urlscan.io logo urlscan.io
SecurityTrails logo

thetandd.com Open in urlscan Pro
192.104.182.109  Public Scan

Go To Rescan Add Verdict Report
URL: https://thetandd.com/
Submission: On April 12 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 77 IPs in 10 countries across 78 domains to perform 322 HTTP transactions. The main IP is 192.104.182.109, located in United States and belongs to LEE-ASN, US. The main domain is thetandd.com.
TLS certificate: Issued by R3 on March 7th 2021. Valid for: 3 months.
This is the only time thetandd.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 192.104.182.109 10668 (LEE-ASN)
38 104.18.131.43 13335 (CLOUDFLAR...)
7 2606:4700::68... 13335 (CLOUDFLAR...)
1 13.226.155.79 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
3 5.149.248.141 59711 (HZ-EU-AS)
11 65.9.58.106 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
15 2a00:1450:400... 15169 (GOOGLE)
21 216.58.212.162 15169 (GOOGLE)
6 52.85.32.122 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
7 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 2600:9000:218... 16509 (AMAZON-02)
1 2 107.178.250.234 15169 (GOOGLE)
1 3 104.111.238.139 16625 (AKAMAI-AS)
1 2a02:26f0:710... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
19 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 34.102.205.239 15169 (GOOGLE)
2 4 2a00:1450:400... 15169 (GOOGLE)
1 13 52.95.116.38 16509 (AMAZON-02)
9 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:207... 16509 (AMAZON-02)
2 35.168.95.93 14618 (AMAZON-AES)
2 104.16.88.26 13335 (CLOUDFLAR...)
1 1 2600:1f18:730... 14618 (AMAZON-AES)
1 3.213.73.156 14618 (AMAZON-AES)
3 2a03:2880:f11... 32934 (FACEBOOK)
1 208.100.17.187 32748 (STEADFAST)
10 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:218... 16509 (AMAZON-02)
2 208.100.17.183 32748 (STEADFAST)
2 104.16.39.14 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 18.195.155.181 16509 (AMAZON-02)
8 10 213.19.147.151 26120 (RHYTHMONE)
9 11 52.18.90.176 16509 (AMAZON-02)
16 34.253.11.193 16509 (AMAZON-02)
5 184.30.24.198 16625 (AKAMAI-AS)
2 104.111.230.142 16625 (AKAMAI-AS)
3 3 18.156.0.31 16509 (AMAZON-02)
5 9 34.98.64.218 15169 (GOOGLE)
7 13 185.33.220.145 29990 (ASN-APPNEX)
1 1 185.86.138.119 201081 (SMARTADSE...)
2 3 63.251.114.137 29791 (VOXEL-DOT...)
2 2 3.64.73.215 16509 (AMAZON-02)
3 34.249.87.121 16509 (AMAZON-02)
1 151.101.113.108 54113 (FASTLY)
3 67.202.110.23 32748 (STEADFAST)
2 2 2620:116:800d... 16509 (AMAZON-02)
3 3 37.157.2.234 198622 (ADFORM)
10 16 142.250.186.130 15169 (GOOGLE)
12 12 18.185.180.173 16509 (AMAZON-02)
2 2 18.158.167.137 16509 (AMAZON-02)
2 2 70.42.32.159 22075 (AS-OUTBRAIN)
1 1 54.81.207.173 14618 (AMAZON-AES)
2 3 2a00:1288:110... 34010 (YAHOO-IRD)
1 1 23.23.2.159 14618 (AMAZON-AES)
1 193.122.130.38 31898 (ORACLE-BM...)
1 169.197.150.7 398989 (DEEPINTENT)
2 2 54.93.115.47 16509 (AMAZON-02)
2 2 198.148.27.139 19189 (PULSEPOINT)
3 3 185.29.133.208 30419 (MEDIAMATH...)
3 4 151.101.14.49 54113 (FASTLY)
1 1 124.146.215.48 2514 (INFOSPHER...)
1 1 193.0.160.128 54312 (ROCKETFUEL)
2 2 185.184.8.30 204995 (RTB-HOUSE...)
1 185.64.189.115 62713 (AS-PUBMATIC)
4 8 69.173.144.139 26667 (RUBICONPR...)
1 178.250.2.151 44788 (ASN-CRITE...)
2 2 213.155.156.182 1299 (TELIANET ...)
15 185.64.190.80 62713 (AS-PUBMATIC)
5 5 54.171.41.106 16509 (AMAZON-02)
1 1 185.86.137.131 201081 (SMARTADSE...)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
1 1 87.98.252.5 16276 (OVH)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 77.243.60.138 42697 (NETIC-AS)
2 2 35.201.96.126 15169 (GOOGLE)
1 185.64.189.249 62713 (AS-PUBMATIC)
2 2 35.210.53.219 19527 (GOOGLE-2)
1 185.64.189.114 62713 (AS-PUBMATIC)
1 1 2001:678:cb4:... 56396 (TURN)
4 4 66.155.71.149 13768 (COGECO-PEER1)
1 1 159.65.196.12 14061 (DIGITALOC...)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 169.50.137.190 36351 (SOFTLAYER)
1 1 13.226.155.74 16509 (AMAZON-02)
1 4 216.52.2.39 30282 (AS-INAPCD...)
2 2 69.173.144.138 26667 (RUBICONPR...)
2 34.200.78.134 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
1 35.244.174.68 15169 (GOOGLE)
1 5 52.30.234.204 16509 (AMAZON-02)
1 52.58.248.2 16509 (AMAZON-02)
1 54.88.16.190 14618 (AMAZON-AES)
322 77
8    192.104.182.109 (United States)

ASN10668 (LEE-ASN, US)
PTR: cms.chicago2.vip.townnews.com
thetandd.com
38    104.18.131.43 (United States)

ASN13335 (CLOUDFLARENET, US)
bloximages.chicago2.vip.townnews.com
7    2606:4700::6810:9440 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
1    13.226.155.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-155-79.dus51.r.cloudfront.net
tags.crwdcntrl.net
2    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
3    5.149.248.141 (Netherlands)

ASN59711 (HZ-EU-AS, BG)
PTR: oily-ancre.tastesthyme.com
protesidenext.com
11    65.9.58.106 (United States)

ASN16509 (AMAZON-02, US)
tagan.adlightning.com
5    2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
15    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
contributor.google.com
fundingchoicesmessages.google.com
ampcid.google.de
analytics.google.com
21    216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f162.1e100.net
securepubads.g.doubleclick.net
www.googletagservices.com
6    52.85.32.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-32-122.ham50.r.cloudfront.net
c.amazon-adsystem.com
3    2a00:1450:4001:803::2011 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
survey.g.doubleclick.net
2    2606:4700:10::6814:b944 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
7    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
adservice.google.ch
adservice.google.com
7    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ampcid.google.com
3    2a00:1450:400c:c1b::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:80e::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
storage.googleapis.com
2    2a03:2880:f012:10c:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2600:9000:2182:5400:2:36a1:2f40:21 (United States)

ASN16509 (AMAZON-02, US)
d81mfvml8p5ml.cloudfront.net
2    107.178.250.234 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 234.250.178.107.bc.googleusercontent.com
js.matheranalytics.com
3    104.111.238.139 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-238-139.deploy.static.akamaitechnologies.com
sb.scorecardresearch.com
1    2a02:26f0:7100::687e:243a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
b-code.liadm.com
1    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
b1c97018161ab4c5273f19483f2ef1cd.safeframe.googlesyndication.com
19    2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    34.102.205.239 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 239.205.102.34.bc.googleusercontent.com
a.leetemplates.com
4    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
13    52.95.116.38 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
9    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2600:9000:2070:5400:7:5031:dc0:21 (United States)

ASN16509 (AMAZON-02, US)
dn1i8v75r669j.cloudfront.net
2    35.168.95.93 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-168-95-93.compute-1.amazonaws.com
www.i.matheranalytics.com
2    104.16.88.26 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.tynt.com
sc.tynt.com
1    2600:1f18:730:b130:2c1a:486d:f5df:3ec7 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rp.liadm.com
1    3.213.73.156 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-73-156.compute-1.amazonaws.com
rp4.liadm.com
3    2a03:2880:f112:182:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    208.100.17.187 (United States)

ASN32748 (STEADFAST, US)
PTR: ip187.208-100-17.static.steadfastdns.net
ic.tynt.com
10    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
2    2600:9000:2182:4800:e:98bf:5f00:21 (United States)

ASN16509 (AMAZON-02, US)
dkpklk99llpj0.cloudfront.net
2    208.100.17.183 (United States)

ASN32748 (STEADFAST, US)
PTR: ip183.208-100-17.static.steadfastdns.net
de.tynt.com
2    104.16.39.14 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn-sic.33across.com
2    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
cs.emxdgt.com
10    213.19.147.151 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
11    52.18.90.176 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
match.adsrvr.org
16    34.253.11.193 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-11-193.eu-west-1.compute.amazonaws.com
rtb.gumgum.com
5    184.30.24.198 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-198.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    104.111.230.142 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
3    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
9    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
u.openx.net
us-u.openx.net
eu-u.openx.net
13    185.33.220.145 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
secure.adnxs.com
1    185.86.138.119 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
3    63.251.114.137 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
2    3.64.73.215 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
eb2.3lift.com
3    34.249.87.121 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
am.freshrelevance.com
1    151.101.113.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
acdn.adnxs.com
3    67.202.110.23 (United States)

ASN32748 (STEADFAST, US)
PTR: ip23.67-202-110.static.steadfastdns.net
sic.33across.com
2    2620:116:800d:21:36a9:ecb:e518:b308 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
3    37.157.2.234 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
16    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
cm.g.doubleclick.net
12    18.185.180.173 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
x.bidswitch.net
2    18.158.167.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ads.creative-serving.com
2    70.42.32.159 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
sync.outbrain.com
b1sync.zemanta.com
1    54.81.207.173 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.srv.stackadapt.com
3    2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
1    23.23.2.159 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.ipredictive.com
1    193.122.130.38 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
1    169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
2    54.93.115.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-115-47.eu-central-1.compute.amazonaws.com
ad.360yield.com
2    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
3    185.29.133.208 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
4    151.101.14.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    124.146.215.48 (Setagaya-ku, Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
1    193.0.160.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
2    185.184.8.30 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-30.rtbhouse.net
creativecdn.com
1    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
8    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
1    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    213.155.156.182 (Sweden)

ASN1299 (TELIANET Telia Carrier, SE)
PTR: 213-155-156-182.teliacarrier-cust.com
d5p.de17a.com
15    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
5    54.171.41.106 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-41-106.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    185.86.137.131 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    85.114.159.93 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
1    87.98.252.5 (France)

ASN16276 (OVH, FR)
green.erne.co
1    2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
2    77.243.60.138 (Aalborg, Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
2    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
visitor.fiftyt.com
1    185.64.189.249 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
2    35.210.53.219 (Brussels, Belgium)

ASN19527 (GOOGLE-2, US)
pool.admedo.com
1    185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (TURN, GB)
ad.turn.com
4    66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    159.65.196.12 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    2a02:fa8:8806:13::1370 (United States)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
1    169.50.137.190 (United States)

ASN36351 (SOFTLAYER, US)
PTR: be.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
1    13.226.155.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-155-74.dus51.r.cloudfront.net
cm.smadex.com
4    216.52.2.39 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ce.lijit.com
2    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
2    34.200.78.134 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
ssc.33across.com
1    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
30149192a4eb4e9c9b87767b440a2d56.safeframe.googlesyndication.com
1    2a00:1288:80:800::7000 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
5    52.30.234.204 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
bcp.crwdcntrl.net
sync.crwdcntrl.net
1    52.58.248.2 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-248-2.eu-central-1.compute.amazonaws.com
aa.agkn.com
1    54.88.16.190 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
thrtle.com
Apex Domain
Subdomains		 Transfer
42 doubleclick.net
securepubads.g.doubleclick.net
survey.g.doubleclick.net
stats.g.doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
681 KB
38 townnews.com
bloximages.chicago2.vip.townnews.com
665 KB
30 googlesyndication.com
b1c97018161ab4c5273f19483f2ef1cd.safeframe.googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
30149192a4eb4e9c9b87767b440a2d56.safeframe.googlesyndication.com
609 KB
23 pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
image2.pubmatic.com
simage2.pubmatic.com
aud.pubmatic.com
image4.pubmatic.com
61 KB
22 google.com
contributor.google.com
fundingchoicesmessages.google.com
ampcid.google.com
adservice.google.com
analytics.google.com
www.google.com
129 KB
19 amazon-adsystem.com
c.amazon-adsystem.com
aax-eu.amazon-adsystem.com
75 KB
16 gumgum.com
rtb.gumgum.com
5 KB
14 adnxs.com
ib.adnxs.com
acdn.adnxs.com
secure.adnxs.com
42 KB
12 bidswitch.net
x.bidswitch.net
5 KB
12 rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
pixel-eu.rubiconproject.com
pixel.rubiconproject.com
17 KB
11 adsrvr.org
match.adsrvr.org
5 KB
11 adlightning.com
tagan.adlightning.com
209 KB
10 ampproject.org
cdn.ampproject.org
216 KB
9 openx.net
u.openx.net
us-u.openx.net
eu-u.openx.net
2 KB
8 thetandd.com
thetandd.com
74 KB
7 lijit.com
ap.lijit.com
ce.lijit.com
5 KB
7 yahoo.com
ups.analytics.yahoo.com
pr-bh.ybp.yahoo.com
ads.yahoo.com
4 KB
7 1rx.io
sync.1rx.io
4 KB
7 33across.com
cdn-sic.33across.com
sic.33across.com
ssc.33across.com
118 KB
7 google-analytics.com
www.google-analytics.com
58 KB
7 cookielaw.org
cdn.cookielaw.org
109 KB
6 crwdcntrl.net
tags.crwdcntrl.net
bcp.crwdcntrl.net
sync.crwdcntrl.net
15 KB
5 bidr.io
match.prod.bidr.io
2 KB
5 tynt.com
cdn.tynt.com
sc.tynt.com
ic.tynt.com
de.tynt.com
8 KB
5 googletagmanager.com
www.googletagmanager.com
260 KB
4 sitescout.com
pixel-sync.sitescout.com
2 KB
4 everesttech.net
sync-tm.everesttech.net
1 KB
4 matheranalytics.com
js.matheranalytics.com
www.i.matheranalytics.com
41 KB
4 cloudfront.net
d81mfvml8p5ml.cloudfront.net
dn1i8v75r669j.cloudfront.net
dkpklk99llpj0.cloudfront.net
22 KB
4 google.de
adservice.google.de
ampcid.google.de
www.google.de
2 KB
3 mathtag.com
sync.mathtag.com
2 KB
3 adform.net
c1.adform.net
1 KB
3 freshrelevance.com
am.freshrelevance.com
5 KB
3 unrulymedia.com
sync.targeting.unrulymedia.com
1 KB
3 facebook.com
www.facebook.com
543 B
3 googletagservices.com
www.googletagservices.com
100 KB
3 google.ch
adservice.google.ch
1 KB
3 liadm.com
b-code.liadm.com
rp.liadm.com
rp4.liadm.com
11 KB
3 scorecardresearch.com
sb.scorecardresearch.com
2 KB
3 protesidenext.com
protesidenext.com
687 B
2 admedo.com
pool.admedo.com
783 B
2 fiftyt.com
visitor.fiftyt.com
990 B
2 semasio.net
uipglob.semasio.net
923 B
2 de17a.com
d5p.de17a.com
637 B
2 creativecdn.com
creativecdn.com
695 B
2 contextweb.com
bh.contextweb.com
1 KB
2 360yield.com
ad.360yield.com
617 B
2 creative-serving.com
ads.creative-serving.com
1 KB
2 quantserve.com
pixel.quantserve.com
1 KB
2 3lift.com
eb2.3lift.com
744 B
2 smartadserver.com
ssbsync.smartadserver.com
rtb-csync.smartadserver.com
1 KB
2 emxdgt.com
cs.emxdgt.com
59 B
2 leetemplates.com
a.leetemplates.com
335 B
2 facebook.net
connect.facebook.net
95 KB
2 onetrust.com
geolocation.onetrust.com
769 B
2 gstatic.com
www.gstatic.com
13 KB
1 thrtle.com
thrtle.com
1 agkn.com
aa.agkn.com
412 B
1 rlcdn.com
id.rlcdn.com
66 B
1 smadex.com
cm.smadex.com
526 B
1 simpli.fi
um.simpli.fi
607 B
1 dotomi.com
pubmatic-match.dotomi.com
104 B
1 bidtheatre.com
match.adsby.bidtheatre.com
550 B
1 turn.com
ad.turn.com
518 B
1 zeotap.com
mwzeom.zeotap.com
595 B
1 erne.co
green.erne.co
327 B
1 adition.com
dsp.adfarm1.adition.com
501 B
1 criteo.com
dis.criteo.com
326 B
1 rfihub.com
p.rfihub.com
749 B
1 socdm.com
tg.socdm.com
836 B
1 zemanta.com
b1sync.zemanta.com
281 B
1 deepintent.com
match.deepintent.com
44 B
1 technoratimedia.com
sync.technoratimedia.com
294 B
1 ipredictive.com
sync.ipredictive.com
428 B
1 stackadapt.com
sync.srv.stackadapt.com
612 B
1 outbrain.com
sync.outbrain.com
627 B
1 googleapis.com
storage.googleapis.com
27 KB
0 acuityplatform.com Failed
ums.acuityplatform.com Failed
322 78
Domain Requested by
38 bloximages.chicago2.vip.townnews.com thetandd.com
bloximages.chicago2.vip.townnews.com
19 tpc.googlesyndication.com tagan.adlightning.com
thetandd.com
cdn.ampproject.org
securepubads.g.doubleclick.net
tpc.googlesyndication.com
18 securepubads.g.doubleclick.net thetandd.com
securepubads.g.doubleclick.net
www.googletagservices.com
cdn-sic.33across.com
16 cm.g.doubleclick.net 10 redirects u.openx.net
rtb.gumgum.com
ap.lijit.com
aax-eu.amazon-adsystem.com
bcp.crwdcntrl.net
16 rtb.gumgum.com aax-eu.amazon-adsystem.com
rtb.gumgum.com
13 aax-eu.amazon-adsystem.com 1 redirects tagan.adlightning.com
aax-eu.amazon-adsystem.com
u.openx.net
rtb.gumgum.com
ads.pubmatic.com
ap.lijit.com
12 x.bidswitch.net 12 redirects
12 ib.adnxs.com 6 redirects acdn.adnxs.com
11 match.adsrvr.org 9 redirects u.openx.net
aax-eu.amazon-adsystem.com
11 fundingchoicesmessages.google.com thetandd.com
tagan.adlightning.com
11 tagan.adlightning.com thetandd.com
tagan.adlightning.com
10 cdn.ampproject.org thetandd.com
9 pagead2.googlesyndication.com tagan.adlightning.com
thetandd.com
www.googletagservices.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
8 simage2.pubmatic.com image6.pubmatic.com
ads.pubmatic.com
8 thetandd.com thetandd.com
7 image2.pubmatic.com image6.pubmatic.com
ads.pubmatic.com
7 sync.1rx.io 7 redirects
7 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
thetandd.com
7 cdn.cookielaw.org thetandd.com
cdn.cookielaw.org
6 c.amazon-adsystem.com thetandd.com
c.amazon-adsystem.com
cdn-sic.33across.com
5 match.prod.bidr.io 5 redirects
5 token.rubiconproject.com 4 redirects aax-eu.amazon-adsystem.com
5 ads.pubmatic.com aax-eu.amazon-adsystem.com
ads.pubmatic.com
rtb.gumgum.com
5 www.googletagmanager.com thetandd.com
www.googletagmanager.com
4 ce.lijit.com 1 redirects ap.lijit.com
4 pixel-sync.sitescout.com 4 redirects
4 sync-tm.everesttech.net 3 redirects rtb.gumgum.com
4 u.openx.net 3 redirects aax-eu.amazon-adsystem.com
4 www.google.com 2 redirects thetandd.com
3 bcp.crwdcntrl.net 1 redirects tagan.adlightning.com
bcp.crwdcntrl.net
3 pixel.rubiconproject.com aax-eu.amazon-adsystem.com
3 sync.mathtag.com 3 redirects
3 pr-bh.ybp.yahoo.com 2 redirects ads.pubmatic.com
3 c1.adform.net 3 redirects
3 us-u.openx.net 1 redirects u.openx.net
3 sic.33across.com tagan.adlightning.com
cdn-sic.33across.com
3 am.freshrelevance.com tagan.adlightning.com
dkpklk99llpj0.cloudfront.net
3 ap.lijit.com 2 redirects aax-eu.amazon-adsystem.com
3 ups.analytics.yahoo.com 3 redirects
3 sync.targeting.unrulymedia.com 1 redirects aax-eu.amazon-adsystem.com
rtb.gumgum.com
3 www.facebook.com connect.facebook.net
thetandd.com
3 www.googletagservices.com tagan.adlightning.com
securepubads.g.doubleclick.net
3 adservice.google.com tagan.adlightning.com
securepubads.g.doubleclick.net
3 adservice.google.ch tagan.adlightning.com
securepubads.g.doubleclick.net
3 sb.scorecardresearch.com 1 redirects thetandd.com
3 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
3 survey.g.doubleclick.net thetandd.com
survey.g.doubleclick.net
3 protesidenext.com thetandd.com
2 sync.crwdcntrl.net bcp.crwdcntrl.net
2 ssc.33across.com cdn-sic.33across.com
2 pixel-eu.rubiconproject.com 2 redirects
2 pool.admedo.com 2 redirects
2 visitor.fiftyt.com 2 redirects
2 uipglob.semasio.net 1 redirects ads.pubmatic.com
2 d5p.de17a.com 2 redirects
2 creativecdn.com 2 redirects
2 bh.contextweb.com 2 redirects
2 ad.360yield.com 2 redirects
2 ads.creative-serving.com 2 redirects
2 eu-u.openx.net 1 redirects u.openx.net
2 pixel.quantserve.com 2 redirects
2 eb2.3lift.com 2 redirects
2 eus.rubiconproject.com aax-eu.amazon-adsystem.com
eus.rubiconproject.com
2 cs.emxdgt.com aax-eu.amazon-adsystem.com
rtb.gumgum.com
2 googleads.g.doubleclick.net thetandd.com
2 cdn-sic.33across.com tagan.adlightning.com
2 de.tynt.com cdn.tynt.com
2 dkpklk99llpj0.cloudfront.net d81mfvml8p5ml.cloudfront.net
2 www.i.matheranalytics.com thetandd.com
2 a.leetemplates.com storage.googleapis.com
2 www.google.de thetandd.com
2 js.matheranalytics.com 1 redirects thetandd.com
2 connect.facebook.net thetandd.com
connect.facebook.net
2 geolocation.onetrust.com cdn.cookielaw.org
2 contributor.google.com thetandd.com
2 www.gstatic.com thetandd.com
1 thrtle.com bcp.crwdcntrl.net
1 aa.agkn.com bcp.crwdcntrl.net
1 id.rlcdn.com aax-eu.amazon-adsystem.com
1 ads.yahoo.com aax-eu.amazon-adsystem.com
1 30149192a4eb4e9c9b87767b440a2d56.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 cm.smadex.com 1 redirects
1 um.simpli.fi ads.pubmatic.com
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 match.adsby.bidtheatre.com 1 redirects
1 ad.turn.com 1 redirects
1 image4.pubmatic.com ads.pubmatic.com
1 aud.pubmatic.com ads.pubmatic.com
1 mwzeom.zeotap.com ads.pubmatic.com
1 green.erne.co 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 rtb-csync.smartadserver.com 1 redirects
1 dis.criteo.com image6.pubmatic.com
1 image6.pubmatic.com ads.pubmatic.com
1 p.rfihub.com 1 redirects
1 tg.socdm.com 1 redirects
1 b1sync.zemanta.com 1 redirects
1 match.deepintent.com rtb.gumgum.com
1 sync.technoratimedia.com rtb.gumgum.com
1 sync.ipredictive.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 sync.outbrain.com 1 redirects
1 secure.adnxs.com 1 redirects
1 acdn.adnxs.com cdn-sic.33across.com
1 ssbsync.smartadserver.com 1 redirects
1 ic.tynt.com thetandd.com
1 sc.tynt.com tagan.adlightning.com
1 rp4.liadm.com thetandd.com
1 rp.liadm.com 1 redirects
1 cdn.tynt.com tagan.adlightning.com
1 dn1i8v75r669j.cloudfront.net d81mfvml8p5ml.cloudfront.net
1 analytics.google.com www.googletagmanager.com
1 b1c97018161ab4c5273f19483f2ef1cd.safeframe.googlesyndication.com tagan.adlightning.com
1 b-code.liadm.com www.googletagmanager.com
1 d81mfvml8p5ml.cloudfront.net www.googletagmanager.com
1 storage.googleapis.com www.googletagmanager.com
1 ampcid.google.de www.google-analytics.com
1 ampcid.google.com www.google-analytics.com
1 adservice.google.de survey.g.doubleclick.net
1 tags.crwdcntrl.net thetandd.com
0 ums.acuityplatform.com Failed ap.lijit.com
322 121
Subject Issuer Validity Valid
thetandd.com
R3		 2021-03-07 -
2021-06-05		 3 months crt.sh
bloximages.chicago2.vip.townnews.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-09 -
2022-04-09		 a year crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2020-07-01 -
2021-07-01		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2019-06-13 -
2021-06-28		 2 years crt.sh
*.gstatic.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
protesidenext.com
R3		 2021-02-08 -
2021-05-09		 3 months crt.sh
*.adlightning.com
Amazon		 2020-07-22 -
2021-08-22		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2020-08-04 -
2021-08-02		 a year crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2021-02-12 -
2022-02-11		 a year crt.sh
*.google.de
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-02-10 -
2021-05-10		 3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2021-02-22 -
2022-02-21		 a year crt.sh
js.matheranalytics.com
Sectigo RSA Domain Validation Secure Server CA		 2021-03-19 -
2022-04-19		 a year crt.sh
sb.scorecardresearch.com
DigiCert Secure Site ECC CA-1		 2020-07-17 -
2021-06-02		 a year crt.sh
b-code.liadm.com
DigiCert Secure Site ECC CA-1		 2020-06-23 -
2021-09-22		 a year crt.sh
*.google.ch
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
www.google.de
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
a.leetemplates.com
GTS CA 1D2		 2021-03-24 -
2021-06-22		 3 months crt.sh
www.google.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2021-04-09 -
2022-03-20		 a year crt.sh
www.i.matheranalytics.com
Sectigo RSA Domain Validation Secure Server CA		 2020-01-28 -
2022-01-27		 2 years crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2019-10-01 -
2021-09-30		 2 years crt.sh
*.liadm.com
Amazon		 2021-03-02 -
2022-03-31		 a year crt.sh
misc-sni.google.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2019-10-01 -
2021-09-30		 2 years crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2		 2020-05-18 -
2021-07-17		 a year crt.sh
*.targeting.unrulymedia.com
DigiCert SHA2 Secure Server CA		 2020-05-04 -
2022-05-09		 2 years crt.sh
*.gumgum.com
Amazon		 2020-07-03 -
2021-08-03		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2020-06-18 -
2021-08-17		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2020-03-11 -
2021-05-10		 a year crt.sh
*.freshrelevance.com
Amazon		 2020-06-27 -
2021-07-27		 a year crt.sh
cdn.adnxs.com
GlobalSign CloudSSL CA - SHA256 - G3		 2021-03-16 -
2022-03-17		 a year crt.sh
*.adsrvr.org
Trustwave Organization Validation SHA256 CA, Level 1		 2019-03-07 -
2021-04-19		 2 years crt.sh
*.technoratimedia.com
DigiCert SHA2 High Assurance Server CA		 2020-07-28 -
2021-10-01		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-03-22 -
2022-04-23		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-01-30 -
2021-04-28		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-05 -
2021-08-05		 a year crt.sh
*.semasio.net
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-09 -
2022-04-10		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2020-10-30 -
2021-04-27		 6 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2019-06-19 -
2021-08-31		 2 years crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-29 -
2021-05-05		 a month crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
*.agkn.com
RapidSSL RSA CA 2018		 2020-07-25 -
2022-09-18		 2 years crt.sh
*.thrtle.com
Go Daddy Secure Certificate Authority - G2		 2020-03-22 -
2021-05-21		 a year crt.sh

This page contains 41 frames:

Primary Page: https://thetandd.com/
Frame ID: BB0AB36C1796BBF3B2B1A4488D086E21
Requests: 153 HTTP requests in this frame

Frame: https://tagan.adlightning.com/leeenterprises/bl-49c6f47-9fc0ee63.js
Frame ID: B5D06C72479A6CE25ED970A2A44179E5
Requests: 12 HTTP requests in this frame

Frame: https://tagan.adlightning.com/leeenterprises/bl-49c6f47-9fc0ee63.js
Frame ID: 91BF5467D8C33E858557059013E87893
Requests: 6 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_pm-db5_rbd_n-emx_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&dcc=t
Frame ID: E718F9CE886D52D1AEEFD6355645F196
Requests: 1 HTTP requests in this frame

Frame: https://tagan.adlightning.com/leeenterprises/bl-49c6f47-9fc0ee63.js
Frame ID: A237E1D10B0F844E34979CDA3807B5E0
Requests: 17 HTTP requests in this frame

Frame: https://tagan.adlightning.com/leeenterprises/bl-49c6f47-9fc0ee63.js
Frame ID: 600B726FD0FDABF953A9D0DDCB008F75
Requests: 17 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_pm-db5_rbd_n-emx_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Frame ID: 4CA2DF0530F8AF43023AA33CB02EE563
Requests: 3 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Frame ID: 5D1411641230DBE3C422794630D20E27
Requests: 15 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Frame ID: 8732882DC248B0C53AC55FC28C886C19
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Frame ID: 53578215BD04F1C280E7928BF12729EF
Requests: 12 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=vmg.com&id=y-oPE7fGR1l2MFBGHHlLi637mHCRG5o9k-&
Frame ID: 191DFC942D426AA099A64B8C0BE61DF0
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: 94910C2551F4DEFE1D3A30864A4E49CB
Requests: 7 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?id=3379688932302077392&ex=districtm
Frame ID: CA81D5B166CB72BCFF23F46318718289
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smart.com&id=4228973117919614511
Frame ID: 796C114463B702AA43DD8944BBA308EC
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?id=7769385388755896664&ex=appnexus.com
Frame ID: D4C58EE31EB4CC80F29C9EF97FC6B884
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Frame ID: 0EE58CB31ABE27D4AF5F11E0FD74B6E7
Requests: 7 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=6784892783565280337
Frame ID: 651222CFFEEA85805805BD58D86C8AFF
Requests: 1 HTTP requests in this frame

Frame: https://am.freshrelevance.com/tpc/
Frame ID: B17207374D99737FCB7204D5479330DB
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ast/ast.js
Frame ID: 8931645BC2AE543031FE82928CB4CF7E
Requests: 7 HTTP requests in this frame

Frame: https://c.amazon-adsystem.com/aax2/apstag.js
Frame ID: 1C29722B334A8B7771A8DE8C6E55E212
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 8C8DC785ACD37ABCF685FE2906A232D2
Requests: 21 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=a4a86074-5d2a-4400-b2c0-b7c48c9f9501&gdpr=&gdpr_consent=
Frame ID: EB7BFB94B86DFB969CA53ECB270710C2
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=YHRdLQAAI6D-TgA0
Frame ID: 90C9A2CF058F810FCE2455D06229C1D0
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8xZDI2Y2VhNi1hNGUyLTRiZDAtYjEzZC0wZjAzYzM3MmVjOTI=&gdpr=&gdpr_consent=
Frame ID: 1FC50023969A3F6B924978C1A06A2C65
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: E485B5B6C2F9A8FDEC6E6FBAE141B6AB
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=ttd&i=cebea4dd-aa17-47ff-bb31-4ffffaeed072&t=1620830762
Frame ID: BFAD1787F67A88269D96F52DBF0458C2
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Frame ID: E95C2458E466575531567591EE9D9635
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=sus&i=YHRdLMCo8ZUAAF4QTFUAAAAA
Frame ID: A8D478A06C2288992C95A7694E30CF1A
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=zet&i=2159827870144492042
Frame ID: E37A8703FD632BDE64B26071317D70A1
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=cXd043r9gBI5ExKLi3r4&pi=gumgum&tc=1
Frame ID: E0FC53F1C1DFB47FA18444913C3A86BA
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 5FF70EF8F0472C0872A9B261FB91F804
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 543CA9B49F72D1DA7E50109EFF3523CE
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8632558477689808783
Frame ID: BE17165BF27BB349E566AEF64043BE58
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADPQU7A6LoAAClCDdCGeQ
Frame ID: 0893868814BAB0C9E8079FEF360F326E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6950282577090246797
Frame ID: 66C1FB68BF312CA78515D33AFB426B6B
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=yqhJN4Z7LycL2D3493WzWoTW
Frame ID: 8BE0048146F6D4F4D7AE1EA377857495
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?id=5DF0633D-C0C5-4D69-AD23-132EB228F2D5&ex=pubmatic.com
Frame ID: 3C3A3819EF6DCD9D9AB4EBE97055C8D3
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 552C58D738C07CDE93F943A0DC7ECB0C
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: A5341FDAF564C56F8FE2E1656361C350
Requests: 2 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/ct=y/c=6894/rand=600308271/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20thetandd%20%3A%20Total%20Site%20Traffic/rb=%7B%22meta_tag%22%3A%22the%20times%20and%20democrat%22%7D/rt=ifr
Frame ID: FEB357BFCA5A5D257AFC612CE8473AB7
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 754F42D5D46E796553E2EDE20550E64A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Statistics

