urlscan.io logo urlscan.io
SecurityTrails logo

www.oregonlive.com Open in urlscan Pro
42.99.140.176  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Submission: On August 18 via manual from AU — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 141 IPs in 13 countries across 113 domains to perform 538 HTTP transactions. The main IP is 42.99.140.176, located in Japan and belongs to ASN-TELSTRA-GLOBAL Telstra Global, HK. The main domain is www.oregonlive.com. The Cisco Umbrella rank of the primary domain is 74996.
TLS certificate: Issued by R3 on July 20th 2023. Valid for: 3 months.
This is the only time www.oregonlive.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
25 42.99.140.176 4637 (ASN-TELST...)
12 104.18.170.114 13335 (CLOUDFLAR...)
2 34.160.169.226 396982 (GOOGLE-CL...)
1 13.224.249.34 16509 (AMAZON-02)
1 18.155.68.125 16509 (AMAZON-02)
1 104.89.118.131 16625 (AKAMAI-AS)
2 74.125.68.97 15169 (GOOGLE)
2 104.18.29.38 13335 (CLOUDFLAR...)
3 13 74.125.130.155 15169 (GOOGLE)
2 23.76.212.194 16625 (AKAMAI-AS)
3 13.227.249.127 16509 (AMAZON-02)
5 13.224.249.98 16509 (AMAZON-02)
42 151.101.65.44 54113 (FASTLY)
3 142.250.4.84 15169 (GOOGLE)
1 18.155.68.32 16509 (AMAZON-02)
4 35.71.130.31 16509 (AMAZON-02)
2 184.51.137.72 16625 (AKAMAI-AS)
19 52.84.251.112 16509 (AMAZON-02)
1 151.139.128.10 20446 (STACKPATH...)
1 52.84.251.128 16509 (AMAZON-02)
17 184.51.241.170 16625 (AKAMAI-AS)
7 74.125.68.139 15169 (GOOGLE)
6 104.17.182.177 13335 (CLOUDFLAR...)
6 74.125.200.101 15169 (GOOGLE)
1 13.35.18.49 16509 (AMAZON-02)
1 184.51.241.81 16625 (AKAMAI-AS)
1 3 13.227.254.75 16509 (AMAZON-02)
1 151.101.65.140 54113 (FASTLY)
4 157.240.235.1 32934 (FACEBOOK)
1 4 52.84.251.52 16509 (AMAZON-02)
1 151.101.108.157 54113 (FASTLY)
1 42.99.140.192 4637 (ASN-TELST...)
1 52.84.251.74 16509 (AMAZON-02)
1 18.155.68.88 16509 (AMAZON-02)
1 18.155.66.79 16509 (AMAZON-02)
1 2 107.178.250.234 15169 (GOOGLE)
4 54.169.66.86 16509 (AMAZON-02)
4 52.74.67.35 16509 (AMAZON-02)
1 184.51.136.140 16625 (AKAMAI-AS)
2 182.161.73.136 55569 (CRITEO-AS...)
1 23.76.223.160 16625 (AKAMAI-AS)
2 104.18.25.112 13335 (CLOUDFLAR...)
1 104.22.53.86 13335 (CLOUDFLAR...)
2 54.88.250.216 14618 (AMAZON-AES)
1 52.84.251.129 16509 (AMAZON-02)
3 35.201.67.47 396982 (GOOGLE-CL...)
2 35.190.91.160 15169 (GOOGLE)
1 35.190.59.101 15169 (GOOGLE)
5 13.33.96.216 16509 (AMAZON-02)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 34.96.70.87 396982 (GOOGLE-CL...)
1 13.33.92.130 16509 (AMAZON-02)
2 64.233.170.132 15169 (GOOGLE)
2 6 67.199.150.81 62713 (AS-PUBMATIC)
1 4 54.149.208.24 16509 (AMAZON-02)
1 34.111.234.236 396982 (GOOGLE-CL...)
