e9:ea00:8:8845:1500:93a1
2600:9000:26db:9800:11:65f0:c080:93a1
2606:4700::6812:19ad
2a00:1450:4001:803::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:810::2002
2a00:1450:4001:827::2008
2a00:1450:4001:82b::2003
2a00:1450:400c:c0c::9b
2a02:26f0:3500:16::215:148b
2a02:26f0:3500:16::215:148f
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a04:4e42:8d::84
3.33.220.150
34.68.39.163
35.244.174.68
37.252.171.21
52.239.228.100
52.46.155.104
54.148.23.33
54.152.217.18
64.202.112.95
99.84.88.8
0605c3ca54ef0e99de82a99640b0c7ac331dd83cce98e50a7fc80f3b56b52e22
080c8dab179a1d13736bdd868495b5ed548570c97e3703f39af620c922af267f
08e47618ed8e893b5beed26b218bf80c6135f1d46a278a0cdfb7744e7a9f4bfa
10ef10167fd03474dfdce5b5dc237702e7c1d38a193d34db72671a239250d331
1314e08dc4404427528324c92e1940b0508ec51c8c783cb8ab377f017ca22d19
192b2ece4178a456159703b5520ffc72585e066d5d09a446f88ad2a57977343f
1aa00cb6c11b0869393daefa90700e47d7e08001d1972a42e85b6dc78c64d835
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
294429f23aa2612eac0468439f3a5a500a9d6c8006c0de7a8b96c31fd7dc959c
2a98d71e9acd8e999a4b7d9dc4140340203230b12f2f06cf24e1ed38e8fa8cca
2d3ff80dc49c08bd9982df33d6dc5c6c0d223dab3636a7c9115f65f0a8af342b
32b5f833e8b0f1c07c0744eb9e72aac10f1c5ec8778c6f78342a8a7d82a80e08
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
4005c8fe748f590daa5255fc8548c9fe56c8af1976f6ddcd534837b8a20fb3c1
469970139b65ffa44961ccbd68cdd60bce4138ad6ce132a4ff094040289cec86
490362a5d70afb31da69e2d39d8b05e0986221c308a8fc66427fbac6f07bb92d
4af7584af5155260aa9796b0bcd305c9b4486f1d1f7e0daee8813b853ec51918
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0
58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4
5ccf4991f47947a07e1b9bd330e12b2f257b32cc305067e39c1b7cafba03eaa3
5fd9fe370c2b48726802d07f82a40bb2cff4585171b8a4255a8ba95c0a7b6e24
7057231213fc5a9d44caa50d1b98a6bd7d6e9027e53163f92c48fe98979e5d9f
769e4faed4561c5f7912f6f86cfaf1b0d487835b8c3be0e24e0cdb846be4c12b
807c38925ca7ecc7f3811bae72cd54900286f3b8fb24fd8619511baf9fc19127
860982f7df0344e1608e42a5279603244e7bb6c6c92f99a7d8442ff61a4637a3
8659b7e92527b851f4551da934ff9f6681a7f8d72657c9cbdaa6283f2d16ade9
899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8eef2ef6cf882d5e2e9167cb7c8b0ebbeb75b28a698835488733d149326fab4f
91a0dd1b375244a1885437227461c017dd4a1b46d0272963f7a1a83e3c84ca4e
9249d0cecd630a0898036652b3014a04d522da592e9c67ace2db098770404408
9ee5289e15b841e93b77e06957fb19d74f8492c376455036db41676982c10b0a
ae39d668007b139f33171fbca1e071b7a3d5ba503f3e989efc69a518392ca41b
b07a3189298ec358e3dc87bd2a068a33e8dd0b469afaee0218dd7a5a308355fc
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3f5033b168fc285113cec44959cca36d00a236e9a24329ce7979b56b150a12c
bf72c42dffb746770f2d19c47619718c400b840b8bf3218a60137bee7f9a16d3
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c7b85b97b913e911076bf2a1af845ff6d23f3ced19f23669a19ffafbad05ebe5
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cae6c65803b1bad48a4ac48174807f3535a1f0b69eb4bf422afa1c416ac4a0cc
cf57c56a45e7ef9d545dedff048a1765a5526fd18c25ab3e58760c5d9f9995ea
d045ab0a39895392a25e52ccef01397989534a60195d6b9ae227624f600884f9
d3f70d18b807bab899ea3a1ba69474a2ca8ef51e00f3ba7a576987ddedf0931c
d4c1270f7869730d1490f7df3d4bf63e21b5baa51ebbc67c31001317d4e50dbb
dbb5685090d0d543bc01a799e2176b4aac0e774f10dc98aa15e08959fc3bd6e7
e0ec047b822474f3f1f24f8d16b7e36560712b6b8e8ced4bbd36c8cca73e3898
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec140ae8baa4b61226d96beba9277a0072e45b805004b8ea983c5d43402aeb66
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f2f5996735ffed762a680d48858858502b52c2c32509a5c5f598c5d9f2fdcaea
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
facb3580df0682292a16c4cb1cb710463a110c77e44c0846907141ce3437abec