322
Requests

100 %
HTTPS

30 %
IPv6

78
Domains

121
Subdomains

77
IPs

10
Countries

3663 kB
Transfer

8815 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 81
  • https://js.matheranalytics.com/s/ma1527/725149337/lee/ml.js?cb=1561 HTTP 301
  • https://js.matheranalytics.com/static/ltm/ma1527/lee/3/ml.br.js
Request Chain 114
  • https://sb.scorecardresearch.com/b?c1=2&c2=10345586&ns__t=1618238760465&ns_c=UTF-8&cv=3.5&c8=First%20In%20Local%20News%2C%20Sports%20%26%20Weather%20%7C%20Your%20First.%20Best.%20source%20for%20news&c7=https%3A%2F%2Fthetandd.com%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=10345586&ns__t=1618238760465&ns_c=UTF-8&cv=3.5&c8=First%20In%20Local%20News%2C%20Sports%20%26%20Weather%20%7C%20Your%20First.%20Best.%20source%20for%20news&c7=https%3A%2F%2Fthetandd.com%2F&c9=&cs_ak_ss=1
Request Chain 118
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_pm-db5_rbd_n-emx_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_pm-db5_rbd_n-emx_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&dcc=t
Request Chain 140
  • https://rp.liadm.com/j?tna=v2.0.1&aid=a-0197&wpn=lc-bundle&pu=https%3A%2F%2Fthetandd.com%2F&duid=ca73657aa29d--01f338qtcnz482qwra9f8dghr7&se=e30&dtstmp=1618238761368 HTTP 302
  • https://rp4.liadm.com/j?tna=v2.0.1&aid=a-0197&wpn=lc-bundle&pu=https%3A%2F%2Fthetandd.com%2F&duid=ca73657aa29d--01f338qtcnz482qwra9f8dghr7&se=e30&dtstmp=1618238761368&i6=MmEwMTo0Zjg6MTkyOjU0MTQ6OjI%3D&n3pc=true
Request Chain 182
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 186
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 188
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%5BRX_UUID%5D%26ex%3Drhythmone.com HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7590998347 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7590998347 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/cebea4dd-aa17-47ff-bb31-4ffffaeed072 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/cebea4dd-aa17-47ff-bb31-4ffffaeed072?zcc=1&dspret=0&cb=1618238762900 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-d9009e1c-987b-4720-ab2e-7af5df831f4b-003
Request Chain 192
  • https://ups.analytics.yahoo.com/ups/58252/sync?redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58252/sync?redir=true&verify=true HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=vmg.com&id=y-oPE7fGR1l2MFBGHHlLi637mHCRG5o9k-&
Request Chain 193
  • https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Request Chain 194
  • https://ib.adnxs.com/getuid?https://aax-eu.amazon-adsystem.com/s/ecm3?id=$UID&ex=districtm HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID%26ex%3Ddistrictm HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=3379688932302077392&ex=districtm
Request Chain 195
  • https://ssbsync.smartadserver.com/api/sync?callerId=2 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smart.com&id=4228973117919614511
Request Chain 196
  • https://ib.adnxs.com/getuid?https://aax-eu.amazon-adsystem.com/s/ecm3?id=$UID&ex=appnexus.com HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=7769385388755896664&ex=appnexus.com
Request Chain 197
  • https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com HTTP 302
  • https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Request Chain 198
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=1&cmp_cs=&us_privacy=&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=6784892783565280337
Request Chain 212
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=L7rEGyzuwU406MAXe-_eHSC_lh80vsAdKrjqDJpZ
Request Chain 213
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=510790275478677492 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=510790275478677492
Request Chain 216
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE484n8foz-BSQ_-nKo0PIc&google_cver=1
Request Chain 217
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://rtb.gumgum.com/usersync?b=apn&i=7769385388755896664
Request Chain 218
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_1d26cea6-a4e2-4bd0-b13d-0f03c372ec92&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_1d26cea6-a4e2-4bd0-b13d-0f03c372ec92&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=75440d69-d0e7-41e7-bdf7-eb28d4b43ee6 HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=75440d69-d0e7-41e7-bdf7-eb28d4b43ee6 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=c41f1362-3fa9-4310-9b5e-3359dd8d0156&ssp=gumgum2&expires=30&user_group=5&bsw_param=75440d69-d0e7-41e7-bdf7-eb28d4b43ee6 HTTP 302
  • https://rtb.gumgum.com/usersync?b=bsw&i=d381be2d-4deb-44a8-b3af-fabaa8abb167
Request Chain 219
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%28oYCZlwvfKi8WyYRJQWcoyasstL0ZAm8N08_Fy1V2DHHirRr0Fv0DyqdJHPiyLeEQ%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28oYCZlwvfKi8WyYRJQWcoyasstL0ZAm8N08_Fy1V2DHHirRr0Fv0DyqdJHPiyLeEQ%29
Request Chain 220
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=opx&i=352b3745-94e3-023e-04c7-ab11d432a3ad
Request Chain 221
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=sta&i=0-4251fe87-982f-4bb9-767d-be8eaa14d90b$ip$185.156.175.107
Request Chain 222
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=oth&i=y-uR4EXmBE2pdzoKFJGGBWZHWBGp7RpRG74nRf~A
Request Chain 223
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=vnt&i=cde85ccb-9b9d-11eb-92c8-493c66029fd8
Request Chain 226
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_1d26cea6-a4e2-4bd0-b13d-0f03c372ec92&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://rtb.gumgum.com/usersync?b=zem&i=
Request Chain 227
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=idi&i=64a58cb9-e899-4b34-884d-7757ed49c16e
Request Chain 228
  • https://sync.1rx.io/usersync2/floor6&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-d9009e1c-987b-4720-ab2e-7af5df831f4b-003&rndcb=2241121127 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=d381be2d-4deb-44a8-b3af-fabaa8abb167&google_hm=ZDM4MWJlMmQtNGRlYi00NGE4LWIzYWYtZmFiYWE4YWJiMTY3 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEOtorA0qe7Q2KA1RWvlv58M&google_cver=1&ssp=adconductor&bsw_param=d381be2d-4deb-44a8-b3af-fabaa8abb167 HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/d381be2d-4deb-44a8-b3af-fabaa8abb167?gdpr=&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-d9009e1c-987b-4720-ab2e-7af5df831f4b-003
Request Chain 229
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://rtb.gumgum.com/usersync?b=pln&i=MN7tsub6Fpln&ev=1&pid=558355
Request Chain 231
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://rtb.gumgum.com/usersync?b=mmh&i=a4a86074-5d2a-4400-b2c0-b7c48c9f9501&gdpr=&gdpr_consent=
Request Chain 232
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=YHRdLQAAI6D-TgA0
Request Chain 235
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=ttd&i=cebea4dd-aa17-47ff-bb31-4ffffaeed072&t=1620830762
Request Chain 237
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://rtb.gumgum.com/usersync?b=sus&i=YHRdLMCo8ZUAAF4QTFUAAAAA
Request Chain 238
  • https://p.rfihub.com/cm?pub=42796&in=1 HTTP 302
  • https://rtb.gumgum.com/usersync?b=zet&i=2159827870144492042
Request Chain 239
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rth&i=cXd043r9gBI5ExKLi3r4&pi=gumgum&tc=1
Request Chain 246
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8632558477689808783
Request Chain 247
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEUFFVN0E2TG9BQUNsQ0RkQ0dlUQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEUFFVN0E2TG9BQUNsQ0RkQ0dlUQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1&google_tc= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AADPQU7A6LoAAClCDdCGeQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AADPQU7A6LoAAClCDdCGeQ&pid=558502&do=add HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AADPQU7A6LoAAClCDdCGeQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=2775234367348692613 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADPQU7A6LoAAClCDdCGeQ
Request Chain 248
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6950282577090246797
Request Chain 249
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=yqhJN4Z7LycL2D3493WzWoTW
Request Chain 251
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=XfBjPcDFTWmtIxMusijy1Q%3D%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=XfBjPcDFTWmtIxMusijy1Q%3D%3D&google_tc= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 253
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=5DF0633D-C0C5-4D69-AD23-132EB228F2D5&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=5DF0633D-C0C5-4D69-AD23-132EB228F2D5&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 254
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=5DF0633D-C0C5-4D69-AD23-132EB228F2D5&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=5DF0633D-C0C5-4D69-AD23-132EB228F2D5&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=5DF0633D-C0C5-4D69-AD23-132EB228F2D5&addseg=31
Request Chain 255
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=745b2dd7-cd87-48f1-9bdc-a9322ad5a237
Request Chain 256
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEG4SaQDO9ZWs1Fevn-HO7YY&google_cver=1
Request Chain 257
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=510790275478677492
Request Chain 258
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:73346074-5d2a-4d00-87b6-ed527a72b28d&gdpr=0&gdpr_consent=
Request Chain 259
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3148030127967200618&gdpr=0&gdpr_consent=
Request Chain 260
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=ba362b9e-f037-45d0-8d87-2a9076a061da HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=ba362b9e-f037-45d0-8d87-2a9076a061da HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=7b942943-cb76-435a-a822-4246240e01f8&user_group=1&ssp=pubmatic&bsw_param=ba362b9e-f037-45d0-8d87-2a9076a061da HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=23&expires=14&user_id=7b942943-cb76-435a-a822-4246240e01f8&user_group=1&ssp=pubmatic&bsw_param=ba362b9e-f037-45d0-8d87-2a9076a061da HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=9b1a8722-a16b-41db-b6f2-bfcdcc68cb56&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 262
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=5DF0633D-C0C5-4D69-AD23-132EB228F2D5&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-FQrZA9dE2uXA7w.BCtzcK4Lpd.uGTS4-~A&gdpr=0&gdpr_consent=
Request Chain 263
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=HBMU4x9HEbUHEkK0TEcO4RJAE-8HEBHkThXtuJo8
Request Chain 264
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4179163076408288839&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 265
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YHRdLQAAFppV2ABQ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YHRdLQAAFppV2ABQ&gdpr=0&gdpr_consent=&_test=YHRdLQAAFppV2ABQ
Request Chain 266
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=1f547421-ceda-4bd9-99b2-c4e71189d36c-60745d2c-4348&gdpr=0&gdpr_consent=
Request Chain 267
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:7c0dcf46-5bc8-4e6c-af82-d963e0a18262&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 271
  • https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=fmx&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=fmx&bds_param=d381be2d-4deb-44a8-b3af-fabaa8abb167 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=340&user_id=151099de-33d1-4d17-974f-5dd24fbe5ebf&expires=10&ssp=fmx&bsw_param=d381be2d-4deb-44a8-b3af-fabaa8abb167 HTTP 302
  • https://ce.lijit.com/merge?pid=26&3pid=d381be2d-4deb-44a8-b3af-fabaa8abb167
Request Chain 272
  • https://sync.1rx.io/usersync2/sovrn?gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=685078084 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/745b2dd7-cd87-48f1-9bdc-a9322ad5a237 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-d9009e1c-987b-4720-ab2e-7af5df831f4b-003?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D56%263pid%3DRX-d9009e1c-987b-4720-ab2e-7af5df831f4b-003 HTTP 302
  • https://ce.lijit.com/merge?pid=56&3pid=RX-d9009e1c-987b-4720-ab2e-7af5df831f4b-003 HTTP 302
  • https://ce.lijit.com/merge?pid=56&3pid=RX-d9009e1c-987b-4720-ab2e-7af5df831f4b-003&dnr=1
Request Chain 273
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=NjE0ZTAwYmE3NzA2NDFjOTlkMDcxZGNi
Request Chain 275
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=83&3pid=KNEPKTR4-18-B1EO&gdpr=0
Request Chain 290
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=a9eu HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=KNEPKTJT-1M-2WQ&ex=d-rubiconproject.com&status=ok
Request Chain 292
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEPdLbRhHyeT2c_Fa24La5ec&google_cver=1
Request Chain 293
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KNEPKTJT-1M-2WQ&sigv=1&esig=2~17ee9ee7990a8e47c1b4ef6968dd1356275a15ea
Request Chain 294
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=73346074-5d2a-4d00-87b6-ed527a72b28d
Request Chain 297
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05FUEtUSlQtMU0tMldR
Request Chain 298
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTY4MGExY2MwYmEzMTVkYTVjMjc3MTAxOThlMGViOWI5N2VkMDk3Ng
Request Chain 299
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/ZCjKLsoF27Uc3_2HkYhinw?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3634830960069199981
Request Chain 306
  • https://bcp.crwdcntrl.net/5/c=6894/rand=600308271/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20thetandd%20%3A%20Total%20Site%20Traffic/rb=%7B%22meta_tag%22%3A%22the%20times%20and%20democrat%22%7D/rt=ifr HTTP 302
  • https://bcp.crwdcntrl.net/5/ct=y/c=6894/rand=600308271/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20thetandd%20%3A%20Total%20Site%20Traffic/rb=%7B%22meta_tag%22%3A%22the%20times%20and%20democrat%22%7D/rt=ifr
Request Chain 314
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=0 HTTP 302
  • https://bcp.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=f1308446-f116-4aad-a2c3-4ef65a6a431f
Request Chain 316
  • https://u.openx.net/w/1.0/cm?id=a2b86b70-2a77-4714-ab97-7807f14fcc73&r=https://sync.crwdcntrl.net/map/c=194/tp=OPNX/tpid= HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=a2b86b70-2a77-4714-ab97-7807f14fcc73&r=https://sync.crwdcntrl.net/map/c=194/tp=OPNX/tpid= HTTP 302
  • https://sync.crwdcntrl.net/map/c=194/tp=OPNX/tpid=98318f44-558c-447b-b8d8-a6f9d0aec0c2
Request Chain 318
  • https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=Y2E3N2RhZGE1NGFlMzkyMDE3YmQwZmQwNTUxZmEzMWM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=Y2E3N2RhZGE1NGFlMzkyMDE3YmQwZmQwNTUxZmEzMWM&google_tc=
Request Chain 319
  • https://pixel-sync.sitescout.com/connectors/lotame/usersync?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID HTTP 302
  • https://pixel-sync.sitescout.com/connectors/lotame/usersync?cookieQ=1&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID HTTP 302
  • https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=ba3ed8a7-267b-4c02-8fb0-42112036e7d0-60745d33-4348

322 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
thetandd.com/ 		495 KB
65 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://thetandd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.chicago2.vip.townnews.com
Software
/
Resource Hash
ca683475c6796632b98cd16969e64a3fe8720559809386da316ec2f053c6c397
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
thetandd.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 11:07:33 GMT
content-type
text/html; charset=UTF-8
x-loop
1
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 12 Apr 2021 11:07:33 GMT
x-robots-tag
noarchive
x-xrds-location
https://thetandd.com/tncms/xrds/
x-ua-compatible
IE=edge
link
<https://bloximages.chicago2.vip.townnews.com>; rel=preconnect dns-prefetch; crossorigin <https://bloximages.chicago2.vip.townnews.com/thetandd.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.6edb5af3e93b0a377ec925c5f1c6ddde.js>; rel=preload; as=script </shared-content/art/tncms/user/user.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/thetandd.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/thetandd.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.5ee3960b4d37bc106988fa535b393865.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/thetandd.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.1477faac295a3745e4796d2263e75f11.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/thetandd.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.93d1db0a57d520951552a1dcd8fd9aeb.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/thetandd.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.3184e9304073379bbe4e2c6500858bb1.js>; rel=preload; as=script <https://cdn.cookielaw.org/scripttemplates/otSDKStub.js>; rel=preload; as=script
x-tncms
1.56.4; app10; 0.78s; 11M
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
x-xss-protection
1; mode=block
etag
W/4ded76bfa43c60901849d8198212e46a
content-encoding
gzip
vary
X-IPCountry, X-Townnews-Now-API-Version, Accept-Encoding
age
13104
cache-control
public, max-age=10
x-vcache
HIT
accept-ranges
bytes
content-length
64004
jquery.min.6edb5af3e93b0a377ec925c5f1c6ddde.js
bloximages.chicago2.vip.townnews.com/thetandd.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/ 		98 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thetandd.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.6edb5af3e93b0a377ec925c5f1c6ddde.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0785141e6461918363176bb595c118997a66d51af8338db5999308cd593cfebd
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:45:58 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
50615
last-modified
Wed, 09 Sep 2020 19:56:59 GMT
cf-request-id
096824f6da00002325a3270000000001
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
W/"5f59338b-18813"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
63ed3dd15fcc2325-ZRH
expires
Sat, 20 Nov 2021 08:35:48 GMT
user.js
thetandd.com/shared-content/art/tncms/user/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thetandd.com/shared-content/art/tncms/user/user.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.chicago2.vip.townnews.com
Software
/
Resource Hash
0230e8c67f568c29bfa2d9756f6e9f79ca6a375d99cbeb54bf09c35fb9e525c4

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:43:25 GMT
content-encoding
gzip
last-modified
Fri, 26 Feb 2021 20:52:35 GMT
age
153
etag
W/"60395f93-1891"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=600
x-vcache
HIT
accept-ranges
bytes
content-length
2304
service-worker-allowed
/
bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js
bloximages.chicago2.vip.townnews.com/thetandd.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/ 		39 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thetandd.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:45:58 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
50615
last-modified
Fri, 06 Sep 2019 14:16:03 GMT
cf-request-id
096824f6d900002325a3beb000000001
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
W/"5d726a23-9bd8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
63ed3dd15fca2325-ZRH
expires
Sun, 07 Nov 2021 09:04:41 GMT
common.5ee3960b4d37bc106988fa535b393865.js
bloximages.chicago2.vip.townnews.com/thetandd.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thetandd.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.5ee3960b4d37bc106988fa535b393865.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e6c02cecdf5cb7b5db7cbf455c81c05828f2f801dd585ffdfa9d4cc90e9be1a
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:45:58 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
50615
last-modified
Thu, 05 Nov 2020 18:39:55 GMT
cf-request-id
096824f6e500002325b0357000000001
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
W/"5fa446fb-8a06"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
63ed3dd168022325-ZRH
expires
Sun, 07 Nov 2021 07:37:39 GMT
tnt.1477faac295a3745e4796d2263e75f11.js
bloximages.chicago2.vip.townnews.com/thetandd.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thetandd.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.1477faac295a3745e4796d2263e75f11.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
560357e94ad4e3f3e2199cdecaaf8d339f35d97ec03de8b875eef2bbd80b43fb
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:45:58 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
50615
last-modified
Fri, 23 Oct 2020 13:08:14 GMT
cf-request-id
096824f6e600002325b506a000000001
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
W/"5f92d5be-1bf3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
63ed3dd1680a2325-ZRH
expires
Fri, 05 Nov 2021 05:59:13 GMT
application.93d1db0a57d520951552a1dcd8fd9aeb.js
bloximages.chicago2.vip.townnews.com/thetandd.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thetandd.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.93d1db0a57d520951552a1dcd8fd9aeb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7c4e85fab99165f7d8a912f21ae8d691b6a96049780d96e174e6394e09384ca
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:45:58 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
50615
last-modified
Fri, 23 Oct 2020 13:08:14 GMT
cf-request-id
096824f6d800002325b5066000000001
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
W/"5f92d5be-f5b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
63ed3dd15fc12325-ZRH
expires
Fri, 05 Nov 2021 07:23:38 GMT
tnt.navigation.accessibility.3184e9304073379bbe4e2c6500858bb1.js
bloximages.chicago2.vip.townnews.com/thetandd.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thetandd.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.3184e9304073379bbe4e2c6500858bb1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a0eaf21fe4084cc7105e771f57731abe41a4d647a4879dea141885fcc3096b2
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:45:58 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
50615
last-modified
Fri, 29 Jan 2021 17:55:48 GMT
cf-request-id
096824f6e800002325c8bc7000000001
x-robots-tag
noarchive
x-vcache
HIT
server
cloudflare
etag
W/"60144c24-925"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
63ed3dd16ffb2325-ZRH
expires
Wed, 02 Feb 2022 20:01:19 GMT
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e409af4e2cd960258ebce74a7af470632e2fa44a18cbc2e49da7f098a3c572c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 12 Apr 2021 14:45:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
JAEaYPmlzGBPWdORjSAaYw==
age
3791
vary
Accept-Encoding
content-length
5617
cf-request-id
096824f6a400004dca48001000000001
x-ms-lease-status
unlocked
last-modified
Mon, 29 Mar 2021 02:12:23 GMT
server
cloudflare
etag
0x8D8F2581726E85D
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
0c6caa1d-301e-00dd-7e1e-278b48000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
63ed3dd10c9c4dca-FRA
bootstrap.min.44f4ed00052aeaf66307fd409db0d101.css
bloximages.chicago2.vip.townnews.com/thetandd.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/ 		107 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thetandd.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/bootstrap.min.44f4ed00052aeaf66307fd409db0d101.css
Requested by
Host: thetandd.com
URL: https://thetandd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d584af3d0a8ad98207995400856e5e8c608551e080e252ed413e82c19ffd04f
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:45:58 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
50615
last-modified
Fri, 23 Oct 2020 13:08:03 GMT
cf-request-id
096824f6d200002325a18ac000000001
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
W/"5f92d5b3-1ab8e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
63ed3dd14f972325-ZRH
expires
Fri, 05 Nov 2021 05:16:47 GMT
layout.78b0163131a0eb95aef899d56f817c34.css
bloximages.chicago2.vip.townnews.com/thetandd.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/ 		130 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thetandd.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/layout.78b0163131a0eb95aef899d56f817c34.css
Requested by
Host: thetandd.com
URL: https://thetandd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae782b53efa1b7d46d0e4563053479064f75accccc10bf1df20955a79b5686fb
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:45:58 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
50615
last-modified
Wed, 24 Mar 2021 18:04:05 GMT
cf-request-id
096824f6d600002325be26a000000001
x-robots-tag
noarchive
x-vcache
HIT
server
cloudflare
etag
W/"605b7f15-209cf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
63ed3dd15fac2325-ZRH
expires
Wed, 30 Mar 2022 19:01:19 GMT
lee.ds.css
bloximages.chicago2.vip.townnews.com/thetandd.com/content/tncms/live/libraries/flex/components/lee_ds_v2/resources/styles/ 		63 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thetandd.com/content/tncms/live/libraries/flex/components/lee_ds_v2/resources/styles/lee.ds.css?_dc=1617778982
Requested by
Host: thetandd.com
URL: https://thetandd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d6bc5ccc0d04e6ccfbecd2bd5775b3604995e5196b4e08c179d0885e7e94925
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:45:58 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
50615
last-modified
Wed, 07 Apr 2021 07:03:02 GMT
cf-request-id
096824f6d300002325c5952000000001
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
W/"606d5926-fc8d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
63ed3dd15fa82325-ZRH
expires
Thu, 07 Apr 2022 07:08:31 GMT
flex-notification-controls.e115619c5ab5d4eb38fbd29cc0d2ea9b.css
bloximages.chicago2.vip.townnews.com/thetandd.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thetandd.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/flex-notification-controls.e115619c5ab5d4eb38fbd29cc0d2ea9b.css
Requested by
Host: thetandd.com
URL: https://thetandd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ef0cb2e94b5b79911d8647651823f8c4a39b0f1192bf85b2caa9ce9db3fd7e1
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:45:58 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
50615
last-modified
Fri, 23 Oct 2020 13:10:04 GMT
cf-request-id
096824f6d8000023259f209000000001
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
W/"5f92d62c-189c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
63ed3dd14fa32325-ZRH
expires
Fri, 05 Nov 2021 04:55:47 GMT
owl.carousel.d631cca58a0d014854c4a6c1815f1da3.css
bloximages.chicago2.vip.townnews.com/thetandd.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/styles/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thetandd.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/styles/owl.carousel.d631cca58a0d014854c4a6c1815f1da3.css
Requested by
Host: thetandd.com
URL: https://thetandd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f43f4ee69c1e53622d634119250c9ecc2b189983c3e9dcf6bca4c59523b2b4e
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:45:58 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
cf-ray
63ed3dd15fbd2325-ZRH
last-modified
Thu, 05 Nov 2020 18:41:24 GMT
cf-request-id
096824f6da00002325c8bc4000000001
x-vcache
MISS
server
cloudflare
etag
W/"5fa44754-12b0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
expires
Sat, 06 Nov 2021 09:52:18 GMT
cc.js
tags.crwdcntrl.net/c/6894/ 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/c/6894/cc.js?ns=_cc6894
Requested by
Host: thetandd.com
URL: https://thetandd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.155.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-79.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5a2f10e09cd6e81eb686dbca9e6056ed485e87d3869bac347455547c294cb036

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 12 Apr 2021 14:11:21 GMT
content-encoding
gzip
last-modified
Tue, 15 Dec 2020 16:50:47 GMT
server
AmazonS3
age
2077
etag
W/"8cd042d9f203fe2e01747c7444f95498"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
via
1.1 d47fba004c254adb4e354d0cef499808.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
QtSiR6aGT2PAtkhcjEbFSxJZ2pV9wH2J_jieVeNqFKDJA0TWkRlivw==
user-controls.578df3df79d812af55ab13bae47f9857.js
bloximages.chicago2.vip.townnews.com/thetandd.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/ 		517 B
439 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thetandd.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/user-controls.578df3df79d812af55ab13bae47f9857.js
Requested by
Host: thetandd.com
URL: https://thetandd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f402b2d75ac54e1c369d34b97efcedb68aa084b039ab91b85ad70ea53ebb5a3a
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:45:58 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
50615
last-modified
Mon, 16 Nov 2020 16:04:41 GMT
cf-request-id
096824f82d00002325b11f9000000001
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
W/"5fb2a319-205"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
63ed3dd37d6d2325-ZRH
expires
Sat, 20 Nov 2021 08:35:49 GMT
owl.carousel.66c591eb93f177b0f59892f361c3b1b4.js
bloximages.chicago2.vip.townnews.com/thetandd.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 		40 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thetandd.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/owl.carousel.66c591eb93f177b0f59892f361c3b1b4.js
Requested by
Host: thetandd.com
URL: https://thetandd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
372942d78c26534b977fdcd8ab0969e899bd5b12482acb12f6062547bbed6afe
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:45:59 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
cf-ray
63ed3dd37d6f2325-ZRH
last-modified
Fri, 23 Oct 2020 13:08:45 GMT
cf-request-id
096824f83000002325c60ed000000001
x-vcache
MISS
server
cloudflare
etag
W/"5f92d5dd-9fc4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
expires
Wed, 03 Nov 2021 08:35:11 GMT
tnt.notify.6e1ca8839e8a715fdecb1c734223823a.js
bloximages.chicago2.vip.townnews.com/thetandd.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thetandd.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.notify.6e1ca8839e8a715fdecb1c734223823a.js
Requested by
Host: thetandd.com
URL: https://thetandd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bb4ce8dea8b26080f3627d5b398b131b8f59a280ec18f07e959b9c7583e061a
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:45:58 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
50615
last-modified
Mon, 16 Nov 2020 16:04:38 GMT
cf-request-id
096824f82e00002325da343000000001
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
W/"5fb2a316-de1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
63ed3dd37d742325-ZRH
expires
Sat, 20 Nov 2021 08:44:00 GMT
tnt.notify.panel.1c7debce90f6bd1a3d679d0176d3712a.js
bloximages.chicago2.vip.townnews.com/thetandd.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thetandd.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.notify.panel.1c7debce90f6bd1a3d679d0176d3712a.js
Requested by
Host: thetandd.com
URL: https://thetandd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c4c258f6e24e9861dd7cc3ae5d823e0c09a243f9e671cabbfed9b2be2825085
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:45:58 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
50615
last-modified
Fri, 23 Oct 2020 13:08:15 GMT
cf-request-id
096824f82e00002325d6845000000001
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
W/"5f92d5bf-19fb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
63ed3dd37d782325-ZRH
expires
Fri, 05 Nov 2021 05:59:13 GMT
firebase-app.js
www.gstatic.com/firebasejs/6.6.2/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/6.6.2/firebase-app.js
Requested by
Host: thetandd.com
URL: https://thetandd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b10a075758097bb0578287af03c76a9fcd82fa4607587109ae41fe2d24756600
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 13:22:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 19 Sep 2019 21:11:52 GMT
server
sffe
age
5037
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3945
x-xss-protection
0
expires
Tue, 12 Apr 2022 13:22:01 GMT
firebase-messaging.js
www.gstatic.com/firebasejs/6.6.2/ 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/6.6.2/firebase-messaging.js
Requested by
Host: thetandd.com
URL: https://thetandd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5e55a21dfa3a20ceb298737c8f4c517a83d7960468c7f53b3f33c567bacff3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 12:38:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 19 Sep 2019 21:11:54 GMT
server
sffe
age
353224
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8653
x-xss-protection
0
expires
Fri, 08 Apr 2022 12:38:54 GMT
messaging.js
thetandd.com/shared-content/art/tncms/api/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thetandd.com/shared-content/art/tncms/api/messaging.js
Requested by
Host: thetandd.com
URL: https://thetandd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.chicago2.vip.townnews.com
Software
/
Resource Hash
fe5d23d415187d71dfa026db8852418f98513ef7f7a1c3e1321bc95d6d6a0f5f

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:43:30 GMT
content-encoding
gzip
last-modified
Fri, 26 Feb 2021 20:52:35 GMT
age
148
etag
W/"60395f93-11aa"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=600
x-vcache
HIT
accept-ranges
bytes
content-length
1259
service-worker-allowed
/
tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js
bloximages.chicago2.vip.townnews.com/thetandd.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/ 		198 B
289 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thetandd.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js
Requested by
Host: thetandd.com
URL: https://thetandd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8416f8febc369c76d3fc82e78d0c49c84bf1dd1904b73cee557fccdbbb5b9005
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:45:58 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
50615
last-modified
Thu, 05 Nov 2020 18:41:10 GMT
cf-request-id
096824f6e700002325a908a000000001
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
W/"5fa44746-c6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
63ed3dd1680d2325-ZRH
expires
Sat, 06 Nov 2021 08:30:23 GMT
tracking.js
thetandd.com/shared-content/art/tncms/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thetandd.com/shared-content/art/tncms/tracking.js
Requested by
Host: thetandd.com
URL: https://thetandd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.chicago2.vip.townnews.com
Software
/
Resource Hash
f95fe1c0376aa720a01267e70fb42a259d610fa9fa66f78e7fc629f9bd835c43

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:42:43 GMT
content-encoding
gzip
last-modified
Fri, 26 Feb 2021 20:52:35 GMT
age
195
etag
W/"60395f93-a4c"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=600
x-vcache
HIT
accept-ranges
bytes
content-length
1150
service-worker-allowed
/
otCCPAiab.js
cdn.cookielaw.org/opt-out/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/opt-out/otCCPAiab.js
Requested by
Host: thetandd.com
URL: https://thetandd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f11f2d65d3a1594a57625e5a9457a1beb87c6a0399172cab062d50263ae388b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 12 Apr 2021 14:45:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
YyyuJSQqC/IlFtjhtrYhpg==
age
5972
vary
Accept-Encoding
cf-request-id
096824f7ba00004dcad2bde000000001
x-ms-lease-status
unlocked
last-modified
Wed, 03 Mar 2021 08:12:01 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
43f20523-e01e-007e-7e06-104729000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
63ed3dd2b9954dca-FRA
fontawesome.edd147e4c2830f416874012247117438.js
bloximages.chicago2.vip.townnews.com/thetandd.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 		252 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thetandd.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/fontawesome.edd147e4c2830f416874012247117438.js
Requested by
Host: thetandd.com
URL: https://thetandd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffa8814637fab7a454e06a6403a650615c04044d4f881b04ffdfcdc1395d98da
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:45:58 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
50615
last-modified
Thu, 05 Nov 2020 18:40:11 GMT
cf-request-id
096824f82e00002325bf0dc000000001
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
W/"5fa4470b-3f1a7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
63ed3dd37d7c2325-ZRH
expires
Sat, 06 Nov 2021 06:21:01 GMT
tracker.js
thetandd.com/shared-content/art/stats/common/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thetandd.com/shared-content/art/stats/common/tracker.js
Requested by
Host: thetandd.com
URL: https://thetandd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.chicago2.vip.townnews.com
Software
/
Resource Hash
94afb4609cd5d95128057b67ee0ef36f867bacc074b6e116d874ed8b0852b73f

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:42:43 GMT
content-encoding
gzip
last-modified
Thu, 03 Dec 2020 17:41:07 GMT
age
195
etag
W/"5fc92333-2242"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=600
x-vcache
HIT
accept-ranges
bytes
content-length
3240
service-worker-allowed
/
thetandd.com.png
bloximages.chicago2.vip.townnews.com/central.leetemplates.com/content/tncms/live/global/resources/images/logos/ds/400/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/central.leetemplates.com/content/tncms/live/global/resources/images/logos/ds/400/thetandd.com.png?_dc=Apr.Mon.2021
Requested by
Host: thetandd.com
URL: https://thetandd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01d21f3da0ac7ca1f1bd53bbf18b0a0eb36937eb79c30d7fe73ef6a7d02d4843
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:45:58 GMT
cf-cache-status
HIT
age
21479
last-modified
Wed, 25 Sep 2019 23:11:20 GMT
strict-transport-security
max-age=604800
content-length
9380
cf-request-id
096824f82f000023258e060000000001
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"5d8bf418-24a4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
63ed3dd37d7e2325-ZRH
expires
Tue, 12 Apr 2022 04:00:30 GMT
9494352c-486e-11ea-b290-535df76c9f6c.png
bloximages.chicago2.vip.townnews.com/thetandd.com/content/tncms/custom/image/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/thetandd.com/content/tncms/custom/image/9494352c-486e-11ea-b290-535df76c9f6c.png
Requested by
Host: thetandd.com
URL: https://thetandd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8395ed637e3472787ed6661f11ad576d67676410e7fcc7cd92093ee650406ce8
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:45:58 GMT
cf-cache-status
HIT
age
50615
last-modified
Wed, 05 Feb 2020 23:23:56 GMT
strict-transport-security
max-age=604800
content-length
1427
cf-request-id
096824f83200002325be28e000000001
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"5e3b4e8c-593"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
63ed3dd37d812325-ZRH
expires
Sat, 20 Nov 2021 08:44:00 GMT
8bccf726-486e-11ea-b290-23ca3e88d14b.png
bloximages.chicago2.vip.townnews.com/thetandd.com/content/tncms/custom/image/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/thetandd.com/content/tncms/custom/image/8bccf726-486e-11ea-b290-23ca3e88d14b.png?resize=640%2C56
Requested by
Host: thetandd.com
URL: https://thetandd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bebee8ef2df3352f845aa1d99046f71c4859eb991d3244c9f609b9294051377
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:45:59 GMT
vary
Accept-Encoding
cf-cache-status
HIT
last-modified
Wed, 05 Feb 2020 23:23:41 GMT
content-length
4965
cf-request-id
096824f83100002325c4264000000001
x-robots-tag
noarchive
x-vcache
HIT
server
cloudflare
etag
"ac61e9a960f900bcfcf853a306b342bb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
63ed3dd37d822325-ZRH
expires
Wed, 02 Feb 2022 20:05:18 GMT
/
protesidenext.com/metric/ 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protesidenext.com/metric/?mid=&wid=52131&sid=&tid=6270&rid=LOADED&custom1=leemun-tcmsv3.mun.leeent.net&custom2=%2Forangeburg2.local%2Ftncms%2Fadmin%2Faction%2Feditorial-as&t=1569869820753
Requested by
Host: thetandd.com
URL: https://thetandd.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
5.149.248.141 , Netherlands, ASN59711 (HZ-EU-AS, BG),
Reverse DNS
oily-ancre.tastesthyme.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Apr 2021 14:45:58 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
/
protesidenext.com/metric/ 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protesidenext.com/metric/?mid=&wid=52131&sid=&tid=6270&rid=BEFORE_OPTOUT_REQ&t=1569869820753
Requested by
Host: thetandd.com
URL: https://thetandd.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
5.149.248.141 , Netherlands, ASN59711 (HZ-EU-AS, BG),
Reverse DNS
oily-ancre.tastesthyme.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Apr 2021 14:45:58 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
/
protesidenext.com/metric/ 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protesidenext.com/metric/?mid=&wid=52131&sid=&tid=6270&rid=FINISHED&custom1=leemun-tcmsv3.mun.leeent.net&t=1569869820755
Requested by
Host: thetandd.com
URL: https://thetandd.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
5.149.248.141 , Netherlands, ASN59711 (HZ-EU-AS, BG),
Reverse DNS
oily-ancre.tastesthyme.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Apr 2021 14:45:58 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
ac4422cc-486e-11ea-b290-3788d082f265.png
bloximages.chicago2.vip.townnews.com/thetandd.com/content/tncms/custom/image/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/thetandd.com/content/tncms/custom/image/ac4422cc-486e-11ea-b290-3788d082f265.png?resize=400%2C35
Requested by
Host: thetandd.com
URL: https://thetandd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
833b26c34d305011a00b49abb4dcae648a84beae817cc24b0e53e904bb6726b0
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:45:59 GMT
vary
Accept-Encoding
cf-cache-status
HIT
last-modified
Wed, 05 Feb 2020 23:24:36 GMT
content-length
3157
cf-request-id
096824f82f000023258fb2b000000001
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"ea28ead6d390a39ed444608d82193c3d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
63ed3dd37d872325-ZRH
expires
Sat, 20 Nov 2021 08:43:28 GMT
op.js
tagan.adlightning.com/leeenterprises/ 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/leeenterprises/op.js
Requested by
Host: thetandd.com
URL: https://thetandd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.58.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ef2310d57fb0b5d975ad4979ac418f3df99306637f41fb9e345fad68673932ec

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Rp9YXxd.c1CgcU3tFJFw190.akx33Mle
content-encoding
gzip
etag
"e2f0555c6861b1c08c55f2848e698f17"
age
2911
x-cache
Hit from cloudfront
content-length
14244
x-amz-meta-git_commit
49c6f47
last-modified
Sun, 11 Apr 2021 17:36:52 GMT
server
AmazonS3
date
Mon, 12 Apr 2021 13:58:05 GMT
content-type
application/javascript
via
1.1 d947c3ab534102b2c9a7f0a4541d2ed9.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
x-amz-cf-id
PnTVgmApIMtWJZu_3gF6FSI_d37xkbEWuD8cjlXRIiTCoqkPy0Y8tw==
dfp.lazy.min.js
bloximages.chicago2.vip.townnews.com/thetandd.com/content/tncms/live/libraries/flex/components/ads_dfp/resources/scripts/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thetandd.com/content/tncms/live/libraries/flex/components/ads_dfp/resources/scripts/dfp.lazy.min.js?_dc=1617778982
Requested by
Host: thetandd.com
URL: https://thetandd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c79456b94ef17205d2e7ce09158c3c97e909feb47209e69b0590d7951759849c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:45:58 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
50615
last-modified
Wed, 07 Apr 2021 07:03:02 GMT
cf-request-id
096824f79900002325c6b9d000000001
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
W/"606d5926-1292"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
63ed3dd28acc2325-ZRH
expires
Thu, 07 Apr 2022 07:08:35 GMT
gtm.js
www.googletagmanager.com/ 		154 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N
Requested by
Host: thetandd.com
URL: https://thetandd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9b0ae23912164907794863c08ca63f1cbcb091dbf396062e34ac11a883fdf7b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:45:58 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51773
x-xss-protection
0
last-modified
Mon, 12 Apr 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 12 Apr 2021 14:45:58 GMT
loader.js
contributor.google.com/scripts/b765fd5c002b8ec/ 		105 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contributor.google.com/scripts/b765fd5c002b8ec/loader.js
Requested by
Host: thetandd.com
URL: https://thetandd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4d3e2297ba547a0ed111d7fb3ec14f189d47d3f565c68a089b6492357d811da5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-6PIl3biUrx12XhEIe8dF0A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorTargetingHttp/cspreport;worker-src 'self', script-src 'nonce-6PIl3biUrx12XhEIe8dF0A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorTargetingHttp/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:45:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private, max-age=86400
content-security-policy
script-src 'report-sample' 'nonce-6PIl3biUrx12XhEIe8dF0A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorTargetingHttp/cspreport;worker-src 'self', script-src 'nonce-6PIl3biUrx12XhEIe8dF0A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorTargetingHttp/cspreport
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Mon, 12 Apr 2021 14:45:59 GMT
AGSKWxWx7yQUhe008vdbx7qOwWhCKmR-osSuFC3DDyvCm_K_nNMTjE2EGmV28JFHdjHcINdbHwRu0oRU4n5mb0jEyQ==
fundingchoicesmessages.google.com/f/ 		83 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWx7yQUhe008vdbx7qOwWhCKmR-osSuFC3DDyvCm_K_nNMTjE2EGmV28JFHdjHcINdbHwRu0oRU4n5mb0jEyQ==
Requested by
Host: thetandd.com
URL: https://thetandd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0381d5fc285c2750f0de064e454da03e26e0cbb5595423394f7eaab2b916bb68
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-uYhhsvAYdGAAwflh539CVQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-uYhhsvAYdGAAwflh539CVQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 14:45:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options
SAMEORIGIN
report-to
{"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'report-sample' 'nonce-uYhhsvAYdGAAwflh539CVQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-uYhhsvAYdGAAwflh539CVQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		60 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: thetandd.com
URL: https://thetandd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
sffe /
Resource Hash
e3b71c8eb784f14ca78c3f0e5d765f056b81d93bcef2a8716de1dcf0eb806837
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:45:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"840 / 186 of 1000 / last-modified: 1618225707"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20454
x-xss-protection
0
expires
Mon, 12 Apr 2021 14:45:58 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		119 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: thetandd.com
URL: https://thetandd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.32.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-32-122.ham50.r.cloudfront.net
Software
Server /
Resource Hash
2caa4dce1746cb73f218a783291388a3eb600753578f116b381bdf7ecdfc13e9