2 6 35.190.60.146 15169 (GOOGLE)
1 2 104.69.166.9 16625 (AKAMAI-AS)
1 2 3.222.18.142 14618 (AMAZON-AES)
1 13.227.255.71 16509 (AMAZON-02)
1 34.107.148.139 396982 (GOOGLE-CL...)
1 104.18.24.185 13335 (CLOUDFLAR...)
1 207.65.33.78 62713 (AS-PUBMATIC)
1 2 54.87.117.119 14618 (AMAZON-AES)
1 142.251.12.102 15169 (GOOGLE)
1 104.244.42.69 13414 (TWITTER)
1 104.244.42.195 13414 (TWITTER)
2 151.101.193.140 54113 (FASTLY)
2 10 52.46.130.91 16509 (AMAZON-02)
2 99.83.154.140 16509 (AMAZON-02)
7 74.125.68.94 15169 (GOOGLE)
1 52.84.251.44 16509 (AMAZON-02)
3 5 13.107.42.14 8068 (MICROSOFT...)
18 141.226.124.48 200478 (TABOOLA-AS)
2 2 124.146.215.50 2514 (INFOSPHER...)
2 17 141.226.229.48 200478 (TABOOLA-AS)
1 35.158.65.41 16509 (AMAZON-02)
1 2 23.106.127.39 59253 (LEASEWEB-...)
8 11 69.173.158.64 26667 (RUBICONPR...)
5 6 13.250.69.77 16509 (AMAZON-02)
1 1 35.208.249.213 15169 (GOOGLE)
17 67.199.150.86 3257 (GTT-BACKB...)
9 13 74.125.130.154 15169 (GOOGLE)
15 15 3.33.220.150 16509 (AMAZON-02)
1 2 209.191.163.208 14744 (INTERNAP-...)
1 74.214.196.131 19189 (PULSEPOINT)
1 23.106.127.165 59253 (LEASEWEB-...)
4 4 182.161.73.146 55569 (CRITEO-AS...)
16 21 141.95.98.64 16276 (OVH)
7 7 103.43.90.54 29990 (ASN-APPNEX)
3 3 50.57.31.206 19994 (RACKSPACE)
4 5 119.9.108.191 45187 (RACKSPACE...)
9 11 185.84.60.20 198622 (ADFORM)
2 2 103.229.206.241 30419 (MEDIAMATH...)
4 5 34.111.113.62 396982 (GOOGLE-CL...)
8 8 35.213.12.39 15169 (GOOGLE)
1 1 146.0.227.110 20773 (GODADDY)
3 3 3.120.23.80 16509 (AMAZON-02)
1 7 34.98.64.218 396982 (GOOGLE-CL...)
1 2 52.223.2.229 16509 (AMAZON-02)
3 3 52.55.0.114 14618 (AMAZON-AES)
1 2 82.145.213.8 39832 (NO-OPERA)
2 2 98.98.134.243 21859 (ZEN-ECN)
1 172.217.194.102 15169 (GOOGLE)
7 52.71.184.108 14618 (AMAZON-AES)
1 2 34.120.135.53 396982 (GOOGLE-CL...)
2 162.19.138.116 16276 (OVH)
1 34.206.250.88 14618 (AMAZON-AES)
2 44.215.116.28 14618 (AMAZON-AES)
1 23.76.217.151 16625 (AKAMAI-AS)
1 35.190.39.111 15169 (GOOGLE)
1 141.226.224.32 200478 (TABOOLA-AS)
18 74.125.24.132 15169 (GOOGLE)
3 172.217.194.157 15169 (GOOGLE)
1 4 74.125.68.99 15169 (GOOGLE)
1 63.34.81.234 16509 (AMAZON-02)
9 157.240.235.35 32934 (FACEBOOK)
5 172.217.194.154 15169 (GOOGLE)
1 74.125.68.156 15169 (GOOGLE)
2 54.64.50.102 16509 (AMAZON-02)
16 142.250.4.139 15169 (GOOGLE)
3 184.51.240.213 16625 (AKAMAI-AS)
5 5 13.228.126.19 16509 (AMAZON-02)
2 2 13.33.88.32 16509 (AMAZON-02)
6 184.51.138.68 16625 (AKAMAI-AS)
1 13.227.254.80 16509 (AMAZON-02)
9 207.65.33.82 62713 (AS-PUBMATIC)
1 1 34.83.125.63 396982 (GOOGLE-CL...)