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
GYObFiYQFsAPpwZjonnhqGiTvSP1inUf
content-encoding
gzip
server
Server
age
59670
etag
9e0e0829d91a39f75ba9ebfdbaf1f5a9
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 a69bfd4d39a9b992855d914318a2c367.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
date
Sun, 11 Apr 2021 22:11:28 GMT
x-amz-cf-pop
HAM50-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
g7yFonyMPR8oVzOIdT9mcZ7S8bo-0f8AkvAgIkkZBaZZvrUP97_6og==
3a58c872-918a-4ad6-a35d-dcbda42c1778.json
cdn.cookielaw.org/consent/3a58c872-918a-4ad6-a35d-dcbda42c1778/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/3a58c872-918a-4ad6-a35d-dcbda42c1778/3a58c872-918a-4ad6-a35d-dcbda42c1778.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
979d15ae538003193bb2c06d9ac3d9d5ed77760ceccd668d4523eb5a62a89e0f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 12 Apr 2021 14:45:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
+wZti92dsySxwAX6vpJ+GA==
age
3826
vary
Accept-Encoding
content-length
1158
cf-request-id
096824f7c50000dfada609c000000001
x-ms-lease-status
unlocked
last-modified
Thu, 24 Sep 2020 18:46:21 GMT
server
cloudflare
etag
0x8D860BA218D1FE8
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
e2b3173a-e01e-00b9-069d-b53be8000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
63ed3dd2ce34dfad-FRA
tracker.gif
thetandd.com/shared-content/art/stats/common/ 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thetandd.com/shared-content/art/stats/common/tracker.gif?tnms_rs=1600x1200x24&tnms_upage=1&tnms_do=thetandd.com&tnms_uri=/&tnms_ref=&rt=1618238758832
Requested by
Host: thetandd.com
URL: https://thetandd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.chicago2.vip.townnews.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:45:58 GMT
last-modified
Thu, 16 Oct 2008 20:11:25 GMT
age
0
etag
"48f79fed-0"
x-vcache
MISS
content-type
image/gif
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
0
survey
survey.g.doubleclick.net/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://survey.g.doubleclick.net/survey?site=_t7orrvobbhqwfiaws5jy6cfe3m&url=https%3A%2F%2Fthetandd.com%2F&cid=everything&random=1618238758832
Requested by
Host: thetandd.com
URL: https://thetandd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
cada4c310ba69f80769bdeb2e3422dae0667f2fbd174e359357ec3539dc60027
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 14:45:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, no-cache, must-revalidate, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
vary
*
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
dnsfeed
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 		162 B
519 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/dnsfeed
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfeb7783a538aaf85df056bf149c808937dccdb3e3af5714d6fba017054e2f94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:45:58 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
63ed3dd31e8ad711-FRA
cf-request-id
096824f7ee0000d71118bd6000000001
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		164 B
250 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b94f9074fc2ef1b63132fc70fe244cc5d5322e5982a80b6273a45a935ae335f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:45:59 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
63ed3dd31e8dd711-FRA
cf-request-id
096824f7ef0000d711fc89b000000001
prompt_embed_static.js
survey.g.doubleclick.net/insights/consumersurveys/static/434302629109546164/ 		391 KB
391 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://survey.g.doubleclick.net/insights/consumersurveys/static/434302629109546164/prompt_embed_static.js
Requested by
Host: survey.g.doubleclick.net
URL: https://survey.g.doubleclick.net/survey?site=_t7orrvobbhqwfiaws5jy6cfe3m&url=https%3A%2F%2Fthetandd.com%2F&cid=everything&random=1618238758832
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
d92c8a0b4ceb376dbf74b59d3bd82c3dfeced00dcf23f4d2e509af7967b772f2

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Sun, 11 Apr 2021 17:42:37 GMT
last-modified
Thu, 08 Apr 2021 17:14:08 GMT
server
Google Frontend
age
75801
content-type
application/javascript
x-cloud-trace-context
64c475ccccfa68157aa1b45389b70453
cache-control
public, max-age=2592000
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
400143
integrator.sync.js
adservice.google.de/adsid/ 		111 B
803 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.sync.js?domain=thetandd.com
Requested by
Host: survey.g.doubleclick.net
URL: https://survey.g.doubleclick.net/survey?site=_t7orrvobbhqwfiaws5jy6cfe3m&url=https%3A%2F%2Fthetandd.com%2F&cid=everything&random=1618238758832
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
da46bc766028c67f94e34c39ecf0c36513fd5ffffe1e126ce09908ebcd671eb6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Apr 2021 14:45:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 19 Mar 2021 19:22:18 GMT
server
Golfe2
age
6764
date
Mon, 12 Apr 2021 12:53:14 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19463
expires
Mon, 12 Apr 2021 14:53:14 GMT
gtm.js
www.googletagmanager.com/ 		88 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5MTD44X&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b216e7e1a620a48666a253b955521ab77ad64e97291ea2986f0d92ded0c557b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:45:58 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33001
x-xss-protection
0
last-modified
Mon, 12 Apr 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 12 Apr 2021 14:45:58 GMT
AGSKWxXef4f1ObFVhsO4OBnpbTX6XSexCNq_NdQjWD5tiNpKldO8lRLz17VQWIg35aRp7b9cqdTOaNfdLdczHKr_EQ==
fundingchoicesmessages.google.com/l/ 		0
829 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/l/AGSKWxXef4f1ObFVhsO4OBnpbTX6XSexCNq_NdQjWD5tiNpKldO8lRLz17VQWIg35aRp7b9cqdTOaNfdLdczHKr_EQ==?pvid=90C81C80-5A5D-4C04-9915-55930FED53A3&anonid=81B7ED04-D5E9-4214-890A-5D1E8A896BEB
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.en_US.YUjkjesoJec.es5.O/d=1/ct=zgms/rs=AJlcJMxjDkCu6KolvhcrdnEDiAADzy6X-Q/m=loader_js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-mnGIQcyTRgf7gu31AKDi5A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-mnGIQcyTRgf7gu31AKDi5A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Apr 2021 14:45:59 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://thetandd.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-mnGIQcyTRgf7gu31AKDi5A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-mnGIQcyTRgf7gu31AKDi5A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXqOIGFXzSixjGDS-WzIsIc4U1hFFR5a0NClrEjeN7xwdRtA7mAP04eUsWTZVgLHOGUfCL8rodbVlMbW7BDkQ==
fundingchoicesmessages.google.com/f/ 		78 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXqOIGFXzSixjGDS-WzIsIc4U1hFFR5a0NClrEjeN7xwdRtA7mAP04eUsWTZVgLHOGUfCL8rodbVlMbW7BDkQ==?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCwyLFsxNjE4MjM4NzU5LDU5MDAwMDAwXSwiOTBDODFDODAtNUE1RC00QzA0LTk5MTUtNTU5MzBGRUQ1M0EzIiwiODFCN0VEMDQtRDVFOS00MjE0LTg5MEEtNUQxRThBODk2QkVCIixudWxsLFtudWxsLFs3XV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.en_US.YUjkjesoJec.es5.O/d=1/ct=zgms/rs=AJlcJMxjDkCu6KolvhcrdnEDiAADzy6X-Q/m=loader_js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ceb064fe37f9622441fdeafeb3e5834c5e92695293edd14b661fc36b4f8046be
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-X7QUcchenrS6PAiY9OOyuQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-X7QUcchenrS6PAiY9OOyuQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 14:45:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options
SAMEORIGIN
report-to
{"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'report-sample' 'nonce-X7QUcchenrS6PAiY9OOyuQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-X7QUcchenrS6PAiY9OOyuQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
ec.js
www.google-analytics.com/plugins/ua/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 13:59:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
2797
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1306
x-xss-protection
0
expires
Mon, 12 Apr 2021 14:59:22 GMT
publisher:getClientId
ampcid.google.com/v1/ 		74 B
533 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Apr 2021 14:45:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://thetandd.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
94
x-xss-protection
0
pubads_impl_2021040802.js
securepubads.g.doubleclick.net/gpt/ 		294 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040802.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
sffe /
Resource Hash
bc542b1a6b82e2ec539fae662e4d5cad3bd8db4f0a2f1d7a28477da16b6c3973
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:45:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 18:01:15 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
105846
x-xss-protection
0
expires
Mon, 12 Apr 2021 14:45:59 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.32.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-32-122.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 11 Apr 2021 19:17:20 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
age
70120
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 07 Apr 2021 05:49:36 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
eEYYOb32LZFr6yGAi8hXG4401uAIPew2
via
1.1 445645406967c3b88124f0bfd26a1030.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
HAM50-C1
content-type
application/javascript
x-amz-cf-id
7iFFsAmE5Ql-s7D1y_7vkp_d7OWodncw7AogAyiU_XL3rutpFLtjnA==
prompt
survey.g.doubleclick.net/gk/ 		0
281 B 		Script
General
Check archive.org
Download Go to
Full URL
https://survey.g.doubleclick.net/gk/prompt?site=_t7orrvobbhqwfiaws5jy6cfe3m&t=1&url=https%3A%2F%2Fthetandd.com%2F&cid=everything&random=1618238758890&ref=&token=
Requested by
Host: survey.g.doubleclick.net
URL: https://survey.g.doubleclick.net/survey?site=_t7orrvobbhqwfiaws5jy6cfe3m&url=https%3A%2F%2Fthetandd.com%2F&cid=everything&random=1618238758832
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

x-why
UserPrivacyInfo does not meet requirements to be served (LAT and/or OPT_OUT modifier).
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 12 Apr 2021 14:45:59 GMT
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23
x-xss-protection
0
checksub
contributor.google.com/scripts/b765fd5c002b8ec:D:5a4b70a99c19382b/ 		392 B
817 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://contributor.google.com/scripts/b765fd5c002b8ec:D:5a4b70a99c19382b/checksub
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorTargetingClientJs.en_US.DQDRKonwTrw.es5.O/d=1/ct=zgms/rs=AJlcJMwWbvLfFGq7mqBjMjhYS-jHiHpqhQ/m=contributor
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c09a7c9c1fd039e9fa1d8e0f5055a93da6c7cfac52d90f7bd29753bcd1a08308
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-UH38Po8d+aoWbYwoga+MUQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorTargetingHttp/cspreport;worker-src 'self', script-src 'nonce-UH38Po8d+aoWbYwoga+MUQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorTargetingHttp/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:45:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
x-frame-options
SAMEORIGIN
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://thetandd.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-UH38Po8d+aoWbYwoga+MUQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorTargetingHttp/cspreport;worker-src 'self', script-src 'nonce-UH38Po8d+aoWbYwoga+MUQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorTargetingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
publisher:getClientId
ampcid.google.de/v1/ 		3 B
251 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Apr 2021 14:45:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://thetandd.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
23
x-xss-protection
0
js
www.googletagmanager.com/gtag/ 		128 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-NFTGWT90ER&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MTD44X&l=dataLayer
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
614abd80fb95da33431e2745c37c75afc24fbd9cda048d740e2fa068fa3096f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:45:59 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50484
x-xss-protection
0
expires
Mon, 12 Apr 2021 14:45:59 GMT
gtm.js
www.googletagmanager.com/ 		345 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TDWDC2
Requested by
Host: thetandd.com
URL: https://thetandd.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a45e919dbddfcebb90632a86e640e4e9f6abc4c5c4bcb52fee3eea499d59d957
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:45:59 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
79886
x-xss-protection
0
last-modified
Mon, 12 Apr 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 12 Apr 2021 14:45:59 GMT
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.6.0/ 		338 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.6.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fefa6bc00a2fca4d3ca705862d42dfdbb8f69124b2f0cc0896d3c7c2c05890a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 12 Apr 2021 14:45:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Xs4BplpA7QV+zkRYpo3+wA==
age
4775868
vary
Accept-Encoding
content-length
73082
cf-request-id
096824f90900004dca3d33a000000001
x-ms-lease-status
unlocked
last-modified
Thu, 10 Sep 2020 01:36:33 GMT
server
cloudflare
etag
0x8D85529F2EBAD26
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
75e8843e-f01e-00e2-2e3a-043c94000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=691200
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
63ed3dd4df484dca-FRA
expires
Tue, 20 Apr 2021 14:45:59 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
440 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-54716522-7&cid=1276900474.1618238759&jid=145673615&gjid=535630084&_gid=1396226216.1618238759&_u=aGBAgUALAAQCAE~&z=1511050138
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 12 Apr 2021 14:45:59 GMT
content-type
text/plain
access-control-allow-origin
https://thetandd.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j89&aip=1&a=381422355&t=pageview&_s=1&dl=https%3A%2F%2Fthetandd.com%2F&ul=en-us&de=UTF-8&dt=First%20In%20Local%20News%2C%20Sports%20%26%20Weather%20%7C%20Your%20First.%20Best.%20source%20for%20news&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgUALAAQC~&jid=145673615&gjid=535630084&cid=1276900474.1618238759&tid=UA-54716522-7&_gid=1396226216.1618238759&gtm=2wg3v0PDQV3N&cd2=editorial&cd3=flex&cd4=flex-editorial&cd5=no&cd6=Large%3A%20Desktop%20computers.&cd8=200&cd9=No&cd10=No&cd12=No&cd13=https%3A%2F%2Fthetandd.com%2F&cd16=No&cd17=Page%20View&cm1=773&z=2031792684
Requested by
Host: thetandd.com
URL: https://thetandd.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 10:03:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
16941
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
truncated
/ 		73 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bc40838a707dba656095bdce002939c726b0fe7de618b613ff3a29a39aef0938

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		75 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e31c42447e764b1195ff393437950867800ce2465dd3724c95640f4f5b34487c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
serif-ds.woff2
bloximages.chicago2.vip.townnews.com/thetandd.com/content/tncms/live/libraries/flex/components/lee_ds_v2/resources/images/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thetandd.com/content/tncms/live/libraries/flex/components/lee_ds_v2/resources/images/serif-ds.woff2
Requested by
Host: bloximages.chicago2.vip.townnews.com
URL: https://bloximages.chicago2.vip.townnews.com/thetandd.com/content/tncms/live/libraries/flex/components/lee_ds_v2/resources/styles/lee.ds.css?_dc=1617778982
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f98e8196d88bff2a006872a05d79c2d695f6dda36e0aecdd0ace020207809f40
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Origin
https://thetandd.com
Referer
https://bloximages.chicago2.vip.townnews.com/thetandd.com/content/tncms/live/libraries/flex/components/lee_ds_v2/resources/styles/lee.ds.css?_dc=1617778982
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:45:59 GMT
cf-cache-status
HIT
age
50615
last-modified
Mon, 02 Nov 2020 19:43:11 GMT
strict-transport-security
max-age=604800
content-length
26164
cf-request-id
096824fa550000cc36f0a4a000000001
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"5fa0614f-6634"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
63ed3dd6e953cc36-ZRH
expires
Sat, 06 Nov 2021 10:33:30 GMT
6073aacfa3f44.preview-620.jpg
bloximages.chicago2.vip.townnews.com/thetandd.com/content/tncms/assets/v3/eedition/c/9a/c9a912ee-5253-55d1-935a-8908642d4312/ 		199 KB
199 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/thetandd.com/content/tncms/assets/v3/eedition/c/9a/c9a912ee-5253-55d1-935a-8908642d4312/6073aacfa3f44.preview-620.jpg?resize=620%2C1296
Requested by
Host: thetandd.com
URL: https://thetandd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc85a850ca2834c97ff32f71e3ee40ac6e695fe0d89d0d4498072b43c7465f84
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:45:59 GMT
vary
Accept-Encoding
cf-cache-status
HIT
last-modified
Mon, 12 Apr 2021 02:05:03 GMT
cf-bgj
h2pri
cf-request-id
096824fafb00002325a385d000000001
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"d5fea63e44d676c043606505617a0a98"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
63ed3dd7ff222325-ZRH
expires
Tue, 12 Apr 2022 04:03:48 GMT
606dd1255e9db.preview.jpg
bloximages.chicago2.vip.townnews.com/thetandd.com/content/tncms/assets/v3/editorial/5/25/525fc67e-10c4-50f5-a115-613b2e4dbe43/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/thetandd.com/content/tncms/assets/v3/editorial/5/25/525fc67e-10c4-50f5-a115-613b2e4dbe43/606dd1255e9db.preview.jpg?crop=1024%2C576%2C0%2C40&resize=150%2C84&order=crop%2Cresize
Requested by
Host: thetandd.com
URL: https://thetandd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4974b8aad56c0ccd033a6c99fa174c69a0e90d82101cd4141227ad98cd25e56
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:45:59 GMT
cf-cache-status
HIT
last-modified
Wed, 07 Apr 2021 15:35:01 GMT
strict-transport-security
max-age=604800
content-length
6855
cf-request-id
096824fafd00002325bf11e000000001
x-robots-tag
noarchive
x-vcache
HIT
server
cloudflare
etag
"0b8b07da18f00a1c5d4f08600bcd8e76"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
expires
Sun, 10 Apr 2022 17:36:08 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
63ed3dd7ff232325-ZRH
cf-bgj
h2pri
6042aa40e18de.preview.jpg
bloximages.chicago2.vip.townnews.com/thetandd.com/content/tncms/assets/v3/editorial/3/5b/35be62e0-7dfe-11eb-8787-478d890612a9/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/thetandd.com/content/tncms/assets/v3/editorial/3/5b/35be62e0-7dfe-11eb-8787-478d890612a9/6042aa40e18de.preview.jpg?crop=176%2C99%2C0%2C0&resize=150%2C84&order=crop%2Cresize
Requested by
Host: thetandd.com
URL: https://thetandd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d78c5129bfc297d770232083790b2badd5b043f88a8cc1df0fe08951c050841
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:45:59 GMT
cf-cache-status
HIT
last-modified
Fri, 05 Mar 2021 22:01:36 GMT
strict-transport-security
max-age=604800
content-length
4820
cf-request-id
096824fafb00002325c6be3000000001
x-robots-tag
noarchive
x-vcache
HIT
server
cloudflare
etag
"6ba6924d58b0252199dd89db485661da"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
expires
Sat, 05 Mar 2022 22:12:53 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
63ed3dd7ff252325-ZRH
cf-bgj
h2pri
6062c570ee0d8.image.png
bloximages.chicago2.vip.townnews.com/thetandd.com/content/tncms/assets/v3/editorial/5/d2/5d2b2309-39ff-5243-bdcd-2d5001d5698a/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/thetandd.com/content/tncms/assets/v3/editorial/5/d2/5d2b2309-39ff-5243-bdcd-2d5001d5698a/6062c570ee0d8.image.png?crop=1116%2C628%2C41%2C0&resize=150%2C84&order=crop%2Cresize
Requested by
Host: thetandd.com
URL: https://thetandd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb3e3a7c7a185a0784f0e831948e3ee4f62643c684398e1606c1b4e805c6d69a
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:45:59 GMT
vary
Accept-Encoding
cf-cache-status
HIT
cf-ray
63ed3dd7ff262325-ZRH
last-modified
Tue, 30 Mar 2021 06:30:09 GMT
cf-request-id
096824fafb00002325dc868000000001
x-vcache
MISS
server
cloudflare
etag
"b1163b94de708e4da427910fe6c70f97"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
expires
Wed, 30 Mar 2022 06:43:36 GMT
605380ed0529e.preview.png
bloximages.chicago2.vip.townnews.com/thetandd.com/content/tncms/assets/v3/editorial/2/a4/2a443e02-3373-5387-b39d-dcb3c000b455/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/thetandd.com/content/tncms/assets/v3/editorial/2/a4/2a443e02-3373-5387-b39d-dcb3c000b455/605380ed0529e.preview.png?resize=150%2C84
Requested by
Host: thetandd.com
URL: https://thetandd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31df40fb5c434b6b1800863907d810445058480440381cb09dc0689abb96071b
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:46:00 GMT
vary
Accept-Encoding
cf-cache-status
HIT
cf-ray
63ed3dd7ff272325-ZRH
last-modified
Thu, 18 Mar 2021 16:33:49 GMT
cf-request-id
096824fafb00002325b3119000000001
x-vcache
MISS
server
cloudflare
etag
"5729a4a69bbb6b018c509ecf6c4bef66"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
expires
Tue, 29 Mar 2022 11:28:05 GMT
6070a127e7aa6.image.jpg
bloximages.chicago2.vip.townnews.com/thetandd.com/content/tncms/assets/v3/editorial/2/8f/28f185e4-a61c-50cb-839a-3121abee7c6e/ 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/thetandd.com/content/tncms/assets/v3/editorial/2/8f/28f185e4-a61c-50cb-839a-3121abee7c6e/6070a127e7aa6.image.jpg?crop=1552%2C873%2C0%2C231&resize=750%2C422&order=crop%2Cresize
Requested by
Host: thetandd.com
URL: https://thetandd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc052506da8c4b92deff53733b1d7e388a0332dab4ed083c9b1543356dceb623
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:45:59 GMT
vary
Accept-Encoding
cf-cache-status
HIT
last-modified
Fri, 09 Apr 2021 18:47:04 GMT
cf-bgj
h2pri
cf-request-id
096824fafc00002325b88e7000000001
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"9bcdc16a22e10180b2806546f3d8f51d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
63ed3dd7ff292325-ZRH
expires
Mon, 11 Apr 2022 20:08:12 GMT
5f11a8ca810e8.image.jpg
bloximages.chicago2.vip.townnews.com/thetandd.com/content/tncms/assets/v3/editorial/7/e8/7e87c815-3c29-5327-86b7-895dc581176f/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/thetandd.com/content/tncms/assets/v3/editorial/7/e8/7e87c815-3c29-5327-86b7-895dc581176f/5f11a8ca810e8.image.jpg?crop=1152%2C648%2C0%2C60&resize=225%2C127&order=crop%2Cresize
Requested by
Host: thetandd.com
URL: https://thetandd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e101363edc366bfe0de28664c8e9323a340a49d8c3669d91ca59575edf1c5fa
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:45:59 GMT
cf-cache-status
HIT
last-modified
Fri, 17 Jul 2020 13:34:02 GMT
strict-transport-security
max-age=604800
content-length
6303
cf-request-id
096824fafc00002325d688f000000001
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"2fa6e98102d582fadfc886d99c6ebcbc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
expires
Wed, 30 Mar 2022 18:46:40 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
63ed3dd7ff2a2325-ZRH
cf-bgj
h2pri
606f4c9acbdf1.image.jpg
bloximages.chicago2.vip.townnews.com/thetandd.com/content/tncms/assets/v3/editorial/6/06/60632c26-9b13-5e98-b225-f1cf0f35f06a/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/thetandd.com/content/tncms/assets/v3/editorial/6/06/60632c26-9b13-5e98-b225-f1cf0f35f06a/606f4c9acbdf1.image.jpg?crop=1763%2C992%2C0%2C91&resize=225%2C127&order=crop%2Cresize
Requested by
Host: thetandd.com
URL: https://thetandd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f87de0babb3f2d86e6e0f6aed72720f81a9ad57cc156cfd14e076fcb7df3f2f
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:45:59 GMT
cf-cache-status
HIT
last-modified
Thu, 08 Apr 2021 18:34:02 GMT
strict-transport-security
max-age=604800
content-length
8034
cf-request-id
096824fafc00002325de14a000000001
x-robots-tag
noarchive
x-vcache
HIT
server
cloudflare
etag
"19cdba13f361e64da158bf0000f4e315"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 11 Apr 2022 14:08:26 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
63ed3dd7ff2b2325-ZRH
cf-bgj
h2pri
en.json
cdn.cookielaw.org/consent/3a58c872-918a-4ad6-a35d-dcbda42c1778/75787057-4552-493b-aa72-b303111d8f91/ 		14 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/3a58c872-918a-4ad6-a35d-dcbda42c1778/75787057-4552-493b-aa72-b303111d8f91/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.6.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f7ab449546fa27ef6f8c99baa13a8946cacda3c0130db05015ccd5176e4ce71
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 12 Apr 2021 14:45:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
6ZpUzrcYrVwLx6xzWcIeHg==
age
1269
vary
Accept-Encoding
content-length
4839
cf-request-id
096824fafc0000dfad738ea000000001
x-ms-lease-status
unlocked
last-modified
Thu, 24 Sep 2020 18:46:25 GMT
server
cloudflare
etag
0x8D860BA23BCEAE8
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
eed1648a-e01e-0018-0a12-06f573000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
63ed3dd7f8f6dfad-FRA
collect
www.google-analytics.com/g/ 		0
119 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-NFTGWT90ER&gtm=2oe3v0&_p=381422355&sr=1600x1200&ul=en-us&cid=1276900474.1618238759&_s=1&dl=https%3A%2F%2Fthetandd.com%2F&dt=First%20In%20Local%20News%2C%20Sports%20%26%20Weather%20%7C%20Your%20First.%20Best.%20source%20for%20news&sid=1618238759&sct=1&seg=0&en=page_view&_fv=1&_ss=1&ep.application=editorial&ep.theme=flex&ep.skin_name=flex-editorial&ep.subscription_required=No&epn.blox_render_time=773&up.logged_in=No
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NFTGWT90ER&l=dataLayer&cx=c
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 14:45:59 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://thetandd.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		128 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-G2BL49024K&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MTD44X&l=dataLayer
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3747e8bc748af689d64eb87ca37cb85a7586fed5250b27628efcb4827a69f2f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:45:59 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50400
x-xss-protection
0
expires
Mon, 12 Apr 2021 14:45:59 GMT
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
938 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 13:59:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
2796
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
expires
Mon, 12 Apr 2021 14:59:23 GMT
sp-gzip-2-17-3.js
storage.googleapis.com/lee-snowplow/static/ 		77 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/lee-snowplow/static/sp-gzip-2-17-3.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDWDC2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
7169b20ff9116852953e326ad3776ac06c0f14a5a21a3e07f3fb8b5c46418a61

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:19:03 GMT
content-encoding
gzip
age
1616
x-guploader-uploadid
ABg5-Uyk68uhecOKvFj9OpEdkqxrBYw4aFv9Azso5RPrYbFR1GTbd9oegbFEoY1Izr7ZHUSTIJr7acqq-vNZpnExTSI
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
4
x-goog-stored-content-encoding
gzip
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26950
x-goog-meta-
last-modified
Thu, 18 Feb 2021 15:16:40 GMT
server
UploadServer
etag
"d3142accd3f370a95f561f0fbfb3114b"
vary
Accept-Encoding
x-goog-hash
crc32c=C/nZJQ==, md5=0xQqzNPzcKlfVh8Pv7MRSw==
x-goog-generation
1613661400000346
cache-control
max-age=31536000
x-goog-stored-content-length
26950
accept-ranges
bytes
content-type
text/javascript
expires
Tue, 12 Apr 2022 14:19:03 GMT
fbevents.js
connect.facebook.net/en_US/ 		91 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: thetandd.com
URL: https://thetandd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
86cc35989be655e6cbe68540cf835dec34388862a948fbd05850100797c32319
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23784
x-fb-rlafr
0
pragma
public
x-fb-debug
2LfCtL5snCSqYWV7boYReTC/VGYdocuLCqPeIvQ+/FVTHXKzqIrTKIds0VyxHcuFvoyMvHmrLYsT9IbTuZbBdQ==
x-fb-trip-id
1512268381
x-frame-options
DENY
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Mon, 12 Apr 2021 14:46:00 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
cross-origin-opener-policy-report-only
same-origin-allow-popups;report-to="coop_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
i99g3gee.js
d81mfvml8p5ml.cloudfront.net/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d81mfvml8p5ml.cloudfront.net/i99g3gee.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDWDC2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:5400:2:36a1:2f40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3c9a2d086d47148ae23b40fb16fa13a5bd578e40aa7ee5acabd1ad9d3c958ecf

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:45:59 GMT
content-encoding
br
last-modified
Thu, 01 Apr 2021 19:24:40 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-C1
etag
W/"d5439e10177501ec79fe34fba97cb263"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 8033f9c6b87a03b2eca7c2db5157e10e.cloudfront.net (CloudFront)
cache-control
max-age=600
x-amz-cf-id
kKlayi9BpsS-PRJRRT9diq2KGKBT3attiqGmI2HPcO1wW_Juj3BtrA==
ml.br.js
js.matheranalytics.com/static/ltm/ma1527/lee/3/
Redirect Chain
  • https://js.matheranalytics.com/s/ma1527/725149337/lee/ml.js?cb=1561
  • https://js.matheranalytics.com/static/ltm/ma1527/lee/3/ml.br.js
139 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.matheranalytics.com/static/ltm/ma1527/lee/3/ml.br.js
Requested by
Host: thetandd.com
URL: https://thetandd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.250.234 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
234.250.178.107.bc.googleusercontent.com
Software
nginx /
Resource Hash
2c77519cfdb3f918d4e3b9f39bd2f296779e6269476bfe2be98d3eaa6cc8b183

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 11 Apr 2021 19:30:36 GMT
content-encoding
br
last-modified
Fri, 12 Feb 2021 02:56:54 GMT
server
nginx
age
69324
etag
"21ae5ab1f3e0505cd90d1798478d0190"
vary
Accept-Encoding
x-cache
HIT Fri, 12 Feb 2021 03:10:04 GMT
content-type
application/x-javascript
via
1.1 google
cache-control
public,max-age=3600
alt-svc
clear
content-length
41322

Redirect headers

date
Mon, 12 Apr 2021 14:45:59 GMT
via
1.1 google
server
nginx
vary
Accept-Encoding
location
https://js.matheranalytics.com/static/ltm/ma1527/lee/3/ml.br.js
cache-control
public, max-age=269200
alt-svc
clear
x-served-by
4-gc-euw1-10921
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: thetandd.com
URL: https://thetandd.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.238.139 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-139.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Apr 2021 14:46:00 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=86400
Connection
keep-alive
Content-Length
884
Expires
Tue, 13 Apr 2021 14:46:00 GMT
a-0197.min.js
b-code.liadm.com/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b-code.liadm.com/a-0197.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDWDC2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::687e:243a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
a788e771899c0a361f0036a49158d6e1ae49b19b8a39d76e7b24ac3cd163a2e3

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:46:00 GMT
content-encoding
gzip
last-modified
Fri, 12 Feb 2021 14:35:08 GMT
etag
"53c96a1ad1e1e9b9ec86e9077b6398ce"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=3546
accept-ranges
bytes
content-length
9831
b-49c6f47-a8e4a288.js
tagan.adlightning.com/leeenterprises/ 		69 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/leeenterprises/b-49c6f47-a8e4a288.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.58.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
147afdb9e2f4d21b2e7914ba0a21bf2bbdf2f47f7c8fd7863f5ee7dfa8f6c1da

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 05 Apr 2021 19:32:00 GMT
content-encoding
gzip
age
587641
x-cache
Hit from cloudfront
content-length
23044
x-amz-meta-git_commit
49c6f47
last-modified
Mon, 05 Apr 2021 19:30:29 GMT
server
AmazonS3
etag
"3a3b32eec4dfc1d6be0dab66c82438fa"
x-amz-version-id
8xf6FYQjb5rzEOFwGeQoTNT0c0Nk25Jg
via
1.1 d947c3ab534102b2c9a7f0a4541d2ed9.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
XCGdRqEMVBBM3OzRh3Ht8aNkU_k6MCSRuOHImmhE5BfIQhVc16Koqw==
bl-49c6f47-9fc0ee63.js
tagan.adlightning.com/leeenterprises/ 		51 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/leeenterprises/bl-49c6f47-9fc0ee63.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.58.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c7dcff030428604b923eb339d30145440d9f25ec9444f1e03f7fcc5d4c1aae84

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 11 Apr 2021 17:55:46 GMT
content-encoding
gzip
age
75015
x-cache
Hit from cloudfront
content-length
15841
x-amz-meta-git_commit
49c6f47
last-modified
Sun, 11 Apr 2021 17:36:00 GMT
server
AmazonS3
etag
"f655c06e5bda04775721dd934890eb5b"
x-amz-version-id
d0uHufGs9gh9HHD15iwK_4r0Rfh2sUT5
via
1.1 d947c3ab534102b2c9a7f0a4541d2ed9.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
L6_V67psvs83BgKUbHma6QqGh1zgweLvosR1LhOZ65QaA0euAe3udA==
bid
c.amazon-adsystem.com/e/dtb/ 		164 B
531 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3266&u=https%3A%2F%2Fthetandd.com%2F&pid=zLOLxsIL8OEY0&cb=0&ws=1600x1200&v=7.61.00&t=2000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F8438%2Fthetandd.com%2Fhomepage%22%7D%5D&pj=%7B%22sections%22%3A%22%22%7D&cfgv=0&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.32.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-32-122.ham50.r.cloudfront.net
Software
Server /
Resource Hash
441c6f5720c9103286378a33b798aaf01838ce5317eadaec152094b12cfa51ed

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:46:00 GMT
content-encoding
gzip
server
Server
x-amz-cf-pop
HAM50-C1
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://thetandd.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
156
via
1.1 a69bfd4d39a9b992855d914318a2c367.cloudfront.net (CloudFront)
x-amz-cf-id
ULvZW10R4zKMPiQq6EFekgysVwFZGSrXeK4N8kmrL1yEZFTQTA6xhg==
bid
c.amazon-adsystem.com/e/dtb/ 		164 B
532 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3266&u=https%3A%2F%2Fthetandd.com%2F&pid=zLOLxsIL8OEY0&cb=1&ws=1600x1200&v=7.61.00&t=2000&slots=%5B%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F8438%2Fthetandd.com%2Fhomepage%22%7D%5D&pj=%7B%22sections%22%3A%22%22%7D&cfgv=0&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.32.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-32-122.ham50.r.cloudfront.net
Software
Server /
Resource Hash
2163eccef5ac46fef5b4b64dc8718a96f89de083639cb4b32750a68db4c823a1

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:46:00 GMT
content-encoding
gzip
server
Server
x-amz-cf-pop
HAM50-C1
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://thetandd.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
156
via
1.1 a69bfd4d39a9b992855d914318a2c367.cloudfront.net (CloudFront)
x-amz-cf-id
SKwZuMInNS3Qkj0Q0XDFoDzuKZBPfnNXqGmIylW1SbNye_oPh5WTNA==
integrator.js
adservice.google.ch/adsid/ 		107 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ch/adsid/integrator.js?domain=thetandd.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Apr 2021 14:46:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
553 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=thetandd.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Apr 2021 14:46:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		428 B
830 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2056919365171739&correlator=506703704391903&output=ldjh&impl=fifs&eid=31060312%2C31060550%2C31060698%2C44739387&vrg=2021040802&ptt=17&us_privacy=1YNN&sc=1&sfv=1-0-38&ecs=20210412&iu_parts=8438%2Cthetandd.com%2Chomepage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=2x1&prev_scp=pos%3Dfixed-impact-top%2Catf%26inview%3Dtrue%26density%3Dstandard%26lee_group%3D7%26lee_hours%3D14%26lee_day%3D1&eri=1&cust_params=amznbid%3D0%26amznp%3D0%26k%3Dthe%2520times%2520and%2520democrat%26sub%3Dno%26page%3Dhomepage%252Capp-editorial%252Cmd_screen%26browser%3DChrome&cookie_enabled=1&bc=31&abxe=1&lmt=1618225653&dt=1618238760084&dlt=1618238758538&idt=1186&frm=20&biw=1600&bih=1200&oid=3&adxs=799&adys=0&adks=4274529382&ucis=1&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fthetandd.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x1&msz=1600x1&ga_vid=1276900474.1618238759&ga_sid=1618238760&ga_hid=381422355&ga_fc=false&ga_cid=1396226216.1618238759&fws=4&ohw=1600
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040802.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
ea25147c5bdc915403097392e9893415aae698a49a482be1c07932270f5385bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:46:00 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
218
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://thetandd.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
b1c97018161ab4c5273f19483f2ef1cd.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://b1c97018161ab4c5273f19483f2ef1cd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ads
securepubads.g.doubleclick.net/gampad/ 		8 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2056919365171739&correlator=3853790997399657&output=ldjh&impl=fifs&eid=31060312%2C31060550%2C31060698%2C44739387&vrg=2021040802&ptt=17&us_privacy=1YNN&sc=1&sfv=1-0-38&ecs=20210412&iu_parts=8438%2Cthetandd.com%2Chomepage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&prev_scp=pos%3Dfixed-impact-bottom%2Cbtf%26inview%3Dtrue%26density%3Dstandard%26lee_group%3D1%26lee_hours%3D14%26lee_day%3D1&eri=1&cust_params=amznbid%3D0%26amznp%3D0%26k%3Dthe%2520times%2520and%2520democrat%26sub%3Dno%26page%3Dhomepage%252Capp-editorial%252Cmd_screen%26browser%3DChrome&cookie_enabled=1&bc=31&abxe=1&lmt=1618225653&dt=1618238760092&dlt=1618238758538&idt=1186&frm=20&biw=1600&bih=1200&oid=3&adxs=800&adys=1&adks=524549479&ucis=2&ifi=2&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fthetandd.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x1&msz=1600x1&ga_vid=1276900474.1618238759&ga_sid=1618238760&ga_hid=381422355&ga_fc=false&ga_cid=1396226216.1618238759&fws=4&ohw=1600
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040802.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
2ff8ca8636f3de503c17f5d8fb6e10b4233034f144505f8faba8b105585127ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:46:00 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4112
x-xss-protection
0
google-lineitem-id
751596797
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
89240352317
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://thetandd.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		41 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2056919365171739&correlator=22200028748992&output=ldjh&impl=fifs&eid=31060312%2C31060550%2C31060698%2C44739387&vrg=2021040802&ptt=17&us_privacy=1YNN&sc=1&sfv=1-0-38&ecs=20210412&iu_parts=8438%2Cthetandd.com%2Chomepage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&prev_scp=pos%3Dhome_primary_middle%2Cbtf%2C50%26inview%3Dtrue%26density%3Dstandard%26lee_group%3D2%26lee_hours%3D14%26lee_day%3D1&eri=1&cust_params=k%3Dthe%2520times%2520and%2520democrat%26sub%3Dno%26page%3Dhomepage%252Capp-editorial%252Cmd_screen%26browser%3DChrome&cookie_enabled=1&bc=31&abxe=1&lmt=1618225653&dt=1618238760094&dlt=1618238758538&idt=1186&frm=20&biw=1600&bih=1200&oid=3&adxs=120&adys=1241&adks=2234006357&ucis=3&ifi=3&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fthetandd.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x250&ga_vid=1276900474.1618238759&ga_sid=1618238760&ga_hid=381422355&ga_fc=false&ga_cid=1396226216.1618238759&fws=4&ohw=1600
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040802.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
788449db842dd054d4f5b280e49f5cff9a794e1a271c16dec4a35f2a6ab79b11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:46:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10372
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://thetandd.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		14 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2056919365171739&correlator=2622509881506817&output=ldjh&impl=fifs&eid=31060312%2C31060550%2C31060698%2C44739387&vrg=2021040802&ptt=17&us_privacy=1YNN&sc=1&sfv=1-0-38&ecs=20210412&iu_parts=8438%2Cthetandd.com%2Chomepage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=5x1&prev_scp=pos%3Dmembers-impact%2Catf%26inview%3Dtrue%26density%3Dstandard%26lee_group%3D10%26lee_hours%3D14%26lee_day%3D1&eri=1&cust_params=k%3Dthe%2520times%2520and%2520democrat%26sub%3Dno%26page%3Dhomepage%252Capp-editorial%252Cmd_screen%26browser%3DChrome&cookie_enabled=1&bc=31&abxe=1&lmt=1618225653&dt=1618238760100&dlt=1618238758538&idt=1186&frm=20&biw=1600&bih=1200&oid=3&adxs=798&adys=5630&adks=4173758164&ucis=4&ifi=4&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fthetandd.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x1&msz=1600x1&ga_vid=1276900474.1618238759&ga_sid=1618238760&ga_hid=381422355&ga_fc=false&ga_cid=1396226216.1618238759&fws=4&ohw=1600
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040802.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
853ea24310a0824d444a1a06158febf5527c5542b0853d78bd3f396b2b8ec764
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:46:00 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5901
x-xss-protection
0
google-lineitem-id
5575483893
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138346114629
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://thetandd.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
otFloatingFlat.json
cdn.cookielaw.org/scripttemplates/6.6.0/assets/ 		9 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.6.0/assets/otFloatingFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.6.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3991138664f8a2717cd6fd5d4394c3cdeff54b01e001b9c128d67511e8a1900b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 12 Apr 2021 14:46:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
qiq5l7qzEHE2l1Y9A93NLw==
age
13417253
vary
Accept-Encoding
content-length
2654
cf-request-id
096824fcd00000dfadae371000000001
x-ms-lease-status
unlocked
last-modified
Thu, 10 Sep 2020 01:36:25 GMT
server
cloudflare
etag
0x8D85529EE52897D
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
00a105f1-301e-0099-6ea3-b55724000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=691200
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
63ed3ddaef57dfad-FRA
expires
Tue, 20 Apr 2021 14:46:00 GMT
otPcCenter.json
cdn.cookielaw.org/scripttemplates/6.6.0/assets/ 		61 KB
15 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.6.0/assets/otPcCenter.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.6.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f5bf5edcefe950e16d287cdcb9c28690952439098ee0639f4a960fe268ae231
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 12 Apr 2021 14:46:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
C9ZZX5WmmuvxVnmOg+8oDA==
age
10063860
vary
Accept-Encoding
content-length
14901
cf-request-id
096824fcd10000dfad870a2000000001
x-ms-lease-status
unlocked
last-modified
Thu, 10 Sep 2020 01:36:25 GMT
server
cloudflare
etag
0x8D85529EE46C785
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
0e2c5787-e01e-0031-2122-d48331000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=691200
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
63ed3ddaef5edfad-FRA
expires
Tue, 20 Apr 2021 14:46:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
72 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-54716522-2&cid=1276900474.1618238759&jid=1527807587&gjid=215067634&_gid=1396226216.1618238759&_u=aHDAgUArQAQCAE~&z=1042541267
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 12 Apr 2021 14:46:00 GMT
content-type
text/plain
access-control-allow-origin
https://thetandd.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.google-analytics.com/gtm/ 		92 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-TQ9PK73&t=gtm256&cid=1276900474.1618238759
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c5acf48cd6d4ec14aafd405e5779e1c7b4427f22f32627b6991132040fe85ddd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:46:00 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36085
x-xss-protection
0
expires
Mon, 12 Apr 2021 14:46:00 GMT
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j89&a=381422355&t=pageview&_s=1&dl=https%3A%2F%2Fthetandd.com%2F&ul=en-us&de=UTF-8&dt=First%20In%20Local%20News%2C%20Sports%20%26%20Weather%20%7C%20Your%20First.%20Best.%20source%20for%20news&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aHDAgUArQAQCAE~&jid=1527807587&gjid=215067634&cid=1276900474.1618238759&tid=UA-54716522-2&_gid=1396226216.1618238759&gtm=2wg3v0TDWDC2&cd1=desktop&cd2=thetandd.com&cd3=editorial&cd4=homepage&cd6=homepage&cd14=Undefined&cd17=null&cd20=anonymous&cd23=&cg1=&cd21=Orangeburg&cd22=flex-editorial&cd30=54&cd31=Clear&cd51=Orangeburg&cd52=3&cd75=0&cd76=%20%20%20%20%20%20%20%20%20&cd79=&cd80=&cd81=No&cd82=&cd85=no&cd86=no&cd102=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F89.0.4389.72%20safari%2F537.36&cd103=Undefined&cd104=Undefined%2C%20Undefined&cd105=3&cd106=Page%20View&cd111=undefined&cd115=notset&cd116=No&cd117=No&cd89=1276900474.1618238759&z=401125468
Requested by
Host: thetandd.com
URL: https://thetandd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 10:03:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
16942
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
163 B 		Other
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-G2BL49024K&gtm=2oe3v0&_p=381422355&sr=1600x1200&_gaz=1&ul=en-us&cid=1276900474.1618238759&_s=1&dl=https%3A%2F%2Fthetandd.com%2F&dt=First%20In%20Local%20News%2C%20Sports%20%26%20Weather%20%7C%20Your%20First.%20Best.%20source%20for%20news&sid=1618238759&sct=1&seg=0&en=page_view&_fv=2&_ss=1&up.status=anonymous&up.subscription=No
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-G2BL49024K&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 14:46:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://thetandd.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
335 B 		Other
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-G2BL49024K&cid=1276900474.1618238759&gtm=2oe3v0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-G2BL49024K&l=dataLayer&cx=c
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c1b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 14:46:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://thetandd.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-G2BL49024K&cid=1276900474.1618238759&gtm=2oe3v0&aip=1&z=1900780234
Requested by
Host: thetandd.com
URL: https://thetandd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 14:46:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
yy2
a.leetemplates.com/lee/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://a.leetemplates.com/lee/yy2
Protocol
H2
Server
34.102.205.239 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
239.205.102.34.bc.googleusercontent.com
Software
akka-http/10.1.12 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://thetandd.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
https://thetandd.com
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-max-age
5
server
akka-http/10.1.12
date
Mon, 12 Apr 2021 14:46:00 GMT
content-length
0
via
1.1 google
alt-svc
clear
yy2
a.leetemplates.com/lee/ 		2 B
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.leetemplates.com/lee/yy2
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/lee-snowplow/static/sp-gzip-2-17-3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.205.239 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
239.205.102.34.bc.googleusercontent.com
Software
akka-http/10.1.12 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Mon, 12 Apr 2021 14:46:00 GMT
via
1.1 google
server
akka-http/10.1.12
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin
https://thetandd.com
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
alt-svc
clear
content-length
2
bl-49c6f47-9fc0ee63.js
tagan.adlightning.com/leeenterprises/ Frame B5D0 		51 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/leeenterprises/bl-49c6f47-9fc0ee63.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.58.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c7dcff030428604b923eb339d30145440d9f25ec9444f1e03f7fcc5d4c1aae84

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 11 Apr 2021 17:55:46 GMT
content-encoding
gzip
age
75015
x-cache
Hit from cloudfront
content-length
15841
x-amz-meta-git_commit
49c6f47
last-modified
Sun, 11 Apr 2021 17:36:00 GMT
server
AmazonS3
etag
"f655c06e5bda04775721dd934890eb5b"
x-amz-version-id
d0uHufGs9gh9HHD15iwK_4r0Rfh2sUT5
via
1.1 d947c3ab534102b2c9a7f0a4541d2ed9.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
TmyrMNIV6DlTrv2gaqThsEGcsEqwHd2rJLMnXlS1lq3Lvs2lQhUMcQ==
b-49c6f47-a8e4a288.js
tagan.adlightning.com/leeenterprises/ Frame B5D0 		69 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/leeenterprises/b-49c6f47-a8e4a288.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.58.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
147afdb9e2f4d21b2e7914ba0a21bf2bbdf2f47f7c8fd7863f5ee7dfa8f6c1da

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 05 Apr 2021 19:32:00 GMT
content-encoding
gzip
age
587641
x-cache
Hit from cloudfront
content-length
23044
x-amz-meta-git_commit
49c6f47
last-modified
Mon, 05 Apr 2021 19:30:29 GMT
server
AmazonS3
etag
"3a3b32eec4dfc1d6be0dab66c82438fa"
x-amz-version-id
8xf6FYQjb5rzEOFwGeQoTNT0c0Nk25Jg
via
1.1 d947c3ab534102b2c9a7f0a4541d2ed9.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
6MUJlfSFSPcLqkuUOCJqrcjBRG4mR4cf5-yCErP8RhEZ1SYXUTECUw==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B5D0 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
sffe /
Resource Hash
6e18ba4f01dc7dd94a5ca4d40da8cc0732221be22cd3ac2b79560e1a67ca61d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:46:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1617988883687958"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36710
x-xss-protection
0
expires
Mon, 12 Apr 2021 14:46:00 GMT
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040802.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
sffe /
Resource Hash
12a84d53232f26ad8feb3dab55e480195520c092b9a8dc87baca96c7390d919b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:46:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1617988871915048"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28262
x-xss-protection
0
expires
Mon, 12 Apr 2021 14:46:00 GMT
bl-49c6f47-9fc0ee63.js
tagan.adlightning.com/leeenterprises/ Frame 91BF 		51 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/leeenterprises/bl-49c6f47-9fc0ee63.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.58.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c7dcff030428604b923eb339d30145440d9f25ec9444f1e03f7fcc5d4c1aae84

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 11 Apr 2021 17:55:46 GMT
content-encoding
gzip
age
75015
x-cache
Hit from cloudfront
content-length
15841
x-amz-meta-git_commit
49c6f47
last-modified
Sun, 11 Apr 2021 17:36:00 GMT
server
AmazonS3
etag
"f655c06e5bda04775721dd934890eb5b"
x-amz-version-id
d0uHufGs9gh9HHD15iwK_4r0Rfh2sUT5
via
1.1 d947c3ab534102b2c9a7f0a4541d2ed9.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
wTadPlIJacgdVHvQjZbMGzTgYTpymRQdx1w1Os-0BPWy41oibcving==
b-49c6f47-a8e4a288.js
tagan.adlightning.com/leeenterprises/ Frame 91BF 		69 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/leeenterprises/b-49c6f47-a8e4a288.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.58.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
147afdb9e2f4d21b2e7914ba0a21bf2bbdf2f47f7c8fd7863f5ee7dfa8f6c1da

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 05 Apr 2021 19:32:00 GMT
content-encoding
gzip
age
587641
x-cache
Hit from cloudfront
content-length
23044
x-amz-meta-git_commit
49c6f47
last-modified
Mon, 05 Apr 2021 19:30:29 GMT
server
AmazonS3
etag
"3a3b32eec4dfc1d6be0dab66c82438fa"
x-amz-version-id
8xf6FYQjb5rzEOFwGeQoTNT0c0Nk25Jg
via
1.1 d947c3ab534102b2c9a7f0a4541d2ed9.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
Ao4ie7FZfzuz6xejOzlGCMTitvLOKq-eyo-zw2X4LMqjSM7tkqDbyg==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 91BF 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
sffe /
Resource Hash
6e18ba4f01dc7dd94a5ca4d40da8cc0732221be22cd3ac2b79560e1a67ca61d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:46:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1617988883687958"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36710
x-xss-protection
0
expires
Mon, 12 Apr 2021 14:46:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		330 B
169 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2056919365171739&correlator=2563690850754628&output=ldjh&impl=fifs&eid=31060312%2C31060550%2C31060698%2C44739387&vrg=2021040802&ptt=17&sc=1&sfv=1-0-38&ecs=20210412&iu_parts=8438%2Cthetandd.com%2Chomepage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90%7C970x250&prev_scp=pos%3Dfixed-leaderboard-top%2Catf%2C50%26inview%3Dtrue%26density%3Dstandard%26lee_group%3D4%26lee_hours%3D14%26lee_day%3D1%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=k%3Dthe%2520times%2520and%2520democrat%26sub%3Dno%26page%3Dhomepage%252Capp-editorial%252Cmd_screen%26browser%3DChrome&cookie=ID%3Dc4c801ea0f448b4b%3AT%3D1618238760%3AS%3DALNI_MZ3xNZF1Hgj6RAOrlCcdV58Xo0_mQ&bc=31&abxe=1&lmt=1618225653&dt=1618238760446&dlt=1618238758538&idt=1186&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=283&adks=3296999877&ucis=5&ifi=5&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fthetandd.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1584x90&msz=1584x90&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9hcMK4APHb57kg5RdLi7wPGGMW_16kLERjTihPXGnpQYy7NX5z5p_7cjW5E38lLl3tTYwEVSmzx384BVU7J12v%2CAGkb-H-9D4uMLoarpUcNTftGnY7pY0TGaGAEJtNZ4Rx6rx3UxZPAC60AFqfTKoTmlcckoJG6QMJ5lkN6hWzInlMsVKpE&ga_vid=1276900474.1618238759&ga_sid=1618238760&ga_hid=381422355&ga_fc=false&ga_cid=1396226216.1618238759&fws=4&ohw=1600
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040802.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
6fe3ea33594cafb36ababf1bdf47d0e17cf6368d60f4812de566752d61919020
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:46:00 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
135
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://thetandd.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=10345586&ns__t=1618238760465&ns_c=UTF-8&cv=3.5&c8=First%20In%20Local%20News%2C%20Sports%20%26%20Weather%20%7C%20Your%20First.%20Best.%20source%20for%20new...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=10345586&ns__t=1618238760465&ns_c=UTF-8&cv=3.5&c8=First%20In%20Local%20News%2C%20Sports%20%26%20Weather%20%7C%20Your%20First.%20Best.%20source%20for%20ne...
0
528 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=10345586&ns__t=1618238760465&ns_c=UTF-8&cv=3.5&c8=First%20In%20Local%20News%2C%20Sports%20%26%20Weather%20%7C%20Your%20First.%20Best.%20source%20for%20news&c7=https%3A%2F%2Fthetandd.com%2F&c9=&cs_ak_ss=1
Requested by
Host: thetandd.com
URL: https://thetandd.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.238.139 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-139.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Apr 2021 14:46:00 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://sb.scorecardresearch.com/b2?c1=2&c2=10345586&ns__t=1618238760465&ns_c=UTF-8&cv=3.5&c8=First%20In%20Local%20News%2C%20Sports%20%26%20Weather%20%7C%20Your%20First.%20Best.%20source%20for%20news&c7=https%3A%2F%2Fthetandd.com%2F&c9=&cs_ak_ss=1
Pragma
no-cache
Date
Mon, 12 Apr 2021 14:46:00 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-54716522-2&cid=1276900474.1618238759&jid=1527807587&_u=aHDAgUArQAQCAE~&z=1414436301
Requested by
Host: thetandd.com
URL: https://thetandd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 14:46:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
483 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-54716522-2&cid=1276900474.1618238759&jid=1527807587&_u=aHDAgUArQAQCAE~&z=1414436301
Requested by
Host: thetandd.com
URL: https://thetandd.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 14:46:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		40 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2056919365171739&correlator=3883990711388431&output=ldjh&impl=fifs&eid=31060312%2C31060550%2C31060698%2C44739387&vrg=2021040802&ptt=17&sc=1&sfv=1-0-38&ecs=20210412&iu_parts=8438%2Cthetandd.com%2Chomepage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C300x600&prev_scp=pos%3Dfixed-big-ad-top%2Catf%2C50%26inview%3Dtrue%26density%3Dstandard%26lee_group%3D7%26lee_hours%3D14%26lee_day%3D1%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=k%3Dthe%2520times%2520and%2520democrat%26sub%3Dno%26page%3Dhomepage%252Capp-editorial%252Cmd_screen%26browser%3DChrome&cookie=ID%3Dc4c801ea0f448b4b%3AT%3D1618238760%3AS%3DALNI_MZ3xNZF1Hgj6RAOrlCcdV58Xo0_mQ&bc=31&abxe=1&lmt=1618225653&dt=1618238760515&dlt=1618238758538&idt=1186&frm=20&biw=1600&bih=1200&oid=3&adxs=1180&adys=416&adks=3450214113&ucis=6&ifi=6&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fthetandd.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x250&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9hcMK4APHb57kg5RdLi7wPGGMW_16kLERjTihPXGnpQYy7NX5z5p_7cjW5E38lLl3tTYwEVSmzx384BVU7J12v%2CAGkb-H-9D4uMLoarpUcNTftGnY7pY0TGaGAEJtNZ4Rx6rx3UxZPAC60AFqfTKoTmlcckoJG6QMJ5lkN6hWzInlMsVKpE&ga_vid=1276900474.1618238759&ga_sid=1618238760&ga_hid=381422355&ga_fc=false&ga_cid=1396226216.1618238759&fws=4&ohw=1600
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040802.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
5a6dea5e3d53872f9fe9baa7abce6201bb481bb055699b7d4e577ef83ea88161
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:46:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10224
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://thetandd.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
Cookie set iu3
aax-eu.amazon-adsystem.com/s/ Frame E718
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_pm-db5_rbd_n-emx_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_pm-db5_rbd_n-emx_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&dcc=t
286 B
959 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_pm-db5_rbd_n-emx_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&dcc=t
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.116.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
e4fb1fff0bf5717dd8bcd06d6fc1ac2874c96a19cd518dcae0fadd6c9730dac6

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://thetandd.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A5sBmXO0p0ISrzhFPJWn668|t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://thetandd.com/

Response headers

Server
Server
Date
Mon, 12 Apr 2021 14:46:00 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
222
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Set-Cookie
ad-id=A5sBmXO0p0ISrzhFPJWn668; Domain=.amazon-adsystem.com; Expires=Sat, 01-Jan-2022 14:46:00 GMT; Path=/; Secure; HttpOnly; SameSite=None ad-privacy=0; Domain=.amazon-adsystem.com; Expires=Wed, 01-Jul-2026 14:46:00 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip

Redirect headers

Server
Server
Date
Mon, 12 Apr 2021 14:46:00 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_pm-db5_rbd_n-emx_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&dcc=t
Set-Cookie
ad-id=A5sBmXO0p0ISrzhFPJWn668|t; Domain=.amazon-adsystem.com; Expires=Sat, 01-Jan-2022 14:46:00 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary
User-Agent
6072065659ba8.image.jpg
bloximages.chicago2.vip.townnews.com/thetandd.com/content/tncms/assets/v3/editorial/0/3a/03a8f727-6b03-5333-8860-a04088c8fe81/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/thetandd.com/content/tncms/assets/v3/editorial/0/3a/03a8f727-6b03-5333-8860-a04088c8fe81/6072065659ba8.image.jpg?crop=1662%2C935%2C0%2C81&resize=150%2C84&order=crop%2Cresize
Requested by
Host: thetandd.com
URL: https://thetandd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e0dd40ee342f512ec15453f6336b43a09a6bfe75728bf2710949dd0da7fc58e
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:46:00 GMT
vary
Accept-Encoding
cf-cache-status
HIT
last-modified
Sat, 10 Apr 2021 20:11:02 GMT
cf-bgj
h2pri
cf-request-id
096824fea000002325acb1c000000001
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"49e8de267118c896f7da2f1d39cc59e8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
63ed3dddccda2325-ZRH
expires
Sun, 10 Apr 2022 20:45:56 GMT
60709c002af22.image.jpg
bloximages.chicago2.vip.townnews.com/thetandd.com/content/tncms/assets/v3/editorial/8/fb/8fb49b84-d1f3-50b4-99b5-738d4cdacab4/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/thetandd.com/content/tncms/assets/v3/editorial/8/fb/8fb49b84-d1f3-50b4-99b5-738d4cdacab4/60709c002af22.image.jpg?crop=1846%2C1038%2C0%2C41&resize=150%2C84&order=crop%2Cresize
Requested by
Host: thetandd.com
URL: https://thetandd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bac46d428fe089083f15b0e7a98740ab908530a0eadc8605d284c6f8c59b968c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:46:00 GMT
cf-cache-status
HIT
last-modified
Fri, 09 Apr 2021 18:25:04 GMT
strict-transport-security
max-age=604800
content-length
3479
cf-request-id
096824fea300002325c59f5000000001
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"de94a63cd57fd779d9589cefd2ce17c6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
expires
Sun, 10 Apr 2022 20:55:51 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
63ed3dddccdc2325-ZRH
cf-bgj
h2pri
6070bf65d47c4.image.jpg
bloximages.chicago2.vip.townnews.com/thetandd.com/content/tncms/assets/v3/editorial/3/79/37975969-0a39-5f98-a997-2d5b9bf36dad/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/thetandd.com/content/tncms/assets/v3/editorial/3/79/37975969-0a39-5f98-a997-2d5b9bf36dad/6070bf65d47c4.image.jpg?crop=1662%2C935%2C0%2C156&resize=150%2C84&order=crop%2Cresize
Requested by
Host: thetandd.com
URL: https://thetandd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ecb47e55d1460c551961488549770f5e16a87cedc8088ff8bf7ce686661c388
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:46:00 GMT
cf-cache-status
HIT
last-modified
Fri, 09 Apr 2021 20:56:05 GMT
strict-transport-security
max-age=604800
content-length
4413
cf-request-id
096824fea400002325a81d0000000001
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"c2c0b1ee340c30238f7878e5e20c9a77"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
expires
Sat, 09 Apr 2022 21:19:35 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
63ed3dddcce02325-ZRH
cf-bgj
h2pri
bottomad.
fundingchoicesmessages.google.com/f/AGSKWxWCvhxgVcC91h3Cn8TtMU7k7kHjZhXbWmAKIgTKWzHpgahZuLxKYp9fXs6SY7ae2M6K3KWDqDduEyyL4-AoKKv24mi9wslBMEZssVSnJtApx-eKjxgJPzASJIkP92HSwcq-V_6sbvhHzmCoIzco9qLgs-qYf... 		54 B
474 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWCvhxgVcC91h3Cn8TtMU7k7kHjZhXbWmAKIgTKWzHpgahZuLxKYp9fXs6SY7ae2M6K3KWDqDduEyyL4-AoKKv24mi9wslBMEZssVSnJtApx-eKjxgJPzASJIkP92HSwcq-V_6sbvhHzmCoIzco9qLgs-qYf8cIbEHpMZl91gfKCIBWUDQwt9fTQKOm1e9dVaEI1_oR8wyPVoXbVYTjslyUPPlsMkLBsGTYjlv3N2RK0Q==/_/scripts/ad./adv.asp_adgebraAds_/adv_horiz./bottomad.
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4b97e69aa228bfca2be1f362b1e84f6b8ed77110e4c4efb55fac0bd016dbe93c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-4LwG8U4xnIaE6vrLfLRTeQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-4LwG8U4xnIaE6vrLfLRTeQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 14:46:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'report-sample' 'nonce-4LwG8U4xnIaE6vrLfLRTeQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-4LwG8U4xnIaE6vrLfLRTeQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		135 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1b35f828bed609bd50d0004f302ae90810fcfdff55f4a1a50f7d801f590f2358
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:46:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48426
x-xss-protection
0
server
cafe
etag
9073347465432709909
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 12 Apr 2021 14:46:00 GMT
AGSKWxU-xC7W4hxPD7py1Uab22jI6ljWZqOc6KyxUU459_WamRIZrszorkpDFKpm5Y_CpkNR6Zq5ni0tNR6sijwKq9RJ_v_H60eK1n67XhKRZLBu1nPpVW7jwG7iI-Gq-phBRCLsZRGjy0kuKIGBN0uUyqz38772UG8tJd-tPAF8Ksu-anACUFGJET0RR3o=
fundingchoicesmessages.google.com/l/ 		0
843 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/l/AGSKWxU-xC7W4hxPD7py1Uab22jI6ljWZqOc6KyxUU459_WamRIZrszorkpDFKpm5Y_CpkNR6Zq5ni0tNR6sijwKq9RJ_v_H60eK1n67XhKRZLBu1nPpVW7jwG7iI-Gq-phBRCLsZRGjy0kuKIGBN0uUyqz38772UG8tJd-tPAF8Ksu-anACUFGJET0RR3o=
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.en_US.kHj_JKtxPdQ.es5.O/d=1/ct=zgms/rs=AJlcJMwCwpEdDDl2IRpcCvqElSmfhrKXdw/m=detection
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-eO3kMvsTtcSMzB5MAQ2f/g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-eO3kMvsTtcSMzB5MAQ2f/g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Apr 2021 14:46:00 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://thetandd.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-eO3kMvsTtcSMzB5MAQ2f/g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-eO3kMvsTtcSMzB5MAQ2f/g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
dn1i8v75r669j.cloudfront.net/v/ 		67 B
344 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dn1i8v75r669j.cloudfront.net/v/?w=i99g3gee
Requested by
Host: d81mfvml8p5ml.cloudfront.net
URL: https://d81mfvml8p5ml.cloudfront.net/i99g3gee.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2070:5400:7:5031:dc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
708babb5fba011bfc960e0c086736b4c3deb8a4c5fa4ca88a18dd4585171193f

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:43:01 GMT
via
1.1 1589d05ea8998abdd2e7ba3167a84e2c.cloudfront.net (CloudFront)
age
179
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=300
x-amz-cf-pop
HAM50-C3
x-amz-cf-id
5hap6Tnwb9YDh_hYkJ19LZPf4HPEgftycLKYQdsEW0RKsHE05BflPg==
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pv&page=First%20In%20Local%20News%2C%20Sports%20%26%20Weather%20%7C%20Your%20First.%20Best.%20source%20for%20news&sec=homepage&pubname=The%20Times%20and%20Democrat&ptype=homepage&metered=0%7C3&cms=townnews%2Fblox&arttype=editorial&tv=js-3.0.122&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&tzoff=-120&lang=en-US&cs=UTF-8&navt=link&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_nolocalstorage=1&f_es6=1&f_gears=2&tvltm=3&tvcfg=lee&tid=921b8bd4-f80b-42cd-a427-0c4bc496484f&pid=b194e929-2abc-466e-b091-573ce5b63df7&dtm=1618238760731&qnm=_matherq&visible=1&tabid=3c8ce1b4-afe2-4631-9030-5991c12e1dfd&url=https%3A%2F%2Fthetandd.com%2F&vp=1600x1200&ds=1600x5670&tofa=1618238761&vid=1&lvidt=1618238761&duid=76567aaf379e2960&fp=1072425006&cid=ma1527&mrk=725149337&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTYxODIzODc1ODA0OSIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIyMC41bWIiLCJoZWFwVCI6IjI3LjZtYiIsImZzdFBhaW50IjoiMTMwNyIsImZldGNoUyI6IjAiLCJkb21haW5TIjoiMSIsImRvbWFpbkUiOiIyIiwiY29ublMiOiIyIiwiY29ubkUiOiIyNTQiLCJzc2xTIjoiMjAiLCJyZXF1UyI6IjI1NCIsInJlc3BTIjoiNDg2IiwicmVzcEUiOiI2MDAiLCJkb21Mb2FkIjoiNDg5IiwiZG9tSW50ZXIiOiIyMDU4IiwiZG9tTG9hZFMiOiIyMDY1IiwiZG9tTG9hZEUiOiIyMDcxIn0sImtleXdvcmRzIjpbInRoZSIsInRpbWVzIiwiYW5kIiwiZGVtb2NyYXQiXX0
Requested by
Host: thetandd.com
URL: https://thetandd.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.168.95.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-168-95-93.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Apr 2021 14:46:01 GMT
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length
43
Content-Type
image/gif
961211893969940
connect.facebook.net/signals/config/ 		244 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/961211893969940?v=2.9.33&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ea1b053f26c2b20af52a473166842f8e94697789a892edbd388079528ede5a5b
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
71112
x-fb-rlafr
0
pragma
public
x-fb-debug
Nmg/v4oLF4A1QZ/TBQ0814X63qbFUsg3RKFYfgWBgUWZ8zITp1BvDpfeOPwupl/jSTmJCVO1YgQDJf4mZV0AVA==
x-fb-trip-id
1512268381
x-frame-options
DENY
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Mon, 12 Apr 2021 14:46:00 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame B5D0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssbu4QMb0ZjzUlJWE-h_m6umV-JMRljAWkKtoYsmN9Ip4O_Jovl4Xdx02vUpJA-VyubMmSNmDzlhkf3P58_c08LZ5xn7xJYOVj_l2MLoZwcfrXGUrvOu4d-yVKrIoUDOPaPYgwmgSz0JYtFVdWrdxmXFVJfR0ObBbKEYWZCxBu8PBAdlp6V9AQwKuvQopQ7DZ43Tz6STIhk-DGF0Zj2tYdARGha2XiJzE-54iddfOErB60ttndT3J7IC22ySVwxgbeNxuUzH-yDU62QwW0UriQOlQ4m8mnrMLCtDCbjtao63qIvK9YKi0oz70-s_jYDujxe&sig=Cg0ArKJSzOtVKiol3Y5IEAE&urlfix=1&adurl=
Requested by
Host: thetandd.com
URL: https://thetandd.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Apr 2021 14:46:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 12 Apr 2021 14:46:00 GMT
rciv.js
cdn.tynt.com/ Frame B5D0 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tynt.com/rciv.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/b-49c6f47-a8e4a288.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.88.26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e3b9ecf3258afd899081e6cf645e09ae51a031aeac11a0d0f59ea3b5ff8595b

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:46:01 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 21 Aug 2020 18:27:58 GMT
server
cloudflare
age
229734
etag
W/"5f40122e-3dbe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
63ed3de02b5c23f7-ZRH
cf-request-id
096825001d000023f7aeb12000000001
expires
Thu, 15 Apr 2021 14:46:01 GMT
truncated
/ Frame B5D0 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
27a5a0ed933f708443dfdec766c5ddb48f95aade9bbddc2cd852a680f67f691e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 91BF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvnmYVLA_xL12hBbuJzZEKtN5HOIw5NXtDe5HDY2QuA5pOq42O8HtO36Vo0lexi34w_vWYktBJ7cd9FrPqyLguu1WUXwOPCZ_fCVSElFepOWx04fur7JRpvKsZAoMfl06e3xpayGQMbvvsnWE5-b2egvucsPm6Sj43RqX_NSJ4CA-75cKvqwIccQBQfg_bu3Je-PRJn4fiSvRh3GC3_bpdv7Eufg4247Lq5D2uns5xj9ua5-BTcyZs8TeRtee13regmvCrdbOZl9tIoTuF5HAm0RO4VtYQolIp8R5VCcx-nQrfY5SwOyzziwI0aEtE3XCkvewyF3e8BGFHNG40oIrVKnpk&sig=Cg0ArKJSzHXRE-gc26AUEAE&urlfix=1&adurl=
Requested by
Host: thetandd.com
URL: https://thetandd.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Apr 2021 14:46:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 12 Apr 2021 14:46:01 GMT
truncated
/ Frame 91BF 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c730ba2c0a85e4b6b57fd4d294397cdc5d5f3df162dc7cc07a1aed32b6a817a9

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 91BF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvm0dWBDHnjVrnSUqJZ28QUBjb0FuSQsmj03dZ05WbFpc5xYt9mz7fE6AcZJe-cy6TZ1uwb4NwszQlQ4x9c3s7SZDTUsOMcGXn8uC3hgNXs1SwV9yzAGYg_DSWgrIF8OFZNijLfMNcVtI-m7bWn66CTanXBCT1YZSA5eAoufrwFFCsfTRBjIPvhvPjTCr0NzGYarGzfeos__XNIJmnhvVqVdurOZvSx7-AIS6Wc93gxbMkjAp-QAcMbE75L1EoMNT68_t0gaJd723jkzeH5xjoLqY3yGZT7oDdfmL5mHkV0aSrxeYyOBvzx&sig=Cg0ArKJSzJcIRSc5ueVnEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Apr 2021 14:46:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 12 Apr 2021 14:46:01 GMT
bl-49c6f47-9fc0ee63.js
tagan.adlightning.com/leeenterprises/ Frame A237 		51 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/leeenterprises/bl-49c6f47-9fc0ee63.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.58.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c7dcff030428604b923eb339d30145440d9f25ec9444f1e03f7fcc5d4c1aae84

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 11 Apr 2021 17:55:46 GMT
content-encoding
gzip
age
75016
x-cache
Hit from cloudfront
content-length
15841
x-amz-meta-git_commit
49c6f47
last-modified
Sun, 11 Apr 2021 17:36:00 GMT
server
AmazonS3
etag
"f655c06e5bda04775721dd934890eb5b"
x-amz-version-id
d0uHufGs9gh9HHD15iwK_4r0Rfh2sUT5
via
1.1 d947c3ab534102b2c9a7f0a4541d2ed9.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
LxuiyQhcLWAGfmur5muc14ZnJoxSnOK4_b9PuqW_HMr0g_wXU2pIUQ==
b-49c6f47-a8e4a288.js
tagan.adlightning.com/leeenterprises/ Frame A237 		69 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/leeenterprises/b-49c6f47-a8e4a288.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.58.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
147afdb9e2f4d21b2e7914ba0a21bf2bbdf2f47f7c8fd7863f5ee7dfa8f6c1da

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 05 Apr 2021 19:32:00 GMT
content-encoding
gzip
age
587642
x-cache
Hit from cloudfront
content-length
23044
x-amz-meta-git_commit
49c6f47
last-modified
Mon, 05 Apr 2021 19:30:29 GMT
server
AmazonS3
etag
"3a3b32eec4dfc1d6be0dab66c82438fa"
x-amz-version-id
8xf6FYQjb5rzEOFwGeQoTNT0c0Nk25Jg
via
1.1 d947c3ab534102b2c9a7f0a4541d2ed9.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
fuXxznSILFS2lsul2QKWnr-2hky6pTE6sMf7m90Yi6EW5ZPphdneTg==
thetandd.com.png
bloximages.chicago2.vip.townnews.com/central.leetemplates.com/content/tncms/live/global/resources/images/logos/ds/400/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/central.leetemplates.com/content/tncms/live/global/resources/images/logos/ds/400/thetandd.com.png?_dc=1
Requested by
Host: thetandd.com
URL: https://thetandd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01d21f3da0ac7ca1f1bd53bbf18b0a0eb36937eb79c30d7fe73ef6a7d02d4843
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:46:01 GMT
vary
Accept-Encoding
cf-cache-status
HIT
last-modified
Wed, 25 Sep 2019 23:11:20 GMT
content-length
9380
cf-request-id
096825012900002325a28b0000000001
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"5d8bf418-24a4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
63ed3de1ded42325-ZRH
expires
Thu, 04 Nov 2021 08:20:08 GMT
10769825506373766191
tpc.googlesyndication.com/simgad/ 		396 KB
396 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/10769825506373766191?
Requested by
Host: thetandd.com
URL: https://thetandd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee6a4c745a807181e71f1c3316e2aceac00e2c1921e22f29be900bd680291f82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 13:48:25 GMT
x-content-type-options
nosniff
age
3456
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
405326
x-xss-protection
0
last-modified
Mon, 12 Apr 2021 13:44:07 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Apr 2022 13:48:25 GMT
bl-49c6f47-9fc0ee63.js
tagan.adlightning.com/leeenterprises/ Frame 600B 		51 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/leeenterprises/bl-49c6f47-9fc0ee63.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.58.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c7dcff030428604b923eb339d30145440d9f25ec9444f1e03f7fcc5d4c1aae84