1 1 51.68.39.188 16276 (OVH)
6 6 89.207.22.105 41041 (VCLK-EU-SE)
1 1 8.43.72.97 26667 (RUBICONPR...)
1 52.95.115.196 16509 (AMAZON-02)
1 52.84.251.94 16509 (AMAZON-02)
3 172.217.194.155 15169 (GOOGLE)
2 64.233.170.154 15169 (GOOGLE)
1 35.186.255.72 15169 (GOOGLE)
1 104.16.240.21 13335 (CLOUDFLAR...)
6 207.65.33.76 62713 (AS-PUBMATIC)
2 96.17.190.68 16625 (AKAMAI-AS)
2 5 42.99.140.177 4637 (ASN-TELST...)
1 52.1.99.83 14618 (AMAZON-AES)
1 34.120.155.137 396982 (GOOGLE-CL...)
2 104.18.11.47 13335 (CLOUDFLAR...)
10 104.83.196.24 16625 (AKAMAI-AS)
2 104.17.183.177 13335 (CLOUDFLAR...)
2 10 139.5.84.243 27381 (CASALE-MEDIA)
14 151.101.66.133 54113 (FASTLY)
10 104.17.25.14 13335 (CLOUDFLAR...)
3 3 103.229.10.180 16509 (AMAZON-02)
2 2 18.138.18.111 16509 (AMAZON-02)
4 6 151.101.194.49 54113 (FASTLY)
2 2 35.186.154.107 15169 (GOOGLE)
2 2 107.178.254.65 396982 (GOOGLE-CL...)
1 1 34.98.67.3 396982 (GOOGLE-CL...)
3 3 50.116.239.135 6336 (TURN-US-ASN)
1 1 35.244.159.8 15169 (GOOGLE)
1 13.33.88.64 16509 (AMAZON-02)
1 18.139.77.230 16509 (AMAZON-02)
1 1 35.214.148.104 15169 (GOOGLE)
3 23.36.48.24 16625 (AKAMAI-AS)
1 1 198.8.71.130 54312 (ROCKETFUEL)
4 4 74.118.186.107 6336 (TURN-US-ASN)
2 96.17.188.24 16625 (AKAMAI-AS)
2 2 52.76.217.203 16509 (AMAZON-02)
2 2 64.74.236.191 22075 (AS-OUTBRAIN)
1 34.199.73.116 14618 (AMAZON-AES)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
3 151.101.194.133 54113 (FASTLY)
1 2 35.186.193.173 15169 (GOOGLE)
1 220.150.223.50 4686 (BEKKOAME ...)
1 1 139.162.23.100 63949 (AKAMAI-LI...)