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 11 Apr 2021 17:55:46 GMT
content-encoding
gzip
age
75016
x-cache
Hit from cloudfront
content-length
15841
x-amz-meta-git_commit
49c6f47
last-modified
Sun, 11 Apr 2021 17:36:00 GMT
server
AmazonS3
etag
"f655c06e5bda04775721dd934890eb5b"
x-amz-version-id
d0uHufGs9gh9HHD15iwK_4r0Rfh2sUT5
via
1.1 d947c3ab534102b2c9a7f0a4541d2ed9.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
mUD8bSBUAvgWNFNDKGBu8xcVOHSOMaDe7jFysLqJObLVzM_I_OA0-g==
b-49c6f47-a8e4a288.js
tagan.adlightning.com/leeenterprises/ Frame 600B 		69 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/leeenterprises/b-49c6f47-a8e4a288.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.58.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
147afdb9e2f4d21b2e7914ba0a21bf2bbdf2f47f7c8fd7863f5ee7dfa8f6c1da

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 05 Apr 2021 19:32:00 GMT
content-encoding
gzip
age
587642
x-cache
Hit from cloudfront
content-length
23044
x-amz-meta-git_commit
49c6f47
last-modified
Mon, 05 Apr 2021 19:30:29 GMT
server
AmazonS3
etag
"3a3b32eec4dfc1d6be0dab66c82438fa"
x-amz-version-id
8xf6FYQjb5rzEOFwGeQoTNT0c0Nk25Jg
via
1.1 d947c3ab534102b2c9a7f0a4541d2ed9.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
tHLWFU9aRQwB_17hTNysj2JGjYVi2YeJi-r5p062PUgI6zs6Jb5Dmg==
j
rp4.liadm.com/
Redirect Chain
  • https://rp.liadm.com/j?tna=v2.0.1&aid=a-0197&wpn=lc-bundle&pu=https%3A%2F%2Fthetandd.com%2F&duid=ca73657aa29d--01f338qtcnz482qwra9f8dghr7&se=e30&dtstmp=1618238761368
  • https://rp4.liadm.com/j?tna=v2.0.1&aid=a-0197&wpn=lc-bundle&pu=https%3A%2F%2Fthetandd.com%2F&duid=ca73657aa29d--01f338qtcnz482qwra9f8dghr7&se=e30&dtstmp=1618238761368&i6=MmEwMTo0Zjg6MTkyOjU0MTQ6OjI...
13 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rp4.liadm.com/j?tna=v2.0.1&aid=a-0197&wpn=lc-bundle&pu=https%3A%2F%2Fthetandd.com%2F&duid=ca73657aa29d--01f338qtcnz482qwra9f8dghr7&se=e30&dtstmp=1618238761368&i6=MmEwMTo0Zjg6MTkyOjU0MTQ6OjI%3D&n3pc=true
Requested by
Host: thetandd.com
URL: https://thetandd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.73.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-73-156.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:46:02 GMT
x-pixel-event-id
7c4f67a0-98a5-4f8e-97f3-d232f0611cca
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
request-time
1
vary
Origin
content-length
13
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
server
nginx/1.18.0
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
access-control-allow-origin
null
access-control-allow-credentials
true
trace-id
35e2eab380a96807

Redirect headers

date
Mon, 12 Apr 2021 14:46:01 GMT
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
server
nginx/1.18.0
vary
Origin
location
https://rp4.liadm.com/j?tna=v2.0.1&aid=a-0197&wpn=lc-bundle&pu=https%3A%2F%2Fthetandd.com%2F&duid=ca73657aa29d--01f338qtcnz482qwra9f8dghr7&se=e30&dtstmp=1618238761368&i6=MmEwMTo0Zjg6MTkyOjU0MTQ6OjI%3D&n3pc=true
x-frame-options
DENY
access-control-allow-origin
https://thetandd.com
x-xss-protection
1; mode=block
x-permitted-cross-domain-policies
master-only
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
trace-id
f062232c5de386bf
request-time
1
content-length
0
x-content-type-options
nosniff
AGSKWxU-xC7W4hxPD7py1Uab22jI6ljWZqOc6KyxUU459_WamRIZrszorkpDFKpm5Y_CpkNR6Zq5ni0tNR6sijwKq9RJ_v_H60eK1n67XhKRZLBu1nPpVW7jwG7iI-Gq-phBRCLsZRGjy0kuKIGBN0uUyqz38772UG8tJd-tPAF8Ksu-anACUFGJET0RR3o=
fundingchoicesmessages.google.com/l/ 		0
550 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/l/AGSKWxU-xC7W4hxPD7py1Uab22jI6ljWZqOc6KyxUU459_WamRIZrszorkpDFKpm5Y_CpkNR6Zq5ni0tNR6sijwKq9RJ_v_H60eK1n67XhKRZLBu1nPpVW7jwG7iI-Gq-phBRCLsZRGjy0kuKIGBN0uUyqz38772UG8tJd-tPAF8Ksu-anACUFGJET0RR3o=
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.en_US.kHj_JKtxPdQ.es5.O/d=1/ct=zgms/rs=AJlcJMwCwpEdDDl2IRpcCvqElSmfhrKXdw/m=detection
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-NyCYsttZYp24+T6M3+FYFA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-NyCYsttZYp24+T6M3+FYFA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Apr 2021 14:46:01 GMT
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options
SAMEORIGIN
report-to
{"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type
text/html; charset=utf-8
access-control-allow-origin
https://thetandd.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-NyCYsttZYp24+T6M3+FYFA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-NyCYsttZYp24+T6M3+FYFA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxU-xC7W4hxPD7py1Uab22jI6ljWZqOc6KyxUU459_WamRIZrszorkpDFKpm5Y_CpkNR6Zq5ni0tNR6sijwKq9RJ_v_H60eK1n67XhKRZLBu1nPpVW7jwG7iI-Gq-phBRCLsZRGjy0kuKIGBN0uUyqz38772UG8tJd-tPAF8Ksu-anACUFGJET0RR3o=
fundingchoicesmessages.google.com/l/ 		0
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/l/AGSKWxU-xC7W4hxPD7py1Uab22jI6ljWZqOc6KyxUU459_WamRIZrszorkpDFKpm5Y_CpkNR6Zq5ni0tNR6sijwKq9RJ_v_H60eK1n67XhKRZLBu1nPpVW7jwG7iI-Gq-phBRCLsZRGjy0kuKIGBN0uUyqz38772UG8tJd-tPAF8Ksu-anACUFGJET0RR3o=
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.en_US.kHj_JKtxPdQ.es5.O/d=1/ct=zgms/rs=AJlcJMwCwpEdDDl2IRpcCvqElSmfhrKXdw/m=detection
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-1ufNtCmjRSTQ1d+qGk+97Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-1ufNtCmjRSTQ1d+qGk+97Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Apr 2021 14:46:01 GMT
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options
SAMEORIGIN
report-to
{"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type
text/html; charset=utf-8
access-control-allow-origin
https://thetandd.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-1ufNtCmjRSTQ1d+qGk+97Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-1ufNtCmjRSTQ1d+qGk+97Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVMXoK2FliyHvny31QAoLtC7Qr4ts-frjXc-vKwi-RhT4MBFj53S3ZrJgJqCoBw2KzJzj0H2RQV_Azt3UKVVjVIyO0TilC0oCN7OI9IuqXNMERNlC0HCz6TWA_Cd9x2cSo5Or8TRzobYveMxv8ktF1yfK3iEX_MQpxgSOYPG_IaRcM5y3leYmRfDXg=
fundingchoicesmessages.google.com/f/ 		63 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVMXoK2FliyHvny31QAoLtC7Qr4ts-frjXc-vKwi-RhT4MBFj53S3ZrJgJqCoBw2KzJzj0H2RQV_Azt3UKVVjVIyO0TilC0oCN7OI9IuqXNMERNlC0HCz6TWA_Cd9x2cSo5Or8TRzobYveMxv8ktF1yfK3iEX_MQpxgSOYPG_IaRcM5y3leYmRfDXg=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCwyLFsxNjE4MjM4NzYxLDQyNzAwMDAwMF0sbnVsbCxudWxsLG51bGwsWzEsWzcsNl1dXQ
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b53c8109bb7f8fde64b1c126f00b93a77cb65339ef010b466b7ce075e8554afb
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-/h1ySIYuUcScvA2UQkLOhw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-/h1ySIYuUcScvA2UQkLOhw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 14:46:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'report-sample' 'nonce-/h1ySIYuUcScvA2UQkLOhw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-/h1ySIYuUcScvA2UQkLOhw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxU-xC7W4hxPD7py1Uab22jI6ljWZqOc6KyxUU459_WamRIZrszorkpDFKpm5Y_CpkNR6Zq5ni0tNR6sijwKq9RJ_v_H60eK1n67XhKRZLBu1nPpVW7jwG7iI-Gq-phBRCLsZRGjy0kuKIGBN0uUyqz38772UG8tJd-tPAF8Ksu-anACUFGJET0RR3o=
fundingchoicesmessages.google.com/l/ 		0
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/l/AGSKWxU-xC7W4hxPD7py1Uab22jI6ljWZqOc6KyxUU459_WamRIZrszorkpDFKpm5Y_CpkNR6Zq5ni0tNR6sijwKq9RJ_v_H60eK1n67XhKRZLBu1nPpVW7jwG7iI-Gq-phBRCLsZRGjy0kuKIGBN0uUyqz38772UG8tJd-tPAF8Ksu-anACUFGJET0RR3o=
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.en_US.kHj_JKtxPdQ.es5.O/d=1/ct=zgms/rs=AJlcJMwCwpEdDDl2IRpcCvqElSmfhrKXdw/m=detection
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-FJ/fL/SIs4Ketl09E738VQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-FJ/fL/SIs4Ketl09E738VQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Apr 2021 14:46:01 GMT
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options
SAMEORIGIN
report-to
{"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type
text/html; charset=utf-8
access-control-allow-origin
https://thetandd.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-FJ/fL/SIs4Ketl09E738VQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-FJ/fL/SIs4Ketl09E738VQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
81 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryLad3kHOmdNW3rzfz

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Mon, 12 Apr 2021 14:46:01 GMT
content-type
text/plain
access-control-allow-origin
https://thetandd.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
/
www.facebook.com/tr/ 		44 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=961211893969940&ev=Domain&dl=https%3A%2F%2Fthetandd.com%2F&rl=&if=false&ts=1618238761452&cd[custom_param]=thetandd.com&sw=1600&sh=1200&v=2.9.33&r=stable&ec=1&o=30&fbp=fb.1.1618238761446.3988957&it=1618238760772&coo=false&rqm=GET
Requested by
Host: thetandd.com
URL: https://thetandd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:46:01 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Mon, 12 Apr 2021 14:46:01 GMT
a9JORiXIKr5BlZrkHcnnVW.js
sc.tynt.com/script/sc/ Frame B5D0 		937 B
914 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sc.tynt.com/script/sc/a9JORiXIKr5BlZrkHcnnVW.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/b-49c6f47-a8e4a288.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.88.26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5f288838a9ad31e006954f556180652f85c00f6df72143326d785e568548307
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:46:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
584989
status
200 OK
x-xss-protection
1; mode=block
x-request-id
56fafb2e-3d10-4268-939b-25f59e532233
x-runtime
0.001459
x-content-digest
8e908a083520dc1d2bce8124ec704a573f531246
last-modified
Sun, 04 Apr 2021 14:07:22 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600, public, s-maxage=172800
cf-request-id
096825021c000023f78b293000000001
cf-ray
63ed3de35a2c23f7-ZRH
x-rack-cache
fresh
expires
Mon, 05 Apr 2021 00:46:26 GMT
p
ic.tynt.com/b/ 		35 B
523 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ic.tynt.com/b/p?id=a9JORiXIKr5BlZrkHcnnVW&lm=6&ts=1618238761469&dn=RCIV&iso=0&img=https%3A%2F%2Fbloximages.chicago2.vip.townnews.com%2Fthetandd.com%2Fcontent%2Ftncms%2Fcustom%2Fimage%2F341b0a4c-a4fb-11e5-885d-e31c4b9d231a.jpg%3Fresize%3D600%252C400&ct=thetandd.com%20%7C%20Your%20First.%20Best.%20source%20for%20news&t=First%20In%20Local%20News%2C%20Sports%20%26%20Weather%20%7C%20Your%20First.%20Best.%20source%20for%20news&cu=https%3A%2F%2Fthetandd.com%2F
Requested by
Host: thetandd.com
URL: https://thetandd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.187 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip187.208-100-17.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:46:01 GMT
last-modified
Fri, 16 Apr 2010 15:38:20 GMT
server
nginx/1.16.1
etag
"4bc8846c-23"
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID", CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
accept-ranges
bytes
content-type
image/gif
content-length
35
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012103020108001/ Frame A237 		190 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Requested by
Host: thetandd.com
URL: https://thetandd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e553b4e88ac4a1819d608fe9dcb46544ca5fb776d4e0c84d773f37b1df18211
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
271883
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55046
x-xss-protection
0
server
sffe
date
Fri, 09 Apr 2021 11:14:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"aeaf363b1ad89b36"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Apr 2022 11:14:38 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame A237 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-ad-exit-0.1.mjs
Requested by
Host: thetandd.com
URL: https://thetandd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
271883
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4548
x-xss-protection
0
server
sffe
date
Fri, 09 Apr 2021 11:14:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"4eb73d471ab4cb2c"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Apr 2022 11:14:38 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame A237 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-analytics-0.1.mjs
Requested by
Host: thetandd.com
URL: https://thetandd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
271883
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27208
x-xss-protection
0
server
sffe
date
Fri, 09 Apr 2021 11:14:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"22950e05e749846e"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Apr 2022 11:14:38 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame A237 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-fit-text-0.1.mjs
Requested by
Host: thetandd.com
URL: https://thetandd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
271883
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9587
x-xss-protection
0
server
sffe
date
Fri, 09 Apr 2021 11:14:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"739644f32ad1483f"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Apr 2022 11:14:38 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame A237 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-form-0.1.mjs
Requested by
Host: thetandd.com
URL: https://thetandd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
271883
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12827
x-xss-protection
0
server
sffe
date
Fri, 09 Apr 2021 11:14:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"5cc8dcc2368726c7"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Apr 2022 11:14:38 GMT
11896457697636447411
tpc.googlesyndication.com/daca_images/simgad/ Frame A237 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/11896457697636447411
Requested by
Host: thetandd.com
URL: https://thetandd.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d3b972009072e66017f4e26bd865460d9d66fd602b7ed498d4e79f0e7db7f295
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Apr 2021 06:47:51 GMT
x-content-type-options
nosniff
age
547090
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25739
x-xss-protection
0
last-modified
Mon, 08 Mar 2021 18:34:11 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Apr 2022 06:47:51 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A237 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: thetandd.com
URL: https://thetandd.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Apr 2021 14:36:54 GMT
x-content-type-options
nosniff
server
cafe
age
547
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Tue, 13 Apr 2021 14:36:54 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A237 		295 B
389 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: thetandd.com
URL: https://thetandd.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 11 Apr 2021 22:17:05 GMT
x-content-type-options
nosniff
server
cafe
age
59336
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Mon, 12 Apr 2021 22:17:05 GMT
l
www.google.com/ads/measurement/ Frame A237 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSn5kj_64gRcxzcz21nI5cPjcbl8naHwLomNWEjXlD5FyKQnCqHM8IZ-0H_09TexeHC-PDq3sd5JIRVY6Bk7TBUnnElrw
Requested by
Host: thetandd.com
URL: https://thetandd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame A237 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CnFJNKF10YIqJCsXwxgKXvbmYCK-bvtxhlc3_38ENloLNhYgWEAEg5cX6HWD1lc6B4ASgAari7bwCyAECqQJQz-03TuyzPuACAKgDAcgDCKoE5gFP0A4rVHCHaLxb2DnoovZzLcUb5qnVAcwbBrQotDz0PNBGGobSieN0ZKQ-GlP01OKrVRempJ0cy92XxaplqXS1bGW5uhswztjw4Cebl2Jh8HDhig6iffDd9xNap-MeXQqqvh5lW1Kl7FyjZTUO8aFSDpzo-nVS3ZKsrfFrpQL96dnCnqkVFf0_OXvabkwjDgcVjw7J0CC5lF3jMNcpuuVRej7vJAVYrkMhcHlykvVB94JN0CrP9-lV3dNeRN00D7yRQbNMbWHe8RgQ6nCopuf3tWjMvSSc_yOzWPGTgtplLbGeXA5bt8AEup-ijr8D4AQBkgUECAQYAZIFBAgFGASgBgKAB76dksMBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEJy3FtIIBwiAYRABGB2ACgHICwHYEw2yFxoKGAgAEhRwdWItOTUxNzgzODk1Mzk2ODk5MA&sigh=PtJsHD1YK3Y&tpd=AGWhJmv2uJ6oep80h3G4YbZE-b1vBtdDmaMDYcY194Q0VvVt5w
Requested by
Host: thetandd.com
URL: https://thetandd.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
truncated
/ Frame A237 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2be4ac78025c9781358f6d7c2a76d222ca47500f1fb61b63760dee4a9289901d

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
6073d757e2af4.preview.jpg
bloximages.chicago2.vip.townnews.com/thetandd.com/content/tncms/assets/v3/editorial/8/9a/89ad80a6-a4e2-5be8-989c-3b706d16f677/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/thetandd.com/content/tncms/assets/v3/editorial/8/9a/89ad80a6-a4e2-5be8-989c-3b706d16f677/6073d757e2af4.preview.jpg?crop=800%2C450%2C0%2C75&resize=540%2C304&order=crop%2Cresize
Requested by
Host: thetandd.com
URL: https://thetandd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d417a464f03112c30306839738c93d236cdb95648278516c8ba6873be7dafb86
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:46:01 GMT
vary
Accept-Encoding
cf-cache-status
HIT
last-modified
Mon, 12 Apr 2021 05:15:03 GMT
cf-bgj
h2pri
cf-request-id
09682502aa00002325be3a4000000001
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"66f1de2b591de37840821d4c09fe719a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
63ed3de44c642325-ZRH
expires
Tue, 12 Apr 2022 05:42:34 GMT
606f2ea2b37f5.image.jpg
bloximages.chicago2.vip.townnews.com/thetandd.com/content/tncms/assets/v3/editorial/6/2f/62f614e3-8a97-5ab8-b9b4-311a13f433ee/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/thetandd.com/content/tncms/assets/v3/editorial/6/2f/62f614e3-8a97-5ab8-b9b4-311a13f433ee/606f2ea2b37f5.image.jpg?crop=1763%2C992%2C0%2C91&resize=200%2C113&order=crop%2Cresize
Requested by
Host: thetandd.com
URL: https://thetandd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce9c9b8e409d4ca4361ed30002bd88d4cd020a5ff321ddc25d8587436b89302a
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:46:01 GMT
cf-cache-status
HIT
last-modified
Thu, 08 Apr 2021 16:26:10 GMT
strict-transport-security
max-age=604800
content-length
6654
cf-request-id
09682502aa000023259f35b000000001
x-robots-tag
noarchive
x-vcache
HIT
server
cloudflare
etag
"c2e2d0e997936e9605c6c7025374122e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 11 Apr 2022 20:16:27 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
63ed3de44c692325-ZRH
cf-bgj
h2pri
/
thetandd.com/tncms/tracking/classifieds/featured/ 		0
154 B 		Other
General
Check archive.org
Download Go to
Full URL
https://thetandd.com/tncms/tracking/classifieds/featured/?i=8fe5ceb6-064f-11ea-a867-073e5f82316a,e5098a4a-064f-11ea-90a7-1ba89e80c47c,64759f6b-47d2-5946-9bd2-730888b4aa1d,
Requested by
Host: thetandd.com
URL: https://thetandd.com/shared-content/art/tncms/tracking.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.chicago2.vip.townnews.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

real-hostname
thetandd.com
x-vcache
MISS
age
0
date
Mon, 12 Apr 2021 14:46:01 GMT
content-type
application/octet-stream
cache-control
s-maxage=0, private, no-cache
accept-ranges
bytes
content-length
0
/
thetandd.com/tncms/tracking/business/block/ 		0
154 B 		Other
General
Check archive.org
Download Go to
Full URL
https://thetandd.com/tncms/tracking/business/block/?i=a10eb3a0-9c04-5aba-8fbc-03b39eb12fe2,7480d5d9-3082-53b8-b808-4952a1b157b0,7ccb6249-e201-535e-8159-d88fbe19f9bb,
Requested by
Host: thetandd.com
URL: https://thetandd.com/shared-content/art/tncms/tracking.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.chicago2.vip.townnews.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

real-hostname
thetandd.com
x-vcache
MISS
age
0
date
Mon, 12 Apr 2021 14:46:01 GMT
content-type
application/octet-stream
cache-control
s-maxage=0, private, no-cache
accept-ranges
bytes
content-length
0
pr
aax-eu.amazon-adsystem.com/s/v3/ Frame 4CA2 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_pm-db5_rbd_n-emx_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_pm-db5_rbd_n-emx_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.116.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
f6a51eb39d187a4dcd4e2fdfb607418cb4c1bc5c1d6bd438d011d7444dd4531c

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_pm-db5_rbd_n-emx_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&dcc=t
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A5sBmXO0p0ISrzhFPJWn668; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_pm-db5_rbd_n-emx_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&dcc=t

Response headers

Server
Server
Date
Mon, 12 Apr 2021 14:46:01 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
714
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012103020108001/ Frame 600B 		190 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Requested by
Host: thetandd.com
URL: https://thetandd.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e553b4e88ac4a1819d608fe9dcb46544ca5fb776d4e0c84d773f37b1df18211
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
271883
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55046
x-xss-protection
0
server
sffe
date
Fri, 09 Apr 2021 11:14:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"aeaf363b1ad89b36"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Apr 2022 11:14:38 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 600B 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-ad-exit-0.1.mjs
Requested by
Host: thetandd.com
URL: https://thetandd.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
271883
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4548
x-xss-protection
0
server
sffe
date
Fri, 09 Apr 2021 11:14:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"4eb73d471ab4cb2c"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Apr 2022 11:14:38 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 600B 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-analytics-0.1.mjs
Requested by
Host: thetandd.com
URL: https://thetandd.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
271883
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27208
x-xss-protection
0
server
sffe
date
Fri, 09 Apr 2021 11:14:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"22950e05e749846e"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Apr 2022 11:14:38 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 600B 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-fit-text-0.1.mjs
Requested by
Host: thetandd.com
URL: https://thetandd.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
271883
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9587
x-xss-protection
0
server
sffe
date
Fri, 09 Apr 2021 11:14:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"739644f32ad1483f"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Apr 2022 11:14:38 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 600B 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-form-0.1.mjs
Requested by
Host: thetandd.com
URL: https://thetandd.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
271883
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12827
x-xss-protection
0
server
sffe
date
Fri, 09 Apr 2021 11:14:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"5cc8dcc2368726c7"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Apr 2022 11:14:38 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 600B 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: thetandd.com
URL: https://thetandd.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Apr 2021 14:36:54 GMT
x-content-type-options
nosniff
server
cafe
age
547
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Tue, 13 Apr 2021 14:36:54 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 600B 		295 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: thetandd.com
URL: https://thetandd.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 11 Apr 2021 22:17:05 GMT
x-content-type-options
nosniff
server
cafe
age
59336
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Mon, 12 Apr 2021 22:17:05 GMT
14000038848564449166
tpc.googlesyndication.com/simgad/ Frame 600B 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14000038848564449166?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qlURejMLkUo2AkWcI6uxA79l6ToDw
Requested by
Host: thetandd.com
URL: https://thetandd.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7fa2af707030ba4bef85e450f06c59dcb386e5091cd04aa6e06b56e8bd1cceb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Apr 2021 02:28:41 GMT
x-content-type-options
nosniff
last-modified
Wed, 31 Mar 2021 08:03:26 GMT
server
sffe
age
562640
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27880
x-xss-protection
0
expires
Wed, 06 Apr 2022 02:28:41 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 600B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CPbGiKF10YN7YIuXyxgLGiKDoAcPFtJhinIPeypUNqenDqLgJEAEg5cX6HWD1lc6B4ASgAZzSv8EByAECqQLjTsKO_imyPuACAKgDAcgDCKoE6QFP0Mpj2ZUMSp1QCiSgwavlF3sZHL8078w6eaeOYpyXx5NiwV11zqWBDp9277qVsquehPRW3MLgE6Z1xGNh955YRzOwo2D4GD8l3MLKUDeSopI_rj9vKTa8uABhj83QHJlrpkDvNT1EB1RpRilXhJWxh6GL-8s4TcHQ92t5QYB0ChmHu2wyknJENX6moyhTrMoBE25ovOQY2Hw2Z0mjELf66TW66FaK4_BSJymibgM1_JRqHhZp2jGtyHvuACM0WA3ortzJXbcEmkwJ_ZJbPQY9RyTUI-HDVdLTv7JBLI1hh1Exs4wBwBV6xsAEicPT1L0D4AQBkgUECAQYAZIFBAgFGASgBgKAB8ytwL4CqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEIvyGdIIBwiAYRABGB2ACgHICwHYEw2yFxoKGAgAEhRwdWItOTUxNzgzODk1Mzk2ODk5MA&sigh=X2-En5Go4ws&tpd=AGWhJmuCQff3F3sEnl_K5rz48xOyzJaYNDNmk5DUjWctkZNN4w
Requested by
Host: thetandd.com
URL: https://thetandd.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
truncated
/ Frame 600B 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3f3d967417d777c22af51304d6f11a652da4c3fe1aa553ba65baf8b67ac25256

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
i99g3gee_content_config_1617305079343.js
dkpklk99llpj0.cloudfront.net/ 		741 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dkpklk99llpj0.cloudfront.net/i99g3gee_content_config_1617305079343.js
Requested by
Host: d81mfvml8p5ml.cloudfront.net
URL: https://d81mfvml8p5ml.cloudfront.net/i99g3gee.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:4800:e:98bf:5f00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a5986af015b65afced1df1e2b5920c55790f2da55a963154befd162a13f981cf

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 19:31:19 GMT
via
1.1 e8640ab30463560abfb6a2665bafb393.cloudfront.net (CloudFront)
last-modified
Thu, 01 Apr 2021 19:24:40 GMT
server
AmazonS3
age
933283
etag
"08b2ce75b37089d3f59ec03fb7e4b900"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-length
741
x-amz-cf-id
tLtF41uP1_uy4ClOUqn9ZlUzbLv6yns_LmCZ_UNv8t_p1fkLkcevmA==
i99g3gee_1606137453919.js
dkpklk99llpj0.cloudfront.net/ 		48 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dkpklk99llpj0.cloudfront.net/i99g3gee_1606137453919.js
Requested by
Host: d81mfvml8p5ml.cloudfront.net
URL: https://d81mfvml8p5ml.cloudfront.net/i99g3gee.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:4800:e:98bf:5f00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
19ee3ded1fe83e848e9b5cb0831689460e07c7d3d867fc692c84dc1106086293

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 14:53:53 GMT
content-encoding
gzip
last-modified
Mon, 23 Nov 2020 13:17:46 GMT
server
AmazonS3
age
5010729
etag
W/"c1157a2d0ff0aa862fb2fbffb06ab4d1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 e8640ab30463560abfb6a2665bafb393.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
2DW-tTYRBStGUx0sP2o5G4nzCB3rJDM05MsZ0WE4dhLa7hd1E7lHvw==
v2
de.tynt.com/deb/ 		4 B
359 B 		Script
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?id=a9JORiXIKr5BlZrkHcnnVW&dn=RCIV&cc=1&r=
Requested by
Host: cdn.tynt.com
URL: https://cdn.tynt.com/rciv.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.183 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip183.208-100-17.static.steadfastdns.net
Software
/
Resource Hash
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:46:01 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-type
application/javascript
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
content-length
4
expires
Sat, 26 Jul 1997 05:00:00 GMT
AGSKWxXGojzCL2OIZx9IAiNwHYM4alIJ4b8mYB3UyLknfwcAgh_HZU1dfsWnmMr6l2v8fMec9sZTApqo1Zw5GaHqegb4VTJcz7KhYimdM0lACPAGb0x-rzZE0OUjfjWgjKUf9_oKcbatVDIaq71WTZXiCPBfLw6xJuwmg16IU92xu-z82eGETz-BF4_4NjQ=
fundingchoicesmessages.google.com/l/ 		0
339 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/l/AGSKWxXGojzCL2OIZx9IAiNwHYM4alIJ4b8mYB3UyLknfwcAgh_HZU1dfsWnmMr6l2v8fMec9sZTApqo1Zw5GaHqegb4VTJcz7KhYimdM0lACPAGb0x-rzZE0OUjfjWgjKUf9_oKcbatVDIaq71WTZXiCPBfLw6xJuwmg16IU92xu-z82eGETz-BF4_4NjQ=
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingCookieRefreshClientJs.en_US.nIoeUb6UopE.es5.O/d=1/ct=zgms/rs=AJlcJMwwdckUmb2Cr8erRi29UZYlyoT5wg/m=cookie_refresh
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ZCyzcH4PQXYUqvEk8rmyJA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-ZCyzcH4PQXYUqvEk8rmyJA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Apr 2021 14:46:01 GMT
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options
SAMEORIGIN
report-to
{"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type
text/html; charset=utf-8
access-control-allow-origin
https://thetandd.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-ZCyzcH4PQXYUqvEk8rmyJA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-ZCyzcH4PQXYUqvEk8rmyJA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXGojzCL2OIZx9IAiNwHYM4alIJ4b8mYB3UyLknfwcAgh_HZU1dfsWnmMr6l2v8fMec9sZTApqo1Zw5GaHqegb4VTJcz7KhYimdM0lACPAGb0x-rzZE0OUjfjWgjKUf9_oKcbatVDIaq71WTZXiCPBfLw6xJuwmg16IU92xu-z82eGETz-BF4_4NjQ=
fundingchoicesmessages.google.com/l/ 		0
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/l/AGSKWxXGojzCL2OIZx9IAiNwHYM4alIJ4b8mYB3UyLknfwcAgh_HZU1dfsWnmMr6l2v8fMec9sZTApqo1Zw5GaHqegb4VTJcz7KhYimdM0lACPAGb0x-rzZE0OUjfjWgjKUf9_oKcbatVDIaq71WTZXiCPBfLw6xJuwmg16IU92xu-z82eGETz-BF4_4NjQ=
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingCookieRefreshClientJs.en_US.nIoeUb6UopE.es5.O/d=1/ct=zgms/rs=AJlcJMwwdckUmb2Cr8erRi29UZYlyoT5wg/m=cookie_refresh
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-23Svp5iMMgrdfTeg4AbR/A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-23Svp5iMMgrdfTeg4AbR/A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Apr 2021 14:46:01 GMT
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options
SAMEORIGIN
report-to
{"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type
text/html; charset=utf-8
access-control-allow-origin
https://thetandd.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-23Svp5iMMgrdfTeg4AbR/A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-23Svp5iMMgrdfTeg4AbR/A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
sic.js
cdn-sic.33across.com/1/javascripts/ Frame B5D0 		404 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-sic.33across.com/1/javascripts/sic.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/b-49c6f47-a8e4a288.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.39.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Love
Resource Hash
1de0329efc2318d33d0465562faa725975a514327d7c5e01b23e45d9501cb494

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:46:02 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 05 Apr 2021 16:50:31 GMT
server
cloudflare
age
508737
x-powered-by
Love
etag
W/"606b3fd7-65149"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=3600
cf-ray
63ed3de74c7fcc46-ZRH
cf-request-id
09682504900000cc461d3a2000000001
expires
Mon, 12 Apr 2021 15:46:02 GMT
/
www.facebook.com/tr/ 		0
54 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryPNglFnds6evCnxA6

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Mon, 12 Apr 2021 14:46:02 GMT
content-type
text/plain
access-control-allow-origin
https://thetandd.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame A237
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: thetandd.com
URL: https://thetandd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date
Mon, 12 Apr 2021 14:46:02 GMT
x-content-type-options
nosniff
server
safe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
11896457697636447411
tpc.googlesyndication.com/daca_images/simgad/ Frame A237 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/11896457697636447411
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d3b972009072e66017f4e26bd865460d9d66fd602b7ed498d4e79f0e7db7f295
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Apr 2021 06:47:51 GMT
x-content-type-options
nosniff
age
547091
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25739
x-xss-protection
0
last-modified
Mon, 08 Mar 2021 18:34:11 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Apr 2022 06:47:51 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A237 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Apr 2021 14:36:54 GMT
x-content-type-options
nosniff
server
cafe
age
548
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Tue, 13 Apr 2021 14:36:54 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A237 		295 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 11 Apr 2021 22:17:05 GMT
x-content-type-options
nosniff
server
cafe
age
59337
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Mon, 12 Apr 2021 22:17:05 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 600B
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: thetandd.com
URL: https://thetandd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date
Mon, 12 Apr 2021 14:46:02 GMT
x-content-type-options
nosniff
server
safe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
um
cs.emxdgt.com/ Frame 4CA2 		0
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dbrealtime.com%26id%3D%24UID
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_pm-db5_rbd_n-emx_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:46:02 GMT
content-length
0
content-type
text/html
RX-d9009e1c-987b-4720-ab2e-7af5df831f4b-003
sync.targeting.unrulymedia.com/csync/ Frame 4CA2
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%5BRX_UUID%5D%26ex%3Drhythmone.com
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7590998347
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7590998347
  • https://sync.1rx.io/usersync/tradedesk/cebea4dd-aa17-47ff-bb31-4ffffaeed072
  • https://sync.1rx.io/usersync/tradedesk/cebea4dd-aa17-47ff-bb31-4ffffaeed072?zcc=1&dspret=0&cb=1618238762900
  • https://sync.targeting.unrulymedia.com/csync/RX-d9009e1c-987b-4720-ab2e-7af5df831f4b-003
43 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-d9009e1c-987b-4720-ab2e-7af5df831f4b-003
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_pm-db5_rbd_n-emx_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
213.19.147.151 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Apr 2021 14:46:06 GMT
Server
Tengine
Connection
keep-alive
Content-Length
43
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

Pragma
no-cache
Date
Mon, 12 Apr 2021 14:46:03 GMT
Server
Tengine
Transfer-Encoding
chunked
Content-Type
text/html
Location
https://sync.targeting.unrulymedia.com/csync/RX-d9009e1c-987b-4720-ab2e-7af5df831f4b-003
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
0
amzns2s
rtb.gumgum.com/usync/ Frame 5D14 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_pm-db5_rbd_n-emx_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.11.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-11-193.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4919a87e9b6050a2c1eaafd7bd612072a9f8b288198ff334aa61f763c3701c0d

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:46:02 GMT
content-type
text/html;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
set-cookie
vst=e_1d26cea6-a4e2-4bd0-b13d-0f03c372ec92; Domain=.gumgum.com; Expires=Tue, 12-Apr-2022 14:46:02 GMT; Path=/; Secure; SameSite=None
etag
W/"05300bfef7a24f2f9199e1761ee8990f9"
timing-allow-origin
*
content-encoding
gzip
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8732 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_pm-db5_rbd_n-emx_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.24.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
ETag
"1300708-1f78-5b232eb4914bb"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
2654
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=19430
Expires
Mon, 12 Apr 2021 20:09:52 GMT
Date
Mon, 12 Apr 2021 14:46:02 GMT
Connection
keep-alive
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 5357 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_pm-db5_rbd_n-emx_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 12 Apr 2021 14:46:02 GMT
Connection
keep-alive
Vary
Accept-Encoding
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 191D
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58252/sync?redir=true
  • https://ups.analytics.yahoo.com/ups/58252/sync?redir=true&verify=true
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=vmg.com&id=y-oPE7fGR1l2MFBGHHlLi637mHCRG5o9k-&
43 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=vmg.com&id=y-oPE7fGR1l2MFBGHHlLi637mHCRG5o9k-&
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_pm-db5_rbd_n-emx_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.116.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A5sBmXO0p0ISrzhFPJWn668; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Server
Date
Mon, 12 Apr 2021 14:46:02 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
User-Agent

Redirect headers

Date
Mon, 12 Apr 2021 14:46:02 GMT
Content-Length
0
Strict-Transport-Security
max-age=31536000
Set-Cookie
IDSYNC=18y4~1xj2;Version=1;Domain=.analytics.yahoo.com;Path=/;Max-Age=31622400;Expires=Wed, 13-Apr-2022 14:46:02 GMT;Secure;SameSite=None A3=d=AQABBCpddGACEED_uWH9QutgBO0VoaT9Dv8FEgEBAQGudWB-YAAAAAAA_SMAAA&S=AQAAAlzezXBdlv2rpJ0rG6DFHIA; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly B=fu3ntkhg78n9a&b=3&s=n4; Max-Age=31557600; Domain=.yahoo.com; Path=/
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=vmg.com&id=y-oPE7fGR1l2MFBGHHlLi637mHCRG5o9k-&
Age
0
Connection
keep-alive
Server
ATS/7.1.2.128
cm
u.openx.net/w/1.0/ Frame 9491
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BO...
  • https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3...
628 B
725 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_pm-db5_rbd_n-emx_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.205.2 /
Resource Hash
ef695bc65d0af62aaa445e6190c1adb80d8caaa48d910fabc546074a27186fbd

Request headers

:method
GET
:authority
u.openx.net
:scheme
https
:path
/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=11baac6c-1571-059f-396a-731478459116|1618238762
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=11baac6c-1571-059f-396a-731478459116|1618238762; Version=1; Expires=Tue, 12-Apr-2022 14:46:02 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1618238762|gen0vNiygu; Version=1; Expires=Tue, 27-Apr-2021 14:46:02 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.205.2
p3p
CP="CUR ADM OUR NOR STA NID"
date
Mon, 12 Apr 2021 14:46:02 GMT
content-type
text/html
content-length
393
content-encoding
gzip
via
1.1 google
alt-svc
clear

Redirect headers

set-cookie
i=11baac6c-1571-059f-396a-731478459116|1618238762; Version=1; Expires=Tue, 12-Apr-2022 14:46:02 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.205.2
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
date
Mon, 12 Apr 2021 14:46:02 GMT
content-length
0
via
1.1 google
alt-svc
clear
ecm3
aax-eu.amazon-adsystem.com/s/ Frame CA81
Redirect Chain
  • https://ib.adnxs.com/getuid?https://aax-eu.amazon-adsystem.com/s/ecm3?id=$UID&ex=districtm
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID%26ex%3Ddistrictm
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=3379688932302077392&ex=districtm
43 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=3379688932302077392&ex=districtm
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_pm-db5_rbd_n-emx_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.116.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A5sBmXO0p0ISrzhFPJWn668; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Server
Date
Mon, 12 Apr 2021 14:46:02 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
User-Agent

Redirect headers

Server
nginx/1.17.9
Date
Mon, 12 Apr 2021 14:46:02 GMT
Content-Type
text/html; charset=utf-8
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, private
Pragma
no-cache
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection
0
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Location
https://aax-eu.amazon-adsystem.com/s/ecm3?id=3379688932302077392&ex=districtm
AN-X-Request-Uuid
61095ae2-1edc-497f-b142-45d5f4fa0e37
Set-Cookie
uuid2=3379688932302077392; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 11-Jul-2021 14:46:02 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.155:80
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 796C
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=2
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smart.com&id=4228973117919614511
43 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smart.com&id=4228973117919614511
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_pm-db5_rbd_n-emx_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.116.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A5sBmXO0p0ISrzhFPJWn668; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Server
Date
Mon, 12 Apr 2021 14:46:02 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
User-Agent

Redirect headers

date
Mon, 12 Apr 2021 14:46:02 GMT
content-length
0
location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smart.com&id=4228973117919614511
set-cookie
pid=4228973117919614511; expires=Fri, 13 May 2022 14:45:02 GMT; domain=smartadserver.com; path=/; samesite=None; secure; samesite=none
ecm3
aax-eu.amazon-adsystem.com/s/ Frame D4C5
Redirect Chain
  • https://ib.adnxs.com/getuid?https://aax-eu.amazon-adsystem.com/s/ecm3?id=$UID&ex=appnexus.com
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=7769385388755896664&ex=appnexus.com
43 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=7769385388755896664&ex=appnexus.com
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_pm-db5_rbd_n-emx_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.116.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A5sBmXO0p0ISrzhFPJWn668; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Server
Date
Mon, 12 Apr 2021 14:46:02 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
User-Agent

Redirect headers

Server
nginx/1.17.9
Date
Mon, 12 Apr 2021 14:46:02 GMT
Content-Type
text/html; charset=utf-8
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, private
Pragma
no-cache
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection
0
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Location
https://aax-eu.amazon-adsystem.com/s/ecm3?id=7769385388755896664&ex=appnexus.com
AN-X-Request-Uuid
4e2942ac-f98e-4a48-b683-b5b9c32b1096
Set-Cookie
uuid2=7769385388755896664; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 11-Jul-2021 14:46:02 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.250:80
Cookie set amazon
ap.lijit.com/beacon/ Frame 0EE5
Redirect Chain
  • https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com
  • https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_pm-db5_rbd_n-emx_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.114.137 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
d1443b0add223e48ea905e4ac594b20165ab5f241ec66e5fce39b77730b201cd

Request headers

Host
ap.lijit.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ljt_reader=614e00ba770641c99d071dcb
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
nginx
Date
Mon, 12 Apr 2021 14:46:02 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Vary
Accept-Encoding
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Set-Cookie
ljtrtbexp=eJyrVjIzU7IyNDO0NDGxMDYz0lGyMEblG6HxTdHUG0H4FkYWhpZmRrUAna8Qag%3D%3D;Path=/;Domain=.lijit.com;Expires=Tue, 12-Apr-2022 14:46:02 GMT;Max-Age=31536000;Secure;SameSite=None ljt_reader=614e00ba770641c99d071dcb;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
Content-Encoding
gzip
X-Sovrn-Pod
ad_ap6ewr1

Redirect headers

Server
nginx
Date
Mon, 12 Apr 2021 14:46:02 GMT
Content-Length
0
Set-Cookie
ljt_reader=614e00ba770641c99d071dcb;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap6ewr1
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 6512
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=1&cmp_cs=&us_privacy=&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=6784892783565280337
43 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=6784892783565280337
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_pm-db5_rbd_n-emx_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.116.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A5sBmXO0p0ISrzhFPJWn668; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Server
Date
Mon, 12 Apr 2021 14:46:02 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
User-Agent

Redirect headers

date
Mon, 12 Apr 2021 14:46:02 GMT
content-length
0
location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=6784892783565280337
set-cookie
tluid=6784892783565280337; Max-Age=7776000; Expires=Sun, 11 Jul 2021 14:46:02 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
cache-control
no-cache, no-store, must-revalidate
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
v2
de.tynt.com/deb/ 		4 B
258 B 		Script
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?m=xch&id=a9JORiXIKr5BlZrkHcnnVW&dn=RCIV&cc=1&r=
Requested by
Host: cdn.tynt.com
URL: https://cdn.tynt.com/rciv.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.183 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip183.208-100-17.static.steadfastdns.net
Software
/
Resource Hash
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:46:01 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-type
application/javascript
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
content-length
4
expires
Sat, 26 Jul 1997 05:00:00 GMT
14000038848564449166
tpc.googlesyndication.com/simgad/ Frame 600B 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14000038848564449166?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qlURejMLkUo2AkWcI6uxA79l6ToDw
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7fa2af707030ba4bef85e450f06c59dcb386e5091cd04aa6e06b56e8bd1cceb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Apr 2021 02:28:41 GMT
x-content-type-options
nosniff
last-modified
Wed, 31 Mar 2021 08:03:26 GMT
server
sffe
age
562641
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27880
x-xss-protection
0
expires
Wed, 06 Apr 2022 02:28:41 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 600B 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Apr 2021 14:36:54 GMT
x-content-type-options
nosniff
server
cafe
age
548
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Tue, 13 Apr 2021 14:36:54 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 600B 		295 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 11 Apr 2021 22:17:05 GMT
x-content-type-options
nosniff
server
cafe
age
59337
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Mon, 12 Apr 2021 22:17:05 GMT
/
am.freshrelevance.com/tpc/ Frame B172 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://am.freshrelevance.com/tpc/
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.87.121 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
afa2402b39934294e891a49978c1227cca1667c7e4431866077b0db5707c29a5

Request headers

:method
GET
:authority
am.freshrelevance.com
:scheme
https
:path
/tpc/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://thetandd.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://thetandd.com/

Response headers

date
Mon, 12 Apr 2021 14:46:02 GMT
content-length
4662
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, must-revalidate
view
securepubads.g.doubleclick.net/pcs/ Frame B5D0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst7iAfZAbA-EbvoVRwht9C4XhAf9V4B32qSw1UoGmZh4dpBOkh5hefV82t35ELItdL5-MzMT52FIaK9F8r-XWMrGY02BReUvqYY7IIistTp6ZYZnrlyH2zceSvraM9LXnTzUcoLGVJLjAxoNHOd73JiQeUkRrPk7nUvroOXn_M99t88YHKsmJ2xXy_5tAzvWRgqQPTzb6Ye3PBiSuLLXxVNMr_YGZgqS-C3b_jLetMDA4sX1u9nn-_O9n4duZF1UUpUs0Ip74sxx3k40fU16eCa-3eQrqDqwJo44OEmpP60cVbeE-Tm&sig=Cg0ArKJSzKny55KZrmwrEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Apr 2021 14:46:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 12 Apr 2021 14:46:02 GMT
sic.css
cdn-sic.33across.com/1/stylesheets/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-sic.33across.com/1/stylesheets/sic.css
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.39.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Love
Resource Hash
4c821f2d169369324022057e9948ed8f9d45794d18b6c8c3fbbba900bb65158c

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:46:02 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 05 Apr 2021 16:50:31 GMT
server
cloudflare
age
508735
x-powered-by
Love
etag
W/"606b3fd7-1c90"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=3600
cf-ray
63ed3dea8a2acc46-ZRH
cf-request-id
096825069a0000cc463b2da000000001
expires
Mon, 12 Apr 2021 15:46:02 GMT
ast.js
acdn.adnxs.com/ast/ Frame 8931 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ast/ast.js
Requested by
Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
1ffb3eb67476de4a642893eefb2ffd33e62c7474808fc21438d5a961cd4982f6

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Apr 2021 14:46:02 GMT
Content-Encoding
gzip
Age
85697
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
30966
X-Served-By
cache-lga21967-LGA, cache-hhn4039-HHN
Access-Control-Allow-Origin
*
Last-Modified
Tue, 09 Feb 2021 14:55:39 GMT
Server
nginx/1.13.10
X-Timer
S1618238763.737547,VS0,VE0
ETag
W/"6022a26b-15c8c"
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 varnish, 1.1 varnish
Expires
Wed, 10 Feb 2021 14:55:43 GMT
Cache-Control
max-age=86402
Accept-Ranges
bytes
X-Cache-Hits
1, 123220
apstag.js
c.amazon-adsystem.com/aax2/ Frame 1C29 		119 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.32.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-32-122.ham50.r.cloudfront.net
Software
Server /
Resource Hash
2caa4dce1746cb73f218a783291388a3eb600753578f116b381bdf7ecdfc13e9

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
GYObFiYQFsAPpwZjonnhqGiTvSP1inUf
content-encoding
gzip
server
Server
age
59674
etag
9e0e0829d91a39f75ba9ebfdbaf1f5a9
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 a69bfd4d39a9b992855d914318a2c367.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
date
Sun, 11 Apr 2021 22:11:28 GMT
x-amz-cf-pop
HAM50-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
dduWgCmiPeB5QpyXH93txaEXtanyPQg5R3g47xHepM4Wt00dcSmHFA==
authorize
sic.33across.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sic.33across.com/authorize?usPrivacy=&version=3.16.0&agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&product=inview&userId=&sessionId=&publisherURL=https%3A%2F%2Fthetandd.com%2F&referrerURL=&publisherId=a9JORiXIKr5BlZrkHcnnVW&publisher=lee728.net&maxTouchPoints=0&navigatorPropsCount=56&viewportWidth=1600&viewportHeight=1200&screenWidth=1600&screenHeight=1200&screenAvailHeight=1200&devicePixelRatio=1&scrollX=0&scrollY=0&pageVisibility=visible&pageWidth=1600&pageHeight=5560&_=1618238762644&callback=_tynt_jp.afk5tutsd
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.110.23 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip23.67-202-110.static.steadfastdns.net
Software
/ Love
Resource Hash
91e513f8aebd9362d283abe1b3b375e5f1cb6dbb95747bcb00f2ea4c179c49de
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:46:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-powered-by
Love
etag
W/"631-MT6huolFUtHhzzgdkxrgDj0WaaQ"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
access-control-allow-origin
*
access-control-allow-credentials
true
content-type
text/javascript; charset=utf-8
access-control-allow-headers
X-Requested-With, Authorization
showad.js
ads.pubmatic.com/AdServer/js/ Frame 8C8D 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.24.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
6f80d2ce30fd487ef699cbde41c7c334981b9c49d5ac09de4023346911b10696

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID

Response headers

Last-Modified
Thu, 01 Apr 2021 09:51:48 GMT
ETag
"13006b6-98c9-5bee62e0efabf"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14061
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=137927
Expires
Wed, 14 Apr 2021 05:04:49 GMT
Date
Mon, 12 Apr 2021 14:46:02 GMT
Connection
keep-alive
Vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame 5357 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
2a9919dba758e9c6b34949c20ea05be4ec312381d469584837a21f244e1b536c

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Apr 2021 14:46:02 GMT
Content-Encoding
gzip
Last-Modified
Wed, 31 Mar 2021 23:26:33 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=81204
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9419
Expires
Tue, 13 Apr 2021 13:19:26 GMT
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 9491 		43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=openx.com&id=9ac0ef48-a05c-8192-a3b2-396b7451690b
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.116.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Apr 2021 14:46:02 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 9491
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=L7rEGyzuwU406MAXe-_eHSC_lh80vsAdKrjqDJpZ
43 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=L7rEGyzuwU406MAXe-_eHSC_lh80vsAdKrjqDJpZ
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.205.2 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 14:46:02 GMT
via
1.1 google
server
OXGW/16.205.2
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 12 Apr 2021 14:46:02 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=L7rEGyzuwU406MAXe-_eHSC_lh80vsAdKrjqDJpZ
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 9491
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=510790275478677492
  • https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=510790275478677492
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=510790275478677492
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.205.2 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 14:46:03 GMT
via
1.1 google
server
OXGW/16.205.2
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=510790275478677492
date
Mon, 12 Apr 2021 14:46:02 GMT
via
1.1 google
server
OXGW/16.205.2
alt-svc
clear
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
openx
match.adsrvr.org/track/cmf/ Frame 9491 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=c2169335-bcf6-3a68-63bc-bbfc1c62a2eb&gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.90.176 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 14:46:02 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 9491 		170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZWU3OTQwZmYtNzU4MS02NGNjLTc2NWMtZTE0NWQ2ODA2Yzhi
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 14:46:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 9491
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE484n8foz-BSQ_-nKo0PIc&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE484n8foz-BSQ_-nKo0PIc&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.205.2 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 14:46:02 GMT
via
1.1 google
server
OXGW/16.205.2
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 12 Apr 2021 14:46:02 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE484n8foz-BSQ_-nKo0PIc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync
rtb.gumgum.com/ Frame 5D14
Redirect Chain
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
  • https://rtb.gumgum.com/usersync?b=apn&i=7769385388755896664
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=apn&i=7769385388755896664
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.11.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-11-193.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 14:46:03 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 12 Apr 2021 14:46:02 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.149:80
AN-X-Request-Uuid
cca97e39-ee72-4bc9-80db-d017b32c88f6
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://rtb.gumgum.com/usersync?b=apn&i=7769385388755896664
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
rtb.gumgum.com/ Frame 5D14
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_1d26cea6-a4e2-4bd0-b13d-0f03c372ec92&gdpr=&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_1d26cea6-a4e2-4bd0-b13d-0f03c372ec92&gdpr=&gdpr_consent=&us_privacy=
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=75440d69-d0e7-41e7-bdf7-eb28d4b43ee6
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=75440d69-d0e7-41e7-bdf7-eb28d4b43ee6
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=c41f1362-3fa9-4310-9b5e-3359dd8d0156&ssp=gumgum2&expires=30&user_group=5&bsw_param=75440d69-d0e7-41e7-bdf7-eb28d4b43ee6
  • https://rtb.gumgum.com/usersync?b=bsw&i=d381be2d-4deb-44a8-b3af-fabaa8abb167
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=bsw&i=d381be2d-4deb-44a8-b3af-fabaa8abb167
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.11.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-11-193.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 14:46:03 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
//rtb.gumgum.com/usersync?b=bsw&i=d381be2d-4deb-44a8-b3af-fabaa8abb167
date
Mon, 12 Apr 2021 14:46:03 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
usersync
rtb.gumgum.com/ Frame 5D14
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%28oYCZlwvfKi8WyYRJQWcoyasstL0ZAm8N08_Fy1V2DHHirRr0Fv0DyqdJHPiyLeEQ%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26pla...
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=obn&i=ENC%28oYCZlwvfKi8WyYRJQWcoyasstL0ZAm8N08_Fy1V2DHHirRr0Fv0DyqdJHPiyLeEQ%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28oYCZlwvfKi8WyYRJQWcoyasstL0ZAm8N08_Fy1V2DHHirRr0Fv0DyqdJHPiyLeEQ%29
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.11.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-11-193.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 14:46:03 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=obn&i=ENC%28oYCZlwvfKi8WyYRJQWcoyasstL0ZAm8N08_Fy1V2DHHirRr0Fv0DyqdJHPiyLeEQ%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28oYCZlwvfKi8WyYRJQWcoyasstL0ZAm8N08_Fy1V2DHHirRr0Fv0DyqdJHPiyLeEQ%29
Date
Mon, 12 Apr 2021 14:46:03 GMT
Connection
close
X-TraceId
fb80ee9411dc5d3879ea5c48af245bc7
Content-Length
0
usersync
rtb.gumgum.com/ Frame 5D14
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://rtb.gumgum.com/usersync?b=opx&i=352b3745-94e3-023e-04c7-ab11d432a3ad
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=opx&i=352b3745-94e3-023e-04c7-ab11d432a3ad
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.11.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-11-193.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 14:46:02 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Mon, 12 Apr 2021 14:46:02 GMT
content-encoding
gzip
server
OXGW/16.205.2
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://rtb.gumgum.com/usersync?b=opx&i=352b3745-94e3-023e-04c7-ab11d432a3ad
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
usersync
rtb.gumgum.com/ Frame 5D14
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=sta&i=0-4251fe87-982f-4bb9-767d-be8eaa14d90b$ip$185.156.175.107
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=sta&i=0-4251fe87-982f-4bb9-767d-be8eaa14d90b$ip$185.156.175.107
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.11.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-11-193.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 14:46:06 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=sta&i=0-4251fe87-982f-4bb9-767d-be8eaa14d90b$ip$185.156.175.107
Date
Mon, 12 Apr 2021 14:46:06 GMT
Connection
keep-alive
Content-Length
124
Content-Type
text/html; charset=utf-8
usersync
rtb.gumgum.com/ Frame 5D14
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=oth&i=y-uR4EXmBE2pdzoKFJGGBWZHWBGp7RpRG74nRf~A
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=oth&i=y-uR4EXmBE2pdzoKFJGGBWZHWBGp7RpRG74nRf~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.11.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-11-193.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 14:46:03 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Mon, 12 Apr 2021 14:46:02 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://rtb.gumgum.com/usersync?b=oth&i=y-uR4EXmBE2pdzoKFJGGBWZHWBGp7RpRG74nRf~A
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
usersync
rtb.gumgum.com/ Frame 5D14
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3...
  • https://rtb.gumgum.com/usersync?b=vnt&i=cde85ccb-9b9d-11eb-92c8-493c66029fd8
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=vnt&i=cde85ccb-9b9d-11eb-92c8-493c66029fd8
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.11.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-11-193.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 14:46:03 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=vnt&i=cde85ccb-9b9d-11eb-92c8-493c66029fd8
Date
Mon, 12 Apr 2021 14:46:02 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
cde85ccc-9b9d-11eb-92c8-493c66029fd8
services
sync.technoratimedia.com/ Frame 5D14 		0
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
193.122.130.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:46:03 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
955252244
access-control-allow-origin
https://rtb.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame 5D14 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:46:03 GMT
content-length
0
server
b
usersync
rtb.gumgum.com/ Frame 5D14
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_1d26cea6-a4e2-4bd0-b13d-0f03c372ec92&gdpr=&gdpr_consent=&us_privacy=
  • https://rtb.gumgum.com/usersync?b=zem&i=
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=zem&i=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.11.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-11-193.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 14:46:04 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=zem&i=
Pragma
no-cache
Date
Mon, 12 Apr 2021 14:46:04 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
67
Content-Type
text/html; charset=utf-8
usersync
rtb.gumgum.com/ Frame 5D14
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://rtb.gumgum.com/usersync?b=idi&i=64a58cb9-e899-4b34-884d-7757ed49c16e
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=idi&i=64a58cb9-e899-4b34-884d-7757ed49c16e
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.11.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-11-193.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 14:46:03 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=idi&i=64a58cb9-e899-4b34-884d-7757ed49c16e
date
Mon, 12 Apr 2021 14:46:03 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
RX-d9009e1c-987b-4720-ab2e-7af5df831f4b-003
sync.targeting.unrulymedia.com/csync/ Frame 5D14
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-d9009e1c-987b-4720-ab2e-7af5df831f4b-003&rndcb=2241121127
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=d381be2d-4deb-44a8-b3af-fabaa8abb167&google_hm=ZDM4MWJlMmQtNGRlYi00NGE4LWIzYWYtZmFiYWE4YWJi...
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEOtorA0qe7Q2KA1RWvlv58M&google_cver=1&ssp=adconductor&bsw_param=d381be2d-4deb-44a8-b3af-fabaa8abb167
  • https://sync.1rx.io/usersync/bidswitch/d381be2d-4deb-44a8-b3af-fabaa8abb167?gdpr=&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-d9009e1c-987b-4720-ab2e-7af5df831f4b-003
43 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-d9009e1c-987b-4720-ab2e-7af5df831f4b-003
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
213.19.147.151 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Apr 2021 14:46:06 GMT
Server
Tengine
Connection
keep-alive
Content-Length
43
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

Pragma
no-cache
Date
Mon, 12 Apr 2021 14:46:03 GMT
Server
Tengine
Transfer-Encoding
chunked
Content-Type
text/html
Location
https://sync.targeting.unrulymedia.com/csync/RX-d9009e1c-987b-4720-ab2e-7af5df831f4b-003
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
0
usersync
rtb.gumgum.com/ Frame 5D14
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://rtb.gumgum.com/usersync?b=pln&i=MN7tsub6Fpln&ev=1&pid=558355
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=pln&i=MN7tsub6Fpln&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.11.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-11-193.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 14:46:07 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://rtb.gumgum.com/usersync?b=pln&i=MN7tsub6Fpln&ev=1&pid=558355
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-7c488d4f5b-wtc75
expires
-1
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 5D14 		43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=gg.com&id=e_1d26cea6-a4e2-4bd0-b13d-0f03c372ec92
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.116.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Apr 2021 14:46:03 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usersync
rtb.gumgum.com/ Frame EB7B
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://rtb.gumgum.com/usersync?b=mmh&i=a4a86074-5d2a-4400-b2c0-b7c48c9f9501&gdpr=&gdpr_consent=
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=mmh&i=a4a86074-5d2a-4400-b2c0-b7c48c9f9501&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.11.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-11-193.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=mmh&i=a4a86074-5d2a-4400-b2c0-b7c48c9f9501&gdpr=&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Mon, 12 Apr 2021 14:46:03 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Mon, 12 Apr 2021 14:45:57 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=360
Server
MT3 3660 495c301 master zrh-pixel-x27
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie
uuid=a4a86074-5d2a-4400-b2c0-b7c48c9f9501; domain=.mathtag.com; path=/; expires=Tue, 10-May-2022 14:46:02 GMT; SameSite=None; Secure
location
https://rtb.gumgum.com/usersync?b=mmh&i=a4a86074-5d2a-4400-b2c0-b7c48c9f9501&gdpr=&gdpr_consent=
Expires
Mon, 12 Apr 2021 14:45:56 GMT
URnmbSKM
sync-tm.everesttech.net/ct/upi/pid/ Frame 90C9
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=YHRdLQAAI6D-TgA0
85 B
161 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=YHRdLQAAI6D-TgA0
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

:method
GET
:authority
sync-tm.everesttech.net
:scheme
https
:path
/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=YHRdLQAAI6D-TgA0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
everest_g_v2=g_surferid~YHRdLQAAFppV2ABQ
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

content-type
image/png
server
Jetty(9.4.35.v20201120)
accept-ranges
bytes
date
Mon, 12 Apr 2021 14:46:05 GMT
via
1.1 varnish
age
2993
x-served-by
cache-fra19138-FRA
x-cache
HIT
x-cache-hits
13786
x-timer
S1618238766.532831,VS0,VE0
cache-control
no-cache
pragma
no-cache
content-length
85

Redirect headers

p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
set-cookie
everest_g_v2=g_surferid~YHRdLQAAI6D-TgA0; Path=/; Domain=.everesttech.net; Expires=Tue, 12-Apr-2022 14:46:05 GMT; Max-Age=31536000;SameSite=None;Secure
location
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=YHRdLQAAI6D-TgA0
server
Jetty(9.4.35.v20201120)
accept-ranges
bytes
date
Mon, 12 Apr 2021 14:46:05 GMT
via
1.1 varnish
x-served-by
cache-fra19138-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1618238765.408793,VS0,VE89
cache-control
no-cache
pragma
no-cache
content-length
0
pixel
cm.g.doubleclick.net/ Frame 1FC5 		170 B
232 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8xZDI2Y2VhNi1hNGUyLTRiZDAtYjEzZC0wZjAzYzM3MmVjOTI=&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

:method
GET
:authority
cm.g.doubleclick.net
:scheme
https
:path
/pixel?google_nid=gumgum_dbm&google_hm=ZV8xZDI2Y2VhNi1hNGUyLTRiZDAtYjEzZC0wZjAzYzM3MmVjOTI=&gdpr=&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUmlyGnw4dqWdgwrWqglRIfQo9gPe0uVFGC7-kxYRZC3bicoh0jjaXNuPp4tWlc; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

content-type
image/png
date
Mon, 12 Apr 2021 14:46:02 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
server
HTTP server (unknown)
content-length
170
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E485 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.24.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://rtb.gumgum.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
ETag
"1300708-1f78-5b232eb4914bb"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
2654
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=19430
Expires
Mon, 12 Apr 2021 20:09:52 GMT
Date
Mon, 12 Apr 2021 14:46:02 GMT
Connection
keep-alive
Vary
Accept-Encoding
usersync
rtb.gumgum.com/ Frame BFAD
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=ttd&i=cebea4dd-aa17-47ff-bb31-4ffffaeed072&t=1620830762
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=ttd&i=cebea4dd-aa17-47ff-bb31-4ffffaeed072&t=1620830762
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.11.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-11-193.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=ttd&i=cebea4dd-aa17-47ff-bb31-4ffffaeed072&t=1620830762
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_1d26cea6-a4e2-4bd0-b13d-0f03c372ec92
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Mon, 12 Apr 2021 14:46:02 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Mon, 12 Apr 2021 14:46:02 GMT
content-type
text/html
content-length
209
location
https://rtb.gumgum.com/usersync?b=ttd&i=cebea4dd-aa17-47ff-bb31-4ffffaeed072&t=1620830762
cache-control
private,no-cache, must-revalidate
pragma
no-cache
x-aspnet-version
4.0.30319
set-cookie
TDID=cebea4dd-aa17-47ff-bb31-4ffffaeed072; domain=.adsrvr.org; expires=Tue, 12-Apr-2022 14:46:02 GMT; path=/; secure; SameSite=None TDCPM=CAEYBSABKAIyCwjEs-nPjfO-ORAFOAE.; domain=.adsrvr.org; expires=Tue, 12-Apr-2022 14:46:02 GMT; path=/; secure; SameSite=None
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
um
cs.emxdgt.com/ Frame E95C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?redirect=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

:method
GET
:authority
cs.emxdgt.com
:scheme
https
:path
/um?redirect=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

content-type
text/html
date
Mon, 12 Apr 2021 14:46:02 GMT
content-length
0
usersync
rtb.gumgum.com/ Frame A8D4
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://rtb.gumgum.com/usersync?b=sus&i=YHRdLMCo8ZUAAF4QTFUAAAAA
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=sus&i=YHRdLMCo8ZUAAF4QTFUAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.11.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-11-193.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=sus&i=YHRdLMCo8ZUAAF4QTFUAAAAA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Mon, 12 Apr 2021 14:46:04 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Server
nginx
Date
Mon, 12 Apr 2021 14:46:04 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
private
Location
https://rtb.gumgum.com/usersync?b=sus&i=YHRdLMCo8ZUAAF4QTFUAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Set-Cookie
SOC=YHRdLMCo8ZUAAF4QTFUAAAAA; path=/; expires=Wed, 12-Apr-23 14:46:04 GMT; domain=socdm.com; secure; SameSite=None
X-SO-Ads-Time
20
X-SO-HostName
a-ad40014.dc2p.scaleout.jp
X-SO-LB-Hostname
m-tgng49.dc4p.scaleout.jp
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":49,"gdpr":false,"ipv4":"185.156.175.107","key":"YHRdLMCo8ZUAAF4QTFUAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40014"}
X-SO-Key
YHRdLMCo8ZUAAF4QTFUAAAAA
X-SO-IP
185.156.175.107
X-SO-Cluster-ID
49
X-SO-Upstream-ID
a-ad40014
usersync
rtb.gumgum.com/ Frame E37A
Redirect Chain
  • https://p.rfihub.com/cm?pub=42796&in=1
  • https://rtb.gumgum.com/usersync?b=zet&i=2159827870144492042
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=zet&i=2159827870144492042
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.11.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-11-193.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=zet&i=2159827870144492042
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Mon, 12 Apr 2021 14:46:03 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Mon, 12 Apr 2021 14:46:03 GMT
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie
eud=H4sIAAAAAAAAAFslxmtoZmhhZGxhbmZsYWEAALTvJG8QAAAA; Path=/; Domain=.rfihub.com; Expires=Sat, 7 May 2022 14:46:03 GMT; Secure; SameSite=None rud=H4sIAAAAAAAAAOMSNjI0tbQwMrcwNzA0MTGxNDIwMRLiM9T1D6hMtMjxLkkLzA-T4jU0M7QwMrYwNzO2sDAAACLW0O80AAAA; Path=/; Domain=.rfihub.com; Expires=Sat, 7 May 2022 14:46:03 GMT; Secure; SameSite=None ruds=H4sIAAAAAAAAAOMSNjI0tbQwMrcwNzA0MTGxNDIwMRLiM9T1D6hMtMjxLkkLzA8DAPck-oglAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
Location
https://rtb.gumgum.com/usersync?b=zet&i=2159827870144492042
Content-Length
0
Server
Jetty(9.3.29.v20201019)
usersync
rtb.gumgum.com/ Frame E0FC
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://rtb.gumgum.com/usersync?b=rth&i=cXd043r9gBI5ExKLi3r4&pi=gumgum&tc=1
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=rth&i=cXd043r9gBI5ExKLi3r4&pi=gumgum&tc=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.11.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-11-193.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=rth&i=cXd043r9gBI5ExKLi3r4&pi=gumgum&tc=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Mon, 12 Apr 2021 14:46:03 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Mon, 12 Apr 2021 14:46:03 GMT Mon, 12 Apr 2021 14:46:03 GMT
location
https://rtb.gumgum.com/usersync?b=rth&i=cXd043r9gBI5ExKLi3r4&pi=gumgum&tc=1
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
content-length
0
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 1C29 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.32.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-32-122.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 11 Apr 2021 19:17:20 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
age
70123
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 07 Apr 2021 05:49:36 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
eEYYOb32LZFr6yGAi8hXG4401uAIPew2
via
1.1 445645406967c3b88124f0bfd26a1030.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
HAM50-C1
content-type
application/javascript
x-amz-cf-id
xjnavSiPldAKUzQFcFhxL6mGzi1zwbzlb318CDY2imfIqTOkqfH24Q==
PugMaster
image6.pubmatic.com/AdServer/ Frame 8C8D 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=25817907&p=156657&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
bfb7c1c05ebbab46a26ee41585114b47acb2b9268217bb556c800ac9c10d67fc

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Apr 2021 14:46:01 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
showad.js
ads.pubmatic.com/AdServer/js/ Frame 5FF7 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.24.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
6f80d2ce30fd487ef699cbde41c7c334981b9c49d5ac09de4023346911b10696

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KCCH=YES
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=

Response headers

Last-Modified
Thu, 01 Apr 2021 09:51:48 GMT
ETag
"13006b6-98c9-5bee62e0efabf"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14061
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=137927
Expires
Wed, 14 Apr 2021 05:04:49 GMT
Date
Mon, 12 Apr 2021 14:46:02 GMT
Connection
keep-alive
Vary
Accept-Encoding
khaos.jpg
token.rubiconproject.com/ Frame 5357 		284 B
921 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_pm-db5_rbd_n-emx_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type
image/jpg
get
am.freshrelevance.com/ 		1 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://am.freshrelevance.com/get?data=%7B%22type%22%3A%22heartbeat%22%2C%22data%22%3A%7B%22c%22%3A%22gisv7pksfk%22%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36%22%2C%22w%22%3A%22i99g3gee%22%7D%7D
Requested by
Host: dkpklk99llpj0.cloudfront.net
URL: https://dkpklk99llpj0.cloudfront.net/i99g3gee_1606137453919.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.87.121 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 12 Apr 2021 14:46:06 GMT
content-type
text/plain; charset=utf-8
usersync.aspx
dis.criteo.com/dis/ Frame 543C 		43 B
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=25817907&p=156657&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache
pragma
no-cache
content-type
image/gif
expires
Mon, 12 Apr 2021 00:00:00 GMT
server
Microsoft-IIS/10.0
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks
1295
x-powered-by
ASP.NET
date
Mon, 12 Apr 2021 14:46:02 GMT
content-length
43
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame BE17
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8632558477689808783
42 B
769 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8632558477689808783
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=25817907&p=156657&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KRTBCOOKIE_57=22776-3148030127967200618; PUBMDCID=3; KRTBCOOKIE_80=16514-CAESEG4SaQDO9ZWs1Fevn-HO7YY&KRTB&22987-CAESEG4SaQDO9ZWs1Fevn-HO7YY&KRTB&23025-CAESEG4SaQDO9ZWs1Fevn-HO7YY; KRTBCOOKIE_153=1923-HBMU4x9HEbUHEkK0TEcO4RJAE-8HEBHkThXtuJo8&KRTB&19420-HBMU4x9HEbUHEkK0TEcO4RJAE-8HEBHkThXtuJo8&KRTB&22979-HBMU4x9HEbUHEkK0TEcO4RJAE-8HEBHkThXtuJo8; KRTBCOOKIE_188=3189-1f547421-ceda-4bd9-99b2-c4e71189d36c-60745d2c-4348; KRTBCOOKIE_218=22978-YHRdLQAAFppV2ABQ&KRTB&23194-YHRdLQAAFppV2ABQ&KRTB&23209-YHRdLQAAFppV2ABQ&KRTB&23244-YHRdLQAAFppV2ABQ; KRTBCOOKIE_1101=23040-6950282577090246797; PugT=1618238766; KRTBCOOKIE_409=22966-yqhJN4Z7LycL2D3493WzWoTW
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Mon, 12 Apr 2021 14:46:06 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_336=5844-8632558477689808783; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 12-May-2021 14:46:06 GMT; path=/ PugT=1618238766; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 12-May-2021 14:46:06 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 11-Jul-2021 14:46:06 GMT; path=/
X-lat
lhrpug002:0:563
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8632558477689808783
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame 0893
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEUFFVN0E2TG9BQUNsQ0RkQ0dlUQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEUFFVN0E2TG9BQUNsQ0RkQ0dlUQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AADPQU7A6LoAAClCDdCGeQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%2...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AADPQU7A6LoAAClCDdCGeQ&pid=558502&do=add
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AADPQU7A6LoAAClCDdCGeQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_part...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=2775234367348692613
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADPQU7A6LoAAClCDdCGeQ
42 B
773 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADPQU7A6LoAAClCDdCGeQ
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=25817907&p=156657&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KRTBCOOKIE_57=22776-3148030127967200618; PUBMDCID=3; KRTBCOOKIE_80=16514-CAESEG4SaQDO9ZWs1Fevn-HO7YY&KRTB&22987-CAESEG4SaQDO9ZWs1Fevn-HO7YY&KRTB&23025-CAESEG4SaQDO9ZWs1Fevn-HO7YY; KRTBCOOKIE_153=1923-HBMU4x9HEbUHEkK0TEcO4RJAE-8HEBHkThXtuJo8&KRTB&19420-HBMU4x9HEbUHEkK0TEcO4RJAE-8HEBHkThXtuJo8&KRTB&22979-HBMU4x9HEbUHEkK0TEcO4RJAE-8HEBHkThXtuJo8; KRTBCOOKIE_188=3189-1f547421-ceda-4bd9-99b2-c4e71189d36c-60745d2c-4348; KRTBCOOKIE_218=22978-YHRdLQAAFppV2ABQ&KRTB&23194-YHRdLQAAFppV2ABQ&KRTB&23209-YHRdLQAAFppV2ABQ&KRTB&23244-YHRdLQAAFppV2ABQ; KRTBCOOKIE_1101=23040-6950282577090246797; PugT=1618238766; KRTBCOOKIE_409=22966-yqhJN4Z7LycL2D3493WzWoTW; KRTBCOOKIE_336=5844-8632558477689808783
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Mon, 12 Apr 2021 14:46:08 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_699=22727-AADPQU7A6LoAAClCDdCGeQ; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 12-May-2021 14:46:08 GMT; path=/ PugT=1618238768; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 12-May-2021 14:46:08 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 11-Jul-2021 14:46:08 GMT; path=/
X-lat
lhrpug007:0:541
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

Date
Mon, 12 Apr 2021 14:46:08 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADPQU7A6LoAAClCDdCGeQ
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame 66C1
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6950282577090246797
42 B
771 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6950282577090246797
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=25817907&p=156657&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KRTBCOOKIE_57=22776-3148030127967200618; PUBMDCID=3; KRTBCOOKIE_80=16514-CAESEG4SaQDO9ZWs1Fevn-HO7YY&KRTB&22987-CAESEG4SaQDO9ZWs1Fevn-HO7YY&KRTB&23025-CAESEG4SaQDO9ZWs1Fevn-HO7YY; KRTBCOOKIE_153=1923-HBMU4x9HEbUHEkK0TEcO4RJAE-8HEBHkThXtuJo8&KRTB&19420-HBMU4x9HEbUHEkK0TEcO4RJAE-8HEBHkThXtuJo8&KRTB&22979-HBMU4x9HEbUHEkK0TEcO4RJAE-8HEBHkThXtuJo8; PugT=1618238765; KRTBCOOKIE_188=3189-1f547421-ceda-4bd9-99b2-c4e71189d36c-60745d2c-4348; KRTBCOOKIE_218=22978-YHRdLQAAFppV2ABQ&KRTB&23194-YHRdLQAAFppV2ABQ&KRTB&23209-YHRdLQAAFppV2ABQ&KRTB&23244-YHRdLQAAFppV2ABQ
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Mon, 12 Apr 2021 14:46:06 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_1101=23040-6950282577090246797; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 12-May-2021 14:46:06 GMT; path=/ PugT=1618238766; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 12-May-2021 14:46:06 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 11-Jul-2021 14:46:06 GMT; path=/
X-lat
lhrpug013:0:414
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Mon, 12 Apr 2021 14:46:06 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie
UserID1=6950282577090246797; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6950282577090246797
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame 8BE0
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=yqhJN4Z7LycL2D3493WzWoTW
42 B
775 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=yqhJN4Z7LycL2D3493WzWoTW
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=25817907&p=156657&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KRTBCOOKIE_57=22776-3148030127967200618; PUBMDCID=3; KRTBCOOKIE_80=16514-CAESEG4SaQDO9ZWs1Fevn-HO7YY&KRTB&22987-CAESEG4SaQDO9ZWs1Fevn-HO7YY&KRTB&23025-CAESEG4SaQDO9ZWs1Fevn-HO7YY; KRTBCOOKIE_153=1923-HBMU4x9HEbUHEkK0TEcO4RJAE-8HEBHkThXtuJo8&KRTB&19420-HBMU4x9HEbUHEkK0TEcO4RJAE-8HEBHkThXtuJo8&KRTB&22979-HBMU4x9HEbUHEkK0TEcO4RJAE-8HEBHkThXtuJo8; KRTBCOOKIE_188=3189-1f547421-ceda-4bd9-99b2-c4e71189d36c-60745d2c-4348; KRTBCOOKIE_218=22978-YHRdLQAAFppV2ABQ&KRTB&23194-YHRdLQAAFppV2ABQ&KRTB&23209-YHRdLQAAFppV2ABQ&KRTB&23244-YHRdLQAAFppV2ABQ; KRTBCOOKIE_1101=23040-6950282577090246797; PugT=1618238766
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Mon, 12 Apr 2021 14:46:06 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_409=22966-yqhJN4Z7LycL2D3493WzWoTW; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 12-May-2021 14:46:06 GMT; path=/ PugT=1618238766; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 12-May-2021 14:46:06 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 11-Jul-2021 14:46:06 GMT; path=/
X-lat
lhrpug010:0:536
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

server
openresty
date
Mon, 12 Apr 2021 14:46:06 GMT
content-length
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie
u=yqhJN4Z7LycL2D3493WzWoTW; Max-Age=63072000; Domain=.erne.co; Path=/; Secure; SameSite=None
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=yqhJN4Z7LycL2D3493WzWoTW
strict-transport-security
max-age=0; includeSubDomains;
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 3C3A 		43 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=5DF0633D-C0C5-4D69-AD23-132EB228F2D5&ex=pubmatic.com
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.116.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
Server
Date
Mon, 12 Apr 2021 14:46:02 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
User-Agent
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8C8D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=XfBjPcDFTWmtIxMusijy1Q%3D%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=XfBjPcDFTWmtIxMusijy1Q%3D%3D&google_tc=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.24.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Apr 2021 14:46:03 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1300708-1f78-5b232eb4914bb"
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
max-age=19429
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/html; charset=UTF-8
Content-Length
2654
Expires
Mon, 12 Apr 2021 20:09:52 GMT

Redirect headers

pragma
no-cache
date
Mon, 12 Apr 2021 14:46:03 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 8C8D 		95 B
595 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=5DF0633D-C0C5-4D69-AD23-132EB228F2D5
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:46:03 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
63ed3decbf284ee5-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
09682507f100004ee50cb8f000000001
info2
uipglob.semasio.net/pubmatic/1/ Frame 8C8D
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=5DF0633D-C0C5-4D69-AD23-132EB228F2D5&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=5DF0633D-C0C5-4D69-AD23-132EB228F2D5&sInitiator=external&gdpr=0&gdpr_consent=
42 B
254 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=5DF0633D-C0C5-4D69-AD23-132EB228F2D5&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
uip-response-status
FallbackResponse
date
Mon, 12 Apr 2021 14:46:08 GMT
frontend-id
15
content-length
42
routing-server-id
-1
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 12 Apr 2021 14:46:08 GMT
frontend-id
2
location
/pubmatic/1/info2?sType=sync&sExtCookieId=5DF0633D-C0C5-4D69-AD23-132EB228F2D5&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Artemis
aud.pubmatic.com/AdServer/ Frame 8C8D
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=5DF0633D-C0C5-4D69-AD23-132EB228F2D5&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=5DF0633D-C0C5-4D69-AD23-132EB228F2D5&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=5DF0633D-C0C5-4D69-AD23-132EB228F2D5&addseg=31
7 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=5DF0633D-C0C5-4D69-AD23-132EB228F2D5&addseg=31
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.64.189.249 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Apr 2021 14:46:10 GMT
Connection
keep-alive
Content-Length
7
Content-Type
text/plain; charset=utf-8

Redirect headers

date
Mon, 12 Apr 2021 14:46:10 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=5DF0633D-C0C5-4D69-AD23-132EB228F2D5&addseg=31
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
135
Pug
simage2.pubmatic.com/AdServer/ Frame 8C8D
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=745b2dd7-cd87-48f1-9bdc-a9322ad5a237
42 B
882 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=745b2dd7-cd87-48f1-9bdc-a9322ad5a237
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Apr 2021 14:46:04 GMT
X-lat
lhrpug019:0:407
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Mon, 12 Apr 2021 14:46:03 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=745b2dd7-cd87-48f1-9bdc-a9322ad5a237
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
image2.pubmatic.com/AdServer/ Frame 8C8D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEG4SaQDO9ZWs1Fevn-HO7YY&google_cver=1
42 B
856 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEG4SaQDO9ZWs1Fevn-HO7YY&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Apr 2021 14:46:04 GMT
X-lat
lhrpug015:0:1000
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Mon, 12 Apr 2021 14:46:03 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEG4SaQDO9ZWs1Fevn-HO7YY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 8C8D
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=510790275478677492
42 B
799 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=510790275478677492
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Apr 2021 14:46:04 GMT
X-lat
lhrpug018:0:410
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Mon, 12 Apr 2021 14:46:02 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=510790275478677492
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 8C8D
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:73346074-5d2a-4d00-87b6-ed527a72b28d&gdpr=0&gdpr_consent=
42 B
947 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:73346074-5d2a-4d00-87b6-ed527a72b28d&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Apr 2021 14:46:04 GMT
X-lat
lhrpug008:0:2637
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Date
Mon, 12 Apr 2021 14:45:57 GMT
Server
MT3 3660 495c301 master zrh-pixel-x24
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:73346074-5d2a-4d00-87b6-ed527a72b28d&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 12 Apr 2021 14:45:56 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 8C8D
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3148030127967200618&gdpr=0&gdpr_consent=
42 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3148030127967200618&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Apr 2021 14:46:04 GMT
X-lat
lhrpug014:0:436
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Pragma
no-cache
Date
Mon, 12 Apr 2021 14:46:03 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.121:80
AN-X-Request-Uuid
685267f3-7e76-444f-871e-d313ebacaa73
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3148030127967200618&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 8C8D
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=ba362b9e-f037-45d0-8d87-2a9076a061da
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=ba362b9e-f037-45d0-8d87-2a9076a061da
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=7b942943-cb76-435a-a822-4246240e01f8&user_group=1&ssp=pubmatic&bsw_param=ba362b9e-f037-45d0-8d87-2a9076a061da
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=23&expires=14&user_id=7b942943-cb76-435a-a822-4246240e01f8&user_group=1&ssp=pubmatic&bsw_param=ba362b9e-f037-45d0-8d87-2a9076a061da
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=9b1a8722-a16b-41db-b6f2-bfcdcc68cb56&gdpr=&gdpr_consent=&gdpr_pd=
1 B
745 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=9b1a8722-a16b-41db-b6f2-bfcdcc68cb56&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Apr 2021 14:46:10 GMT
X-lat
lhrpug014:0:429
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=9b1a8722-a16b-41db-b6f2-bfcdcc68cb56&gdpr=&gdpr_consent=&gdpr_pd=
date
Mon, 12 Apr 2021 14:46:10 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
5DF0633D-C0C5-4D69-AD23-132EB228F2D5
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 8C8D 		43 B
203 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/5DF0633D-C0C5-4D69-AD23-132EB228F2D5?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:46:03 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 8C8D
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=5DF0633D-C0C5-4D69-AD23-132EB228F2D5&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-FQrZA9dE2uXA7w.BCtzcK4Lpd.uGTS4-~A&gdpr=0&gdpr_consent=
0
587 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-FQrZA9dE2uXA7w.BCtzcK4Lpd.uGTS4-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cnection
close
Date
Mon, 12 Apr 2021 14:46:09 GMT
Content-Encoding
gzip
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-cache
Transfer-Encoding
chunked
Content-Type
text/plain; charset=utf-8

Redirect headers

Date
Mon, 12 Apr 2021 14:46:03 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-FQrZA9dE2uXA7w.BCtzcK4Lpd.uGTS4-~A&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame 8C8D
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=HBMU4x9HEbUHEkK0TEcO4RJAE-8HEBHkThXtuJo8
42 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=HBMU4x9HEbUHEkK0TEcO4RJAE-8HEBHkThXtuJo8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Apr 2021 14:46:05 GMT
X-lat
lhrpug018:0:475
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Mon, 12 Apr 2021 14:46:03 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=HBMU4x9HEbUHEkK0TEcO4RJAE-8HEBHkThXtuJo8
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 8C8D
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4179163076408288839&gdpr=0&gdpr_consent=&us_privacy=
1 B
727 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4179163076408288839&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Apr 2021 14:46:04 GMT
X-lat
lhrpug009:0:420
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4179163076408288839&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 12 Apr 2021 14:46:03 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 8C8D
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YHRdLQAAFppV2ABQ&gdpr=0&gdpr_consent=&_test=YHRdLQAAFppV2ABQ
1 B
809 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YHRdLQAAFppV2ABQ&gdpr=0&gdpr_consent=&_test=YHRdLQAAFppV2ABQ
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Apr 2021 14:46:05 GMT
X-lat
lhrpug020:0:393
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

pragma
no-cache
date
Mon, 12 Apr 2021 14:46:05 GMT
via
1.1 varnish
server
Varnish
x-timer
S1618238766.532779,VS0,VE0
x-served-by
cache-fra19138-FRA
x-cache
HIT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YHRdLQAAFppV2ABQ&gdpr=0&gdpr_consent=&_test=YHRdLQAAFppV2ABQ
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
Pug
image2.pubmatic.com/AdServer/ Frame 8C8D
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=1f547421-ceda-4bd9-99b2-c4e71189d36c-60745d2c-4348&gdpr=0&gdpr_consent=
42 B
800 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=1f547421-ceda-4bd9-99b2-c4e71189d36c-60745d2c-4348&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Apr 2021 14:46:05 GMT
X-lat
lhrpug008:0:622
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Mon, 12 Apr 2021 14:46:03 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=1f547421-ceda-4bd9-99b2-c4e71189d36c-60745d2c-4348&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 8C8D
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:7c0dcf46-5bc8-4e6c-af82-d963e0a18262&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:7c0dcf46-5bc8-4e6c-af82-d963e0a18262&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Apr 2021 14:46:06 GMT
X-lat
lhrpug008:0:473
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:7c0dcf46-5bc8-4e6c-af82-d963e0a18262&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Mon, 12 Apr 2021 14:46:05 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
current
pubmatic-match.dotomi.com/match/bounce/ Frame 8C8D 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=5DF0633D-C0C5-4D69-AD23-132EB228F2D5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1370 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 14:46:05 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pubmatic
um.simpli.fi/ Frame 8C8D 		43 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
be.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:46:05 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sun, 11 Apr 2021 14:46:05 GMT
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 0EE5 		43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=614e00ba770641c99d071dcb&ex=sovrn.com&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.116.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Apr 2021 14:46:03 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame 0EE5
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=fmx&gdpr=0&gdpr_consent=
  • https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=fmx&bds_param=d381be2d-4deb-44a8-b3af-fabaa8abb167
  • https://x.bidswitch.net/sync?dsp_id=340&user_id=151099de-33d1-4d17-974f-5dd24fbe5ebf&expires=10&ssp=fmx&bsw_param=d381be2d-4deb-44a8-b3af-fabaa8abb167
  • https://ce.lijit.com/merge?pid=26&3pid=d381be2d-4deb-44a8-b3af-fabaa8abb167
43 B
868 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=26&3pid=d381be2d-4deb-44a8-b3af-fabaa8abb167
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Apr 2021 14:46:03 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap7ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
//ce.lijit.com/merge?pid=26&3pid=d381be2d-4deb-44a8-b3af-fabaa8abb167
date
Mon, 12 Apr 2021 14:46:03 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
merge
ce.lijit.com/ Frame 0EE5
Redirect Chain
  • https://sync.1rx.io/usersync2/sovrn?gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=685078084
  • https://sync.1rx.io/usersync/tradedesk/745b2dd7-cd87-48f1-9bdc-a9322ad5a237
  • https://sync.targeting.unrulymedia.com/csync/RX-d9009e1c-987b-4720-ab2e-7af5df831f4b-003?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D56%263pid%3DRX-d9009e1c-987b-4720-ab2e-7af5df831f4b-003
  • https://ce.lijit.com/merge?pid=56&3pid=RX-d9009e1c-987b-4720-ab2e-7af5df831f4b-003
  • https://ce.lijit.com/merge?pid=56&3pid=RX-d9009e1c-987b-4720-ab2e-7af5df831f4b-003&dnr=1
0
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=56&3pid=RX-d9009e1c-987b-4720-ab2e-7af5df831f4b-003&dnr=1
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Apr 2021 14:46:06 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap7ams1
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 12 Apr 2021 14:46:06 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ce.lijit.com/merge?pid=56&3pid=RX-d9009e1c-987b-4720-ab2e-7af5df831f4b-003&dnr=1
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap7ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0EE5
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=NjE0ZTAwYmE3NzA2NDFjOTlkMDcxZGNi
170 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=NjE0ZTAwYmE3NzA2NDFjOTlkMDcxZGNi
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 14:46:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 12 Apr 2021 14:46:03 GMT
Server
nginx
Location
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=NjE0ZTAwYmE3NzA2NDFjOTlkMDcxZGNi
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
tum
ums.acuityplatform.com/ Frame 0EE5 		0
0
merge
ce.lijit.com/ Frame 0EE5
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=83&3pid=KNEPKTR4-18-B1EO&gdpr=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=83&3pid=KNEPKTR4-18-B1EO&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Apr 2021 14:46:04 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap7ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://ce.lijit.com/merge?pid=83&3pid=KNEPKTR4-18-B1EO&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
Expires
0
get
am.freshrelevance.com/ 		1 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://am.freshrelevance.com/get?data=%7B%22type%22%3A%22heartbeat%22%2C%22data%22%3A%7B%22c%22%3A%22gisv7pksfk%22%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36%22%2C%22w%22%3A%22i99g3gee%22%7D%7D
Requested by
Host: dkpklk99llpj0.cloudfront.net
URL: https://dkpklk99llpj0.cloudfront.net/i99g3gee_1606137453919.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.87.121 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 12 Apr 2021 14:46:06 GMT
content-type
text/plain; charset=utf-8
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 552C 		60 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
sffe /
Resource Hash
4e33876a23763376cf35ac852e3d6891cfb324e7bbaf94a630ee812e7adc742d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:46:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"840 / 624 of 1000 / last-modified: 1618225763"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20455
x-xss-protection
0
expires
Mon, 12 Apr 2021 14:46:03 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 8931 		158 B
1006 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/ast.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
3c4d267be6e80fd47142978fae8b63689a64d6a3a98e525d2a1d33c7110a9b96
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 12 Apr 2021 14:46:03 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.49:80
AN-X-Request-Uuid
df616757-7630-4925-bee1-e5171c91349a
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://thetandd.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
158
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 8931 		158 B
1006 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/ast.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
f9a54989fd3da23df2390e4f335d0eb3ffe1f9e033079790594d0cba8678748e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 12 Apr 2021 14:46:03 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.42:80
AN-X-Request-Uuid
66b80228-d746-4c3a-a315-8316132ab0df
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://thetandd.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
158
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 8931 		158 B
1007 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/ast.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
3ff3732ade7dd61f2c07e2ecb4799ede4247bcce80e1bb0186bcb857ae519592
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 12 Apr 2021 14:46:03 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.134:80
AN-X-Request-Uuid
a7185e07-89aa-45d1-891d-4565ff1b4ec9
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://thetandd.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
158
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
exchange
ssc.33across.com/api/ 		88 B
648 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/exchange
Requested by
Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.78.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/ 33Across
Resource Hash
9c4b333e0f6a65a63bd8a59742929fc50f76fb6d5fa63f7326d0cb33331cf2bd

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Apr 2021 14:46:03 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://thetandd.com
access-control-allow-credentials
true
pubads_impl_2021040803.js
securepubads.g.doubleclick.net/gpt/ Frame 552C 		294 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040803.js?31060769
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
sffe /
Resource Hash
a6715a1b3fd94615665a68bb9058e4ab11d027c6772f3624c44b20b155041897
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:46:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 18:45:01 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
105914
x-xss-protection
0
expires
Mon, 12 Apr 2021 14:46:03 GMT
integrator.js
adservice.google.ch/adsid/ Frame 552C 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ch/adsid/integrator.js?domain=thetandd.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040803.js?31060769
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Apr 2021 14:46:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 552C 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=thetandd.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040803.js?31060769
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Apr 2021 14:46:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 552C 		436 B
431 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3293219476228728&correlator=1855450142634359&output=ldjh&impl=fif&eid=31060550%2C31060769%2C31060506%2C44739387&vrg=2021040803&ptt=17&sc=1&sfv=1-0-38&ecs=20210412&iu_parts=32867010%2CA_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&prev_scp=c%3D10%26r%3D110%26d%3Dlee728.net%26g%3Da9JORiXIKr5BlZrkHcnnVW%26gd%3Da9JORiXIKr5BlZrkHcnnVW%253Adesktop%26cc%3D154%26pf%3D50%26ivt%3D24%26iva%3D82%26ivb%3D71%26ivc%3D63%26ivd%3D26%26ive%3D4%26ivp%3D95%26osr%3D98%26pre%3Dapnx%253A0%2Cttx%253A0%26pre_sz%3Dapnx%253A0x0%2Cttx%253A0x0%26tier%3Dapnx%253A0%2Cttx%253A0%26hb%3D0&cookie_enabled=1&cdm=thetandd.com&bc=31&abxe=1&lmt=1618238763&dt=1618238763580&dlt=1618238763125&idt=167&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=150&oid=3&adxs=1598&adys=62&adks=657788913&ucis=tlxf76h0yjoj&ifi=1&ifk=2144106570&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fthetandd.com%2F&top=https%3A%2F%2Fthetandd.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=284x134&msz=284x90&ga_vid=1231912092.1618238764&ga_sid=1618238764&ga_hid=2076087055&ga_fc=false&fws=256&ohw=0&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040803.js?31060769
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
950615e6230791e84272d63876c754affc99ce0e42ca387c987782f4bef7a4aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:46:03 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
226
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://thetandd.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
30149192a4eb4e9c9b87767b440a2d56.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 552C 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://30149192a4eb4e9c9b87767b440a2d56.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040803.js?31060769
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ Frame 552C 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040803.js?31060769
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 600B 		42 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstOx96Fw3QynQW_MjsFW2TThcJy6x5u-_tF3V-cQ-3DylZ-B3pw0M2JgLZn_vb2s1QGMO2NhwCMhSqWD4_y5YvhUinbCorYQHYn5_FoIifBCalPrZdFbj9X6yU&sai=AMfl-YTfJ9OLDBNqaiI0Nokg0cvWWf6eYjSiZPD2FjcuTqI9kM24kCyfsXeL0Bm5hH5eP8susKsyaJOGYvFOQePvjlztEr1JUga1t9jll9hnfW4OkSJqXStjuxy60fka&sig=Cg0ArKJSzFI2Zjb0HY6OEAE&cid=CAASFeRozipFjqKhFkXwR-DXLYfyVDhahg&id=ampim&o=1180,306&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=458&tls=1459&g=100&h=100&tt=1459&r=v&avms=ampa&adk=3450214113
Requested by
Host: thetandd.com
URL: https://thetandd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 14:46:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame B5D0 		42 B
501 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuEADIzcTrewMch0mZmyLjjOdO4vz5oW34HCh8JUHpQoq6aL4qVf_AXXdar_UOSFiaYkEkI05XHbnRGLXC8_FfLCKu0MBm11H03TdxDY8o&sig=Cg0ArKJSzNMa_tJpaIBzEAE&id=osdim&mcvt=1006&p=0,800,1,801&mtos=1006,1006,1006,1006,1006&tos=1006,0,0,0,0&v=20210409&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=524549479&rs=4&met=ce&la=0&cr=0&osd=1&vs=4&rst=1618238760411&dlt=0&rpt=967&isd=0&msd=0&r=v&uup=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 14:46:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 5357
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=a9eu
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=KNEPKTJT-1M-2WQ&ex=d-rubiconproject.com&status=ok
43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=KNEPKTJT-1M-2WQ&ex=d-rubiconproject.com&status=ok
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_pm-db5_rbd_n-emx_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.116.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Apr 2021 14:46:04 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://aax-eu.amazon-adsystem.com/s/ecm3?id=KNEPKTJT-1M-2WQ&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
Expires
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 552C 		8 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021040803&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040803.js?31060769
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c7b7f30369f2913163e0bf7968ee1540ccdd86fad6e76cf79ac3072dcff3f391
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Apr 2021 14:46:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6502
x-xss-protection
0
tap.php
pixel.rubiconproject.com/ Frame 5357
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEPdLbRhHyeT2c_Fa24La5ec&google_cver=1
42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEPdLbRhHyeT2c_Fa24La5ec&google_cver=1
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_pm-db5_rbd_n-emx_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 12 Apr 2021 14:46:04 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEPdLbRhHyeT2c_Fa24La5ec&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
ads.yahoo.com/cms/ Frame 5357
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KNEPKTJT-1M-2WQ&sigv=1&esig=2~17ee9ee7990a8e47c1b4ef6968dd1356275a15ea
0
444 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KNEPKTJT-1M-2WQ&sigv=1&esig=2~17ee9ee7990a8e47c1b4ef6968dd1356275a15ea
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_pm-db5_rbd_n-emx_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:46:04 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KNEPKTJT-1M-2WQ&sigv=1&esig=2~17ee9ee7990a8e47c1b4ef6968dd1356275a15ea
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 5357
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=73346074-5d2a-4d00-87b6-ed527a72b28d
42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=73346074-5d2a-4d00-87b6-ed527a72b28d
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_pm-db5_rbd_n-emx_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type
image/gif

Redirect headers

Date
Mon, 12 Apr 2021 14:45:58 GMT
Server
MT3 3660 495c301 master zrh-pixel-x8
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=73346074-5d2a-4d00-87b6-ed527a72b28d
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 12 Apr 2021 14:45:57 GMT
709414.gif
id.rlcdn.com/ Frame 5357 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_pm-db5_rbd_n-emx_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:46:04 GMT
via
1.1 google
alt-svc
clear
content-length
0
rubicon
match.adsrvr.org/track/cmf/ Frame 5357 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_pm-db5_rbd_n-emx_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.90.176 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 14:46:04 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 5357
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05FUEtUSlQtMU0tMldR
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05FUEtUSlQtMU0tMldR
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_pm-db5_rbd_n-emx_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 14:46:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05FUEtUSlQtMU0tMldR
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 5357
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTY4MGExY2MwYmEzMTVkYTVjMjc3MTAxOThlMGViOWI5N2VkMDk3Ng
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTY4MGExY2MwYmEzMTVkYTVjMjc3MTAxOThlMGViOWI5N2VkMDk3Ng
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_pm-db5_rbd_n-emx_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 14:46:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTY4MGExY2MwYmEzMTVkYTVjMjc3MTAxOThlMGViOWI5N2VkMDk3Ng
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 5357
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/ZCjKLsoF27Uc3_2HkYhinw?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3634830960069199981
42 B
775 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3634830960069199981
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_pm-db5_rbd_n-emx_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type
image/gif

Redirect headers

date
Mon, 12 Apr 2021 14:46:04 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3634830960069199981
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 552C 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040803.js?31060769
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:46:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Mon, 12 Apr 2021 14:46:04 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame A534 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://thetandd.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://thetandd.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Mon, 12 Apr 2021 14:30:53 GMT
expires
Tue, 12 Apr 2022 14:30:53 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
911
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
71hr94SUjmI4WsmVKl_xSF-LeUxrKTKLcbZwOLomvE8.js
pagead2.googlesyndication.com/bg/ Frame A534 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/71hr94SUjmI4WsmVKl_xSF-LeUxrKTKLcbZwOLomvE8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef586bf784948e62385ac9952a5ff1485f8b794c6b29328b71b67038ba26bc4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 10:45:14 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 24 Mar 2021 17:18:00 GMT
server
sffe
age
187250
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5693
x-xss-protection
0
expires
Sun, 10 Apr 2022 10:45:14 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 552C 		0
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021040803&jk=3293219476228728&bg=!ICOlI2fNAAY56aLOOek7ACkAdvg8WuefrRkPSGZMFeGGsoX-5PF_AxI5p8j0Pi6F9Y9yR_FY_D8MuwIAAAD0UgAAAAtoAQcKAbH4CHjgwzkjwW-Ofi6GXQTyMCEjlSKokoNn5YyMr9jIuCUcePFyYDL3orq6f_yLTcxvDdDfLvZFCz5jL5zyRucutQhOgb0o6UieeymubEKF9IHPN2amAOq7T0u00dxB7wXCPwvXgbHo1riKwqBAlgasQJb8Z51bpd63RrLhFPSqMSFaH5YbvGjMXJuRDYkKMxmsKNdxzYKHafzAa3gRgR2uA_iNqK3c_GFwNxG3SBWUeBrYvW590fm0MwO4ClmSG4WrdWb2tFNP0z_Tsomfn7k4rhfG2x2eK_qmC6EaFZhteskhNbWHu81QKmYX5N8TWxJCicrnTcdOMQcf14gH7B0HKq6S1CCVebxTQ8a0_hNoKfO3pPbQWZ7miJN4fgTK3zSYi1y5faHWighiWWjIUdM_KygxYUjzyArdiaPevqQhPXFAk12NAFyAGPB0ls8LRNxJr3RJzNnbKqANCzKjpIVX2WDclDAFsXCnujzcjIip9GpbEiEvp9zifaPcLlyyJKHzpMqoLRo399KhHSKYjM6XwcWFsmgBUD3lHJsR6wmtsBvoe3bjKNhTBEY3Z6SgElrimQHlZ1iGWMk6Nj994pQSqujRXf5aRsrg-IgpbGk4SXIWgwQVzROV7EQsk1FYCcn7_QYyB4xZibkuh2EQ1Ofyd2ChbHLpwjIKkSf_Ar8dsvG7fO6wRmwGYC1KIKj-_8xhO141ihMVtU6f5fM4nlokdPamC44rqJ4UXNKgcStMW1FHZqObpXqPPOOqnoi1UOyol30Goer5d2qPcyzuSajiSOGcdGdbZ_JLUZjfMRTJxkytGA-rGZJEVbzJJ6j5QY6ha1WcnIzVxcgDw64NuAGpPAsQQ2jG9RmxKUQiVX8WW-xub8hs4ZiHfBBcE36CdQ2emCJ82VaKlQLUUH5cOYycubrkZH7m9wtV9x2iC6anzbHB-bFIKSNGjNNmzLHhN2xtucMhnrGAiZKXTLgG5UFocOeTMHj_PhjbBW55DNHU5Vr-mWQ2YAOxzcaqDFM3wBe6EwErc0pBHdnmPKdzdQFY89HqgJPbjTe1tThvVJfvUWz1JJ-utgUmz-JJ9olLQzj0NUH3vAzxP7ZrPzlVhR-eBsNW52Xwmpiv64wiov0mLwIjgANI_IjO9_ODgGhM23UldAteTAOeFTsijxTH0MgztThbxOdzTp-pqxkkTjSQL4VvdA0UL0NpkII7HRZqxsv3Vyx1FZ9TbgQ
Requested by
Host: thetandd.com
URL: https://thetandd.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 14:46:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xhr_streaming
sic.33across.com/session/969/ewqjs5v5/ Frame B5D0 		2 KB
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://sic.33across.com/session/969/ewqjs5v5/xhr_streaming?JSESSIONID=4l27p4fm-7dw4d5gi-7tdxiuvn-gjl3yzy1
Requested by
Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.110.23 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip23.67-202-110.static.steadfastdns.net
Software
/ Love
Resource Hash

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:46:09 GMT
content-encoding
gzip
status
200 OK
x-powered-by
Love
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://thetandd.com
cache-control
no-store, no-cache, no-transform, must-revalidate, max-age=0
access-control-allow-credentials
true
xhr_send
sic.33across.com/session/969/ewqjs5v5/ Frame B5D0 		26 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sic.33across.com/session/969/ewqjs5v5/xhr_send?JSESSIONID=4l27p4fm-7dw4d5gi-7tdxiuvn-gjl3yzy1
Requested by
Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.110.23 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip23.67-202-110.static.steadfastdns.net
Software
/ Love
Resource Hash
8167b2733f3a07102af4703fae803490251157ab68faefed3644861a38d49ea3

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 12 Apr 2021 14:46:09 GMT
content-encoding
gzip
status
404 Not Found
x-powered-by
Love
vary
Accept-Encoding, Origin
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://thetandd.com
cache-control
no-store, no-cache, no-transform, must-revalidate, max-age=0
access-control-allow-credentials
true
rt=ifr
bcp.crwdcntrl.net/5/ct=y/c=6894/rand=600308271/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20thetandd%20%3A%20Total%20Sit... Frame FEB3
Redirect Chain
  • https://bcp.crwdcntrl.net/5/c=6894/rand=600308271/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20thetandd%20%3A%20Total%20...
  • https://bcp.crwdcntrl.net/5/ct=y/c=6894/rand=600308271/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20thetandd%20%3A%20Tot...
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/5/ct=y/c=6894/rand=600308271/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20thetandd%20%3A%20Total%20Site%20Traffic/rb=%7B%22meta_tag%22%3A%22the%20times%20and%20democrat%22%7D/rt=ifr
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.234.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
b4d311859faccfcca39a56ee6cf8e7062544a007f40799dfe95020e0cc8a7673

Request headers

:method
GET
:authority
bcp.crwdcntrl.net
:scheme
https
:path
/5/ct=y/c=6894/rand=600308271/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20thetandd%20%3A%20Total%20Site%20Traffic/rb=%7B%22meta_tag%22%3A%22the%20times%20and%20democrat%22%7D/rt=ifr
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://thetandd.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
_cc_cc=ctst
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://thetandd.com/

Response headers

date
Mon, 12 Apr 2021 14:46:10 GMT
content-type
text/html;charset=UTF-8
content-length
1479
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control
no-cache
pragma
no-cache
expires
0
x-server
10.45.18.124
set-cookie
_cc_dc=1;Path=/;Domain=crwdcntrl.net;Expires=Fri, 07-Jan-2022 14:01:00 GMT;SameSite=None;Secure _cc_id=ca77dada54ae392017bd0fd0551fa31c;Path=/;Domain=crwdcntrl.net;Expires=Fri, 07-Jan-2022 14:01:00 GMT;SameSite=None;Secure _cc_cc="ACZ4nGNQSE40N09JTEk0NUlMNbY0MjA0T0oxSEsxMDU1TEs0NkxmAIKEklgjBjjgX7JnDzfjO1OG%2F4yMDNd7DsHZ55cgxP8%2BeCsAZ3%2B2hDE%2FnjilAWOfPakOY547eogZxt697zJc55z1T%2BEmHl48hwXGvnTqERuM%2FW4JQvxDw32ErRunwMUBthVNRA%3D%3D";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Fri, 07-Jan-2022 14:01:00 GMT;Max-Age=23328000;SameSite=None;Secure _cc_aud="ABR4nGNgYGBIKIk1YoABFgbGdbNADGaNXSCKcYM4mFo3H0gCAHlnBaw%3D";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Fri, 07-Jan-2022 14:01:00 GMT;Max-Age=23328000;SameSite=None;Secure
access-control-allow-origin
*

Redirect headers

date
Mon, 12 Apr 2021 14:46:10 GMT
content-length
0
location
https://bcp.crwdcntrl.net/5/ct=y/c=6894/rand=600308271/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20thetandd%20%3A%20Total%20Site%20Traffic/rb=%7B%22meta_tag%22%3A%22the%20times%20and%20democrat%22%7D/rt=ifr
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control
no-cache
pragma
no-cache
expires
0
x-server
10.45.26.238
set-cookie
_cc_cc=ctst;Path=/;Domain=crwdcntrl.net;SameSite=None;Secure
sodar
pagead2.googlesyndication.com/getconfig/ 		9 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021040802&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040802.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53887e4a4b075f34d1422d365e8f0bbdbfe9fb8b23c14264ea20f656554b276c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Apr 2021 14:46:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6707
x-xss-protection
0
5f52ceafe6c9a.image.jpg
bloximages.chicago2.vip.townnews.com/thetandd.com/content/tncms/assets/v3/editorial/9/b3/9b3f9850-c5bc-5730-81ca-c7833a87776a/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/thetandd.com/content/tncms/assets/v3/editorial/9/b3/9b3f9850-c5bc-5730-81ca-c7833a87776a/5f52ceafe6c9a.image.jpg?crop=1839%2C1034%2C0%2C42&resize=200%2C113&order=crop%2Cresize
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58443717e31d5c73104c181efddd0fb968d3c098d0c2fb3cb3706c9cb1d6878c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:46:10 GMT
cf-cache-status
HIT
last-modified
Fri, 04 Sep 2020 23:33:04 GMT
strict-transport-security
max-age=604800
content-length
5339
cf-request-id
09682525e800002325ce0d7000000001
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"6e89b5567195dd4d6081efbf8d5f9c2a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
expires
Tue, 12 Apr 2022 04:05:45 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
63ed3e1ca9fc2325-ZRH
cf-bgj
h2pri
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:46:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Mon, 12 Apr 2021 14:46:10 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 754F 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://thetandd.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://thetandd.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Mon, 12 Apr 2021 14:30:53 GMT
expires
Tue, 12 Apr 2022 14:30:53 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
917
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
71hr94SUjmI4WsmVKl_xSF-LeUxrKTKLcbZwOLomvE8.js
pagead2.googlesyndication.com/bg/ Frame 754F 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/71hr94SUjmI4WsmVKl_xSF-LeUxrKTKLcbZwOLomvE8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef586bf784948e62385ac9952a5ff1485f8b794c6b29328b71b67038ba26bc4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 10:45:14 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 24 Mar 2021 17:18:00 GMT
server
sffe
age
187256
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5693
x-xss-protection
0
expires
Sun, 10 Apr 2022 10:45:14 GMT
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pe&tv=js-3.0.122&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&tzoff=-120&lang=en-US&cs=UTF-8&navt=link&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_nolocalstorage=1&f_es6=1&f_gears=2&tvltm=3&tvcfg=lee&f_privb=0&tid=ece6e0d6-fd6a-4428-8bc6-0f6e7b3fa075&pid=b194e929-2abc-466e-b091-573ce5b63df7&dtm=1618238770718&qnm=_matherq&visible=1&tabid=3c8ce1b4-afe2-4631-9030-5991c12e1dfd&url=https%3A%2F%2Fthetandd.com%2F&vp=1600x1200&ds=1600x5560&tofa=1618238771&vid=1&lvidt=1618238771&duid=a17a8a46b4a42a7d&fp=1072425006&cid=ma1527&mrk=725149337&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTYxODIzODc1ODA0OSIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIyMC41bWIiLCJoZWFwVCI6IjI3LjZtYiIsImZzdFBhaW50IjoiMTMwNyIsImZldGNoUyI6IjAiLCJkb21haW5TIjoiMSIsImRvbWFpbkUiOiIyIiwiY29ublMiOiIyIiwiY29ubkUiOiIyNTQiLCJzc2xTIjoiMjAiLCJyZXF1UyI6IjI1NCIsInJlc3BTIjoiNDg2IiwicmVzcEUiOiI2MDAiLCJkb21Mb2FkIjoiNDg5IiwiZG9tSW50ZXIiOiIyMDU4IiwiZG9tTG9hZFMiOiIyMDY1IiwiZG9tTG9hZEUiOiIyMDcxIiwiZG9tQ21wbHQiOiIxMjU4MSIsImxvYWRTIjoiMTI1ODEiLCJsb2FkRSI6IjEyNTkxIn19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.168.95.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-168-95-93.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Apr 2021 14:46:10 GMT
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length
43
Content-Type
image/gif
gen_204
pagead2.googlesyndication.com/pagead/ 		0
46 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021040802&jk=2056919365171739&bg=!hoWlhcHNAAY56aLOOek7ACkAdvg8WpWSK9gNynhRJKIZ-xO64eu571J4uxkjcuwVRlxM2XQlkjbabwIAAAB1UgAAAAhoAQcKAVC_b19bqVzm1NgODGFHoZ7yD3wlYCpb4E1yPbALQkbFf-XXIO2hqLCkshtCaRGOtRcQcBlKkXw8fJMF2Vy_6WDeMwkoNTau1BL2OovQ5WoKs9S1jcPdSZ_84eQTNvcYfmzIQV8dbVcRwhl3jAB1yN_a7DjRpWYNVpw9YXpdV-LwRs8htDik00H3JVb4CV0L_kWsobv8ufhj1VyZ_ct4BIzRWvBDrV7xyy4hlkyi8Cj2FOI-ASp2l2t29fhqUzLHuXy30f58i_ev5p7asSIZlI1znEy9JmTQ6nrZelifOTuOyVgAA-BmV86mmzBuOGKken5on2zIVCkMGYrO89agUs2_GE6phkQhNfcGFmKvJVKht_tYM2rpEZaWzI0cFm-0XcOdnDZ-9SbcPJLT-KZcgMEYUhJ8sFlql1b9eUftzLDCW7cpgHwnCGf9g6UImo9sCkqZAeZOjKcnmW0qsXZWMuu1QyP0CicFhyhR_BaDYv3XvPInKJ_aimdlNeUatzqOH_8sAfzkUJyFGp7c7dlaECeY1dZznXbsoYiW4Zct45esBHSfyxXqoa10QI_AtzAOIvOaUQ22ew6sVn0Wm07mYM-FHADZmJaASF6bntYWb0JYhj3FYOPfZvdOMatmlZ7wOjI8xphOrPqkSuSmDzfePV-817uPfQlrxVjqfP9-WuSfiLry_Z3D7QurHsHBEWV7tUw8t_QWFekwIYYMxufvzic2w-pQqJJk9ommU7Waq8IGPqRV3uPQWedWj8xr2FoufOjATAwXY4RoNUw26f5BlvgKaXObKnNjwamd3VlEh9Rx3vCZRx7Yazz2SUvXWGO6R_o61soXrAfxWGw14t5vf2oooDOg0ymJGspKpOPvwgcI-VONthEO_8qq20DCs47Vzkw_kvk6Lj8XQZEpQQwOAKegxxEJA5wbM_2DY8edggZEGmsSHd67D8K0MbPKRqF0zPHiX0cYfvXW2afq503SaBxLAKQXNQDB5cxowDrMphp_ici24Pqb1SHXOgmZzH-D3aBAFtdqncG4Mf9h9m0tmxtjTN6PGopy_118tIzOKhGyRdoyiqQh6DZYHWgCVAN3ZobKMfv5yPa2d5s
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 14:46:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tpid=f1308446-f116-4aad-a2c3-4ef65a6a431f
bcp.crwdcntrl.net/map/c=10620/tp=TRAD/ Frame FEB3
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=0
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=0
  • https://bcp.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=f1308446-f116-4aad-a2c3-4ef65a6a431f
49 B
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=f1308446-f116-4aad-a2c3-4ef65a6a431f
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=6894/rand=600308271/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20thetandd%20%3A%20Total%20Site%20Traffic/rb=%7B%22meta_tag%22%3A%22the%20times%20and%20democrat%22%7D/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.234.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 14:46:11 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.10.141
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Mon, 12 Apr 2021 14:46:11 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://bcp.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=f1308446-f116-4aad-a2c3-4ef65a6a431f
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
205
g.json
aa.agkn.com/adscores/ Frame FEB3 		103 B
412 B 		Script
General
Check archive.org
Download Go to
Full URL
https://aa.agkn.com/adscores/g.json?sid=9202507693
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=6894/rand=600308271/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20thetandd%20%3A%20Total%20Site%20Traffic/rb=%7B%22meta_tag%22%3A%22the%20times%20and%20democrat%22%7D/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.248.2 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-248-2.eu-central-1.compute.amazonaws.com
Software
AAWebServer /
Resource Hash
e1ce17fd79478fbb0830c687ff4046c86993acb5fd14fc35b4fd29bed00ce94a

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 14:46:11 GMT
server
AAWebServer
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
cache-control
no-cache, no-store, must-revalidate
content-type
application/json
content-length
103
expires
0
tpid=98318f44-558c-447b-b8d8-a6f9d0aec0c2
sync.crwdcntrl.net/map/c=194/tp=OPNX/ Frame FEB3
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=a2b86b70-2a77-4714-ab97-7807f14fcc73&r=https://sync.crwdcntrl.net/map/c=194/tp=OPNX/tpid=
  • https://u.openx.net/w/1.0/cm?cc=1&id=a2b86b70-2a77-4714-ab97-7807f14fcc73&r=https://sync.crwdcntrl.net/map/c=194/tp=OPNX/tpid=
  • https://sync.crwdcntrl.net/map/c=194/tp=OPNX/tpid=98318f44-558c-447b-b8d8-a6f9d0aec0c2
49 B
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=194/tp=OPNX/tpid=98318f44-558c-447b-b8d8-a6f9d0aec0c2
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=6894/rand=600308271/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20thetandd%20%3A%20Total%20Site%20Traffic/rb=%7B%22meta_tag%22%3A%22the%20times%20and%20democrat%22%7D/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.234.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 14:46:11 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.31.178
content-type
image/gif
content-length
49
expires
0

Redirect headers

date
Mon, 12 Apr 2021 14:46:11 GMT
content-encoding
gzip
server
OXGW/16.205.2
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://sync.crwdcntrl.net/map/c=194/tp=OPNX/tpid=98318f44-558c-447b-b8d8-a6f9d0aec0c2
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
insync
thrtle.com/ Frame FEB3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thrtle.com/insync?vxii_pid=10014&vxii_pdid=ca77dada54ae392017bd0fd0551fa31c
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=6894/rand=600308271/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20thetandd%20%3A%20Total%20Site%20Traffic/rb=%7B%22meta_tag%22%3A%22the%20times%20and%20democrat%22%7D/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.88.16.190 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame FEB3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=Y2E3N2RhZGE1NGFlMzkyMDE3YmQwZmQwNTUxZmEzMWM
  • https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=Y2E3N2RhZGE1NGFlMzkyMDE3YmQwZmQwNTUxZmEzMWM&google_tc=
170 B
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=Y2E3N2RhZGE1NGFlMzkyMDE3YmQwZmQwNTUxZmEzMWM&google_tc=
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=6894/rand=600308271/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20thetandd%20%3A%20Total%20Site%20Traffic/rb=%7B%22meta_tag%22%3A%22the%20times%20and%20democrat%22%7D/rt=ifr
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 14:46:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 12 Apr 2021 14:46:10 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=Y2E3N2RhZGE1NGFlMzkyMDE3YmQwZmQwNTUxZmEzMWM&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tpid=ba3ed8a7-267b-4c02-8fb0-42112036e7d0-60745d33-4348
sync.crwdcntrl.net/map/c=1389/tp=STSC/ Frame FEB3
Redirect Chain
  • https://pixel-sync.sitescout.com/connectors/lotame/usersync?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID
  • https://pixel-sync.sitescout.com/connectors/lotame/usersync?cookieQ=1&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID
  • https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=ba3ed8a7-267b-4c02-8fb0-42112036e7d0-60745d33-4348
49 B
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=ba3ed8a7-267b-4c02-8fb0-42112036e7d0-60745d33-4348
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=6894/rand=600308271/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20thetandd%20%3A%20Total%20Site%20Traffic/rb=%7B%22meta_tag%22%3A%22the%20times%20and%20democrat%22%7D/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.234.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 14:46:11 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.10.58
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Mon, 12 Apr 2021 14:46:10 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=ba3ed8a7-267b-4c02-8fb0-42112036e7d0-60745d33-4348
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 8931 		19 B
712 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/ast.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 12 Apr 2021 14:46:19 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.146:80
AN-X-Request-Uuid
e6c4cc13-1c4d-4631-8076-5e4b5090c90f
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://thetandd.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 8931 		19 B
712 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/ast.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 12 Apr 2021 14:46:19 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.242:80
AN-X-Request-Uuid
7e345cd5-f29e-459d-806e-a93cd4a3f4d1
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://thetandd.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 8931 		19 B
712 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/ast.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 12 Apr 2021 14:46:19 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.251:80
AN-X-Request-Uuid
d24c5453-364a-4743-b330-8664d6dd72d4
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://thetandd.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
exchange
ssc.33across.com/api/ 		88 B
668 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/exchange
Requested by
Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.78.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/ 33Across
Resource Hash
e2f34bb6fb0eae8744a88dd505553a0c712e69e332641ab04527831512f76042

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Apr 2021 14:46:19 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://thetandd.com
access-control-allow-credentials
true
integrator.js
adservice.google.ch/adsid/ Frame 552C 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ch/adsid/integrator.js?domain=thetandd.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040803.js?31060769
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Apr 2021 14:46:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 552C 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=thetandd.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040803.js?31060769
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Apr 2021 14:46:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 552C 		453 B
777 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3293219476228728&correlator=4247802737908072&output=ldjh&impl=fif&eid=31060550%2C31060769%2C31060506%2C44739387&vrg=2021040803&ptt=17&sc=1&sfv=1-0-38&ecs=20210412&iu_parts=32867010%2CA_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ris=16&rcs=1&prev_scp=rsh_sz%3D728x90%26c%3D10%26r%3D110%26d%3Dlee728.net%26g%3Da9JORiXIKr5BlZrkHcnnVW%26gd%3Da9JORiXIKr5BlZrkHcnnVW%253Adesktop%26cc%3D154%26pf%3D50%26ivt%3D24%26iva%3D82%26ivb%3D71%26ivc%3D63%26ivd%3D26%26ive%3D4%26ivp%3D95%26osr%3D98%26pre%3Dapnx%253Ae102%2Cttx%253A0%26pre_sz%3Dapnx%253A0x0%2Cttx%253A0x0%26tier%3Dapnx%253A0%2Cttx%253A0%26hb%3D0%26rsh%3D1&eri=1&cookie_enabled=1&cdm=thetandd.com&bc=31&abxe=1&lmt=1618238779&dt=1618238779138&dlt=1618238763125&idt=167&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=150&oid=3&adxs=1598&adys=62&adks=657788913&ucis=5jmoiulb1hdu&ifi=2&ifk=2144106570&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fthetandd.com%2F&top=https%3A%2F%2Fthetandd.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=284x134&msz=284x90&ga_vid=1231912092.1618238764&ga_sid=1618238764&ga_hid=2076087055&ga_fc=false&fws=256&ohw=0&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040803.js?31060769
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
5aafa4cffeb07dfa9ca19173e3a7e4e1ceeda3fab8eb24a3074bc74d6feeff2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thetandd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:46:19 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
240
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://thetandd.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ums.acuityplatform.com
URL
https://ums.acuityplatform.com/tum?umid=27&uid=614e00ba770641c99d071dcb&gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

175 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| dataLayer object| _cc6894 object| LOTCC boolean| LEE_DS function| $ function| jQuery object| TNCMS function| originalLeave function| objectFitImages function| Cookies object| SelectorQueries object| picturefillCFG function| picturefill object| lazySizesConfig object| lazySizes function| onYouTubeIframeAPIReady object| __tnt object| obj object| eb.platform object| o function| __d3lUW8vwsKlB__ function| lee_getSubServ boolean| lee_srvlist object| lee_isal object| googletag object| APS_dfp_ads object| apstag object| OneTrustStub string| OnetrustActiveGroups string| OptanonActiveGroups function| TNStats_Tracker object| TNTracker function| addUspapiFrame function| optOutMsgHandler function| __uspapi object| usPrivacyCookie object| gamoo object| otCcpaOptOut function| dnsfeed object| google_tag_manager function| jsonFeed object| _402 function| _402_Show object| googleToken object| googleIMState function| processGoogleTokenSync object| google_tag_data string| GoogleAnalyticsObject function| ga object| __otccpaooLocation object| default_ContributorServingLoaderClientJs object| googlefc function| __Y9uNstf385Zx__ object| __fcInternalApiManager object| Yjc2NWZkNWMwMDJiOGVjbG9hZGVyX2pz string| Yjc2NWZkNWMwMDJiOGVjY2FjaGVkX2pz string| __fcInvoked boolean| __fcInternalApiPostMessageReady object| webmonitoring object| paidtasksshim object| gaplugins object| ggeac object| google_js_reporting_queue boolean| apstagLOADED object| default_ContributorTargetingClientJs function| __906a641ff040__ undefined| falcon_sub_name undefined| lee_clus undefined| lee_ulli undefined| lee_ulld_iso8601 undefined| lee_glus undefined| lee_glusIE undefined| sub_last_login_iso8601 object| otStubData object| default_ContributorServingDetectionClientJs function| __45zy51t9ik3m__ object| gaGlobal object| gaData function| postscribe object| google_tag_manager_external function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter boolean| google_measure_js_timing function| evvntDiscoveryInit object| _snowplow_trackers object| GlobalSnowplowNamespace function| snowplow function| fbq function| _fbq object| _comscore object| DH997a function| DH997b object| xop undefined| bHasSyncCookie function| messagingCallback function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| firebase object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome object| Optanon object| OneTrust boolean| $sNavScroll object| card_carousel_1780542 object| Snowplow object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired function| udm_ object| ns_p object| COMSCORE object| ppHqka function| ppHqkb object| xblacklist object| Xxa11a function| Xxa11b function| xblocker object| $FR_LAB object| _mather object| _matherq object| tid object| LI object| __li__evt_bus object| google_optimize function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| liQ boolean| 896bd36a-e529-481a-9d65-3ebbef6488cb number| google_srt object| google_ad_modifications object| google_logging_queue object| google_reactive_ads_global_state boolean| _gfp_a_ object| adsbygoogle object| _33Across function| $TM_VR object| default_ContributorServingCookieRefreshClientJs function| __8v31i8woen1z__ object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager function| $TM_CC object| $TB function| nrlskOnEvent object| _tynt_jp number| hc number| _tynt_gpt_iframe_id object| GoogleGcLKhOms object| google_image_requests

4 Cookies

Domain/Path Name / Value
.pubmatic.com/ Name: PugT
Value: 1618238770
.pubmatic.com/ Name: PUBMDCID
Value: 3
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-9b1a8722-a16b-41db-b6f2-bfcdcc68cb56
.pubmatic.com/ Name: SPugT
Value: 1618238769

16 Console Messages

Source Level URL
Text
console-api log URL: https://bloximages.chicago2.vip.townnews.com/thetandd.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.1477faac295a3745e4796d2263e75f11.js(Line 1)
Message:
Google Survey: script loaded
console-api warning URL: https://thetandd.com/shared-content/art/tncms/tracking.js(Line 1)
Message:
Removing tncms tracking: business/block/7ccb6249-e201-535e-8159-d88fbe19f9bb
console-api warning URL: https://thetandd.com/shared-content/art/tncms/tracking.js(Line 1)
Message:
Removing tncms tracking: business/block/7480d5d9-3082-53b8-b808-4952a1b157b0
console-api warning URL: https://thetandd.com/shared-content/art/tncms/tracking.js(Line 1)
Message:
Removing tncms tracking: business/block/a10eb3a0-9c04-5aba-8fbc-03b39eb12fe2
console-api warning URL: https://thetandd.com/shared-content/art/tncms/tracking.js(Line 1)
Message:
Removing tncms tracking: classifieds/featured/e5098a4a-064f-11ea-90a7-1ba89e80c47c
console-api warning URL: https://thetandd.com/shared-content/art/tncms/tracking.js(Line 1)
Message:
Removing tncms tracking: classifieds/featured/8fe5ceb6-064f-11ea-a867-073e5f82316a
console-api info URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs(Line 10)
Message:
Powered by AMP ⚡ HTML – Version 2103020108001 https://thetandd.com/
console-api info URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs(Line 10)
Message:
Powered by AMP ⚡ HTML – Version 2103020108001 https://thetandd.com/
console-api log URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js(Line 96)
Message:
received a request for uspapi
console-api log URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js(Line 96)
Message:
received a request for uspapi
console-api info URL: https://acdn.adnxs.com/ast/ast.js(Line 1)
Message:
AST library loaded: 0.36.0
console-api log URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js(Line 96)
Message:
received a request for uspapi
console-api log URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js(Line 96)
Message:
received a request for uspapi
console-api log URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js(Line 96)
Message:
received a request for uspapi
console-api log URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js(Line 96)
Message:
received a request for uspapi
console-api log URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js(Line 96)
Message:
received a request for uspapi

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

30149192a4eb4e9c9b87767b440a2d56.safeframe.googlesyndication.com
a.leetemplates.com
aa.agkn.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.turn.com
ads.creative-serving.com
ads.pubmatic.com
ads.yahoo.com
adservice.google.ch
adservice.google.com
adservice.google.de
am.freshrelevance.com
ampcid.google.com
ampcid.google.de
analytics.google.com
ap.lijit.com
aud.pubmatic.com
b-code.liadm.com
b1c97018161ab4c5273f19483f2ef1cd.safeframe.googlesyndication.com
b1sync.zemanta.com
bcp.crwdcntrl.net
bh.contextweb.com
bloximages.chicago2.vip.townnews.com
c.amazon-adsystem.com
c1.adform.net
cdn-sic.33across.com
cdn.ampproject.org
cdn.cookielaw.org
cdn.tynt.com
ce.lijit.com
cm.g.doubleclick.net
cm.smadex.com
connect.facebook.net
contributor.google.com
creativecdn.com
cs.emxdgt.com
d5p.de17a.com
d81mfvml8p5ml.cloudfront.net
de.tynt.com
dis.criteo.com
dkpklk99llpj0.cloudfront.net
dn1i8v75r669j.cloudfront.net
dsp.adfarm1.adition.com
eb2.3lift.com
eu-u.openx.net
eus.rubiconproject.com
fundingchoicesmessages.google.com
geolocation.onetrust.com
googleads.g.doubleclick.net
green.erne.co
ib.adnxs.com
ic.tynt.com
id.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
js.matheranalytics.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
mwzeom.zeotap.com
p.rfihub.com
pagead2.googlesyndication.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel.quantserve.com
pixel.rubiconproject.com
pool.admedo.com
pr-bh.ybp.yahoo.com
protesidenext.com
pubmatic-match.dotomi.com
rp.liadm.com
rp4.liadm.com
rtb-csync.smartadserver.com
rtb.gumgum.com
sb.scorecardresearch.com
sc.tynt.com
secure.adnxs.com
securepubads.g.doubleclick.net
sic.33across.com
simage2.pubmatic.com
ssbsync.smartadserver.com
ssc.33across.com
stats.g.doubleclick.net
storage.googleapis.com
survey.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
tagan.adlightning.com
tags.crwdcntrl.net
tg.socdm.com
thetandd.com
thrtle.com
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
visitor.fiftyt.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.i.matheranalytics.com
x.bidswitch.net
ums.acuityplatform.com
104.111.230.142
104.111.238.139
104.16.39.14
104.16.88.26
104.18.131.43
107.178.250.234
124.146.215.48
13.226.155.74
13.226.155.79
142.250.186.130
151.101.113.108
151.101.14.49
159.65.196.12
169.197.150.7
169.50.137.190
178.250.2.151
18.156.0.31
18.158.167.137
18.185.180.173
18.195.155.181
184.30.24.198
185.184.8.30
185.29.133.208
185.33.220.145
185.64.189.114
185.64.189.115
185.64.189.249
185.64.190.80
185.86.137.131
185.86.138.119
192.104.182.109
193.0.160.128
193.122.130.38
198.148.27.139
2001:678:cb4:bbbb::11
208.100.17.183
208.100.17.187
213.155.156.182
213.19.147.151
216.52.2.39
216.58.212.162
23.23.2.159
2600:1f18:730:b130:2c1a:486d:f5df:3ec7
2600:9000:2070:5400:7:5031:dc0:21
2600:9000:2182:4800:e:98bf:5f00:21
2600:9000:2182:5400:2:36a1:2f40:21
2606:4700:10::6814:b944
2606:4700:10::6816:1957
2606:4700::6810:9440
2620:116:800d:21:36a9:ecb:e518:b308
2a00:1288:110:c305::8000
2a00:1288:80:800::7000
2a00:1450:4001:800::2001
2a00:1450:4001:803::2002
2a00:1450:4001:803::2003
2a00:1450:4001:803::2011
2a00:1450:4001:808::2001
2a00:1450:4001:808::200e
2a00:1450:4001:809::2001
2a00:1450:4001:80e::2010
2a00:1450:4001:80f::2001
2a00:1450:4001:810::200e
2a00:1450:4001:813::2003
2a00:1450:4001:827::2002
2a00:1450:4001:828::2004
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::200e
2a00:1450:400c:c1b::9b
2a02:26f0:7100::687e:243a
2a02:fa8:8806:13::1370
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f112:182:face:b00c:0:25de
3.213.73.156
3.64.73.215
34.102.205.239
34.200.78.134
34.249.87.121
34.253.11.193
34.98.64.218
35.168.95.93
35.201.96.126
35.210.53.219
35.244.174.68
37.157.2.234
5.149.248.141
52.18.90.176
52.30.234.204
52.58.248.2
52.85.32.122
52.95.116.38
54.171.41.106
54.81.207.173
54.88.16.190
54.93.115.47
63.251.114.137
65.9.58.106
66.155.71.149
67.202.110.23
69.173.144.138
69.173.144.139
70.42.32.159
77.243.60.138
85.114.159.93
87.98.252.5
01d21f3da0ac7ca1f1bd53bbf18b0a0eb36937eb79c30d7fe73ef6a7d02d4843
0230e8c67f568c29bfa2d9756f6e9f79ca6a375d99cbeb54bf09c35fb9e525c4
0381d5fc285c2750f0de064e454da03e26e0cbb5595423394f7eaab2b916bb68
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0785141e6461918363176bb595c118997a66d51af8338db5999308cd593cfebd
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0f43f4ee69c1e53622d634119250c9ecc2b189983c3e9dcf6bca4c59523b2b4e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12a84d53232f26ad8feb3dab55e480195520c092b9a8dc87baca96c7390d919b
147afdb9e2f4d21b2e7914ba0a21bf2bbdf2f47f7c8fd7863f5ee7dfa8f6c1da
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
19ee3ded1fe83e848e9b5cb0831689460e07c7d3d867fc692c84dc1106086293
1b35f828bed609bd50d0004f302ae90810fcfdff55f4a1a50f7d801f590f2358
1b94f9074fc2ef1b63132fc70fe244cc5d5322e5982a80b6273a45a935ae335f
1d584af3d0a8ad98207995400856e5e8c608551e080e252ed413e82c19ffd04f
1de0329efc2318d33d0465562faa725975a514327d7c5e01b23e45d9501cb494
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
1ffb3eb67476de4a642893eefb2ffd33e62c7474808fc21438d5a961cd4982f6
2163eccef5ac46fef5b4b64dc8718a96f89de083639cb4b32750a68db4c823a1
21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27a5a0ed933f708443dfdec766c5ddb48f95aade9bbddc2cd852a680f67f691e
2a9919dba758e9c6b34949c20ea05be4ec312381d469584837a21f244e1b536c
2be4ac78025c9781358f6d7c2a76d222ca47500f1fb61b63760dee4a9289901d
2c4c258f6e24e9861dd7cc3ae5d823e0c09a243f9e671cabbfed9b2be2825085
2c77519cfdb3f918d4e3b9f39bd2f296779e6269476bfe2be98d3eaa6cc8b183
2caa4dce1746cb73f218a783291388a3eb600753578f116b381bdf7ecdfc13e9
2e409af4e2cd960258ebce74a7af470632e2fa44a18cbc2e49da7f098a3c572c
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f5bf5edcefe950e16d287cdcb9c28690952439098ee0639f4a960fe268ae231
2ff8ca8636f3de503c17f5d8fb6e10b4233034f144505f8faba8b105585127ff
31df40fb5c434b6b1800863907d810445058480440381cb09dc0689abb96071b
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
372942d78c26534b977fdcd8ab0969e899bd5b12482acb12f6062547bbed6afe
3747e8bc748af689d64eb87ca37cb85a7586fed5250b27628efcb4827a69f2f5
3991138664f8a2717cd6fd5d4394c3cdeff54b01e001b9c128d67511e8a1900b
3c4d267be6e80fd47142978fae8b63689a64d6a3a98e525d2a1d33c7110a9b96
3c9a2d086d47148ae23b40fb16fa13a5bd578e40aa7ee5acabd1ad9d3c958ecf
3e101363edc366bfe0de28664c8e9323a340a49d8c3669d91ca59575edf1c5fa
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f3d967417d777c22af51304d6f11a652da4c3fe1aa553ba65baf8b67ac25256
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
3ff3732ade7dd61f2c07e2ecb4799ede4247bcce80e1bb0186bcb857ae519592
441c6f5720c9103286378a33b798aaf01838ce5317eadaec152094b12cfa51ed
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4919a87e9b6050a2c1eaafd7bd612072a9f8b288198ff334aa61f763c3701c0d
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4b97e69aa228bfca2be1f362b1e84f6b8ed77110e4c4efb55fac0bd016dbe93c
4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439
4c821f2d169369324022057e9948ed8f9d45794d18b6c8c3fbbba900bb65158c
4d3e2297ba547a0ed111d7fb3ec14f189d47d3f565c68a089b6492357d811da5
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e33876a23763376cf35ac852e3d6891cfb324e7bbaf94a630ee812e7adc742d
4ef0cb2e94b5b79911d8647651823f8c4a39b0f1192bf85b2caa9ce9db3fd7e1
53887e4a4b075f34d1422d365e8f0bbdbfe9fb8b23c14264ea20f656554b276c
560357e94ad4e3f3e2199cdecaaf8d339f35d97ec03de8b875eef2bbd80b43fb
58443717e31d5c73104c181efddd0fb968d3c098d0c2fb3cb3706c9cb1d6878c
5a2f10e09cd6e81eb686dbca9e6056ed485e87d3869bac347455547c294cb036
5a6dea5e3d53872f9fe9baa7abce6201bb481bb055699b7d4e577ef83ea88161
5aafa4cffeb07dfa9ca19173e3a7e4e1ceeda3fab8eb24a3074bc74d6feeff2c
5ecb47e55d1460c551961488549770f5e16a87cedc8088ff8bf7ce686661c388
5fefa6bc00a2fca4d3ca705862d42dfdbb8f69124b2f0cc0896d3c7c2c05890a
614abd80fb95da33431e2745c37c75afc24fbd9cda048d740e2fa068fa3096f6
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bb4ce8dea8b26080f3627d5b398b131b8f59a280ec18f07e959b9c7583e061a
6e0dd40ee342f512ec15453f6336b43a09a6bfe75728bf2710949dd0da7fc58e
6e18ba4f01dc7dd94a5ca4d40da8cc0732221be22cd3ac2b79560e1a67ca61d1
6e553b4e88ac4a1819d608fe9dcb46544ca5fb776d4e0c84d773f37b1df18211
6e6c02cecdf5cb7b5db7cbf455c81c05828f2f801dd585ffdfa9d4cc90e9be1a
6f80d2ce30fd487ef699cbde41c7c334981b9c49d5ac09de4023346911b10696
6fe3ea33594cafb36ababf1bdf47d0e17cf6368d60f4812de566752d61919020
708babb5fba011bfc960e0c086736b4c3deb8a4c5fa4ca88a18dd4585171193f
7169b20ff9116852953e326ad3776ac06c0f14a5a21a3e07f3fb8b5c46418a61
788449db842dd054d4f5b280e49f5cff9a794e1a271c16dec4a35f2a6ab79b11
7a0eaf21fe4084cc7105e771f57731abe41a4d647a4879dea141885fcc3096b2
7d6bc5ccc0d04e6ccfbecd2bd5775b3604995e5196b4e08c179d0885e7e94925
7d78c5129bfc297d770232083790b2badd5b043f88a8cc1df0fe08951c050841
7f7ab449546fa27ef6f8c99baa13a8946cacda3c0130db05015ccd5176e4ce71
7fa2af707030ba4bef85e450f06c59dcb386e5091cd04aa6e06b56e8bd1cceb3
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8167b2733f3a07102af4703fae803490251157ab68faefed3644861a38d49ea3
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
833b26c34d305011a00b49abb4dcae648a84beae817cc24b0e53e904bb6726b0
8395ed637e3472787ed6661f11ad576d67676410e7fcc7cd92093ee650406ce8
8416f8febc369c76d3fc82e78d0c49c84bf1dd1904b73cee557fccdbbb5b9005
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
853ea24310a0824d444a1a06158febf5527c5542b0853d78bd3f396b2b8ec764
86cc35989be655e6cbe68540cf835dec34388862a948fbd05850100797c32319
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f11f2d65d3a1594a57625e5a9457a1beb87c6a0399172cab062d50263ae388b
8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185
91e513f8aebd9362d283abe1b3b375e5f1cb6dbb95747bcb00f2ea4c179c49de
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235
94afb4609cd5d95128057b67ee0ef36f867bacc074b6e116d874ed8b0852b73f
950615e6230791e84272d63876c754affc99ce0e42ca387c987782f4bef7a4aa
979d15ae538003193bb2c06d9ac3d9d5ed77760ceccd668d4523eb5a62a89e0f
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b0ae23912164907794863c08ca63f1cbcb091dbf396062e34ac11a883fdf7b1
9bebee8ef2df3352f845aa1d99046f71c4859eb991d3244c9f609b9294051377
9c4b333e0f6a65a63bd8a59742929fc50f76fb6d5fa63f7326d0cb33331cf2bd
9e3b9ecf3258afd899081e6cf645e09ae51a031aeac11a0d0f59ea3b5ff8595b
9f87de0babb3f2d86e6e0f6aed72720f81a9ad57cc156cfd14e076fcb7df3f2f
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a45e919dbddfcebb90632a86e640e4e9f6abc4c5c4bcb52fee3eea499d59d957
a4974b8aad56c0ccd033a6c99fa174c69a0e90d82101cd4141227ad98cd25e56
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5986af015b65afced1df1e2b5920c55790f2da55a963154befd162a13f981cf
a5f288838a9ad31e006954f556180652f85c00f6df72143326d785e568548307
a6715a1b3fd94615665a68bb9058e4ab11d027c6772f3624c44b20b155041897
a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c
a788e771899c0a361f0036a49158d6e1ae49b19b8a39d76e7b24ac3cd163a2e3
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ae782b53efa1b7d46d0e4563053479064f75accccc10bf1df20955a79b5686fb
afa2402b39934294e891a49978c1227cca1667c7e4431866077b0db5707c29a5
b10a075758097bb0578287af03c76a9fcd82fa4607587109ae41fe2d24756600
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b216e7e1a620a48666a253b955521ab77ad64e97291ea2986f0d92ded0c557b2
b4d311859faccfcca39a56ee6cf8e7062544a007f40799dfe95020e0cc8a7673
b53c8109bb7f8fde64b1c126f00b93a77cb65339ef010b466b7ce075e8554afb
bac46d428fe089083f15b0e7a98740ab908530a0eadc8605d284c6f8c59b968c
bc40838a707dba656095bdce002939c726b0fe7de618b613ff3a29a39aef0938
bc542b1a6b82e2ec539fae662e4d5cad3bd8db4f0a2f1d7a28477da16b6c3973
bfb7c1c05ebbab46a26ee41585114b47acb2b9268217bb556c800ac9c10d67fc
c09a7c9c1fd039e9fa1d8e0f5055a93da6c7cfac52d90f7bd29753bcd1a08308
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c5acf48cd6d4ec14aafd405e5779e1c7b4427f22f32627b6991132040fe85ddd
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c730ba2c0a85e4b6b57fd4d294397cdc5d5f3df162dc7cc07a1aed32b6a817a9
c79456b94ef17205d2e7ce09158c3c97e909feb47209e69b0590d7951759849c
c7b7f30369f2913163e0bf7968ee1540ccdd86fad6e76cf79ac3072dcff3f391
c7c4e85fab99165f7d8a912f21ae8d691b6a96049780d96e174e6394e09384ca
c7dcff030428604b923eb339d30145440d9f25ec9444f1e03f7fcc5d4c1aae84
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca683475c6796632b98cd16969e64a3fe8720559809386da316ec2f053c6c397
cada4c310ba69f80769bdeb2e3422dae0667f2fbd174e359357ec3539dc60027
cc052506da8c4b92deff53733b1d7e388a0332dab4ed083c9b1543356dceb623
ce9c9b8e409d4ca4361ed30002bd88d4cd020a5ff321ddc25d8587436b89302a
ceb064fe37f9622441fdeafeb3e5834c5e92695293edd14b661fc36b4f8046be
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1443b0add223e48ea905e4ac594b20165ab5f241ec66e5fce39b77730b201cd
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
d3b972009072e66017f4e26bd865460d9d66fd602b7ed498d4e79f0e7db7f295
d417a464f03112c30306839738c93d236cdb95648278516c8ba6873be7dafb86
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
d92c8a0b4ceb376dbf74b59d3bd82c3dfeced00dcf23f4d2e509af7967b772f2
da46bc766028c67f94e34c39ecf0c36513fd5ffffe1e126ce09908ebcd671eb6
dc85a850ca2834c97ff32f71e3ee40ac6e695fe0d89d0d4498072b43c7465f84
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dfeb7783a538aaf85df056bf149c808937dccdb3e3af5714d6fba017054e2f94
e1ce17fd79478fbb0830c687ff4046c86993acb5fd14fc35b4fd29bed00ce94a
e2f34bb6fb0eae8744a88dd505553a0c712e69e332641ab04527831512f76042
e31c42447e764b1195ff393437950867800ce2465dd3724c95640f4f5b34487c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b71c8eb784f14ca78c3f0e5d765f056b81d93bcef2a8716de1dcf0eb806837
e4fb1fff0bf5717dd8bcd06d6fc1ac2874c96a19cd518dcae0fadd6c9730dac6
ea1b053f26c2b20af52a473166842f8e94697789a892edbd388079528ede5a5b
ea25147c5bdc915403097392e9893415aae698a49a482be1c07932270f5385bb
ee6a4c745a807181e71f1c3316e2aceac00e2c1921e22f29be900bd680291f82
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2310d57fb0b5d975ad4979ac418f3df99306637f41fb9e345fad68673932ec
ef586bf784948e62385ac9952a5ff1485f8b794c6b29328b71b67038ba26bc4f
ef695bc65d0af62aaa445e6190c1adb80d8caaa48d910fabc546074a27186fbd
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f402b2d75ac54e1c369d34b97efcedb68aa084b039ab91b85ad70ea53ebb5a3a
f5e55a21dfa3a20ceb298737c8f4c517a83d7960468c7f53b3f33c567bacff3c
f6a51eb39d187a4dcd4e2fdfb607418cb4c1bc5c1d6bd438d011d7444dd4531c
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
f95fe1c0376aa720a01267e70fb42a259d610fa9fa66f78e7fc629f9bd835c43
f98e8196d88bff2a006872a05d79c2d695f6dda36e0aecdd0ace020207809f40
f9a54989fd3da23df2390e4f335d0eb3ffe1f9e033079790594d0cba8678748e
fb3e3a7c7a185a0784f0e831948e3ee4f62643c684398e1606c1b4e805c6d69a
fe5d23d415187d71dfa026db8852418f98513ef7f7a1c3e1321bc95d6d6a0f5f
ffa8814637fab7a454e06a6403a650615c04044d4f881b04ffdfcdc1395d98da