1 74.118.186.106 ()
538 141
25    42.99.140.176 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-176.pacnet.net
www.oregonlive.com
12    104.18.170.114 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
2    34.160.169.226 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 226.169.160.34.bc.googleusercontent.com
satisfycork.com
1    13.224.249.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-249-34.sin52.r.cloudfront.net
cdn.sophi.io
1    18.155.68.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-125.sin52.r.cloudfront.net
apps.sophi.io
1    104.89.118.131 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a104-89-118-131.deploy.static.akamaitechnologies.com
s.go-mpulse.net
2    74.125.68.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f97.1e100.net
www.googletagmanager.com
2    104.18.29.38 (None, )

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
13    74.125.130.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f155.1e100.net
securepubads.g.doubleclick.net
cm.g.doubleclick.net
2    23.76.212.194 (Hong Kong, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a23-76-212-194.deploy.static.akamaitechnologies.com
micro.rubiconproject.com
ads.rubiconproject.com
3    13.227.249.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-249-127.sin52.r.cloudfront.net
c.amazon-adsystem.com
5    13.224.249.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-249-98.sin52.r.cloudfront.net
tags.crwdcntrl.net
42    151.101.65.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
pm-widget.taboola.com
trc.taboola.com
vidstat.taboola.com
images.taboola.com
match.taboola.com
pips.taboola.com
imprchmp.taboola.com
wf.taboola.com
vidanalytics.taboola.com
vidstatb.taboola.com
3    142.250.4.84 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f84.1e100.net
accounts.google.com
1    18.155.68.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-32.sin52.r.cloudfront.net
static.adsafeprotected.com
4    35.71.130.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: a8fd921d2017b5f79.awsglobalaccelerator.com
ecollector-us-east.sophi.io
2    184.51.137.72 (Hong Kong, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-137-72.deploy.static.akamaitechnologies.com
a.teads.tv
at.teads.tv
19    52.84.251.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-251-112.sin5.r.cloudfront.net
a051.oregonlive.com
1    151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net
s.skimresources.com
1    52.84.251.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-251-128.sin5.r.cloudfront.net
ats-wrapper.privacymanager.io
17    184.51.241.170 (Hong Kong, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-241-170.deploy.static.akamaitechnologies.com
z.moatads.com
px.moatads.com
7    74.125.68.139 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f139.1e100.net
news.google.com
6    104.17.182.177 (None, )

ASN13335 (CLOUDFLARENET, US)
experience.tinypass.com
cdn.tinypass.com
buy.tinypass.com
api-v3.tinypass.com
6    74.125.200.101 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f101.1e100.net
www.google-analytics.com
1    13.35.18.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-18-49.sin5.r.cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
1    184.51.241.81 (Hong Kong, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-241-81.deploy.static.akamaitechnologies.com
s.ntv.io
3    13.227.254.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-254-75.sin52.r.cloudfront.net
sb.scorecardresearch.com
1    151.101.65.140 (United States)

ASN54113 (FASTLY, US)
www.redditstatic.com
4    157.240.235.1 (Singapore)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-04-sin6.fbcdn.net
connect.facebook.net
4    52.84.251.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-251-52.sin5.r.cloudfront.net
cdn.keywee.co
1    151.101.108.157 (Tokyo, Japan)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    42.99.140.192 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-192.pacnet.net
snap.licdn.com
1    52.84.251.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-251-74.sin5.r.cloudfront.net
ak.sail-horizon.com
1    18.155.68.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-88.sin52.r.cloudfront.net
cdn-magiclinks.trackonomics.net
1    18.155.66.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-66-79.sin52.r.cloudfront.net
z-na.associates-amazon.com
2    107.178.250.234 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 234.250.178.107.bc.googleusercontent.com
js.matheranalytics.com
4    54.169.66.86 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-169-66-86.ap-southeast-1.compute.amazonaws.com
privacy.crwdcntrl.net
sync.crwdcntrl.net
4    52.74.67.35 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-67-35.ap-southeast-1.compute.amazonaws.com
bcp.crwdcntrl.net
1    184.51.136.140 (Hong Kong, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-136-140.deploy.static.akamaitechnologies.com
c.go-mpulse.net
2    182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
1    23.76.223.160 (Hong Kong, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a23-76-223-160.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
2    104.18.25.112 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
1    104.22.53.86 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
2    54.88.250.216 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-88-250-216.compute-1.amazonaws.com
advancelocal.blueconic.net
1    52.84.251.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-251-129.sin5.r.cloudfront.net
geo.privacymanager.io
3    35.201.67.47 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 47.67.201.35.bc.googleusercontent.com
t.skimresources.com
2    35.190.91.160 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 160.91.190.35.bc.googleusercontent.com
p.skimresources.com
1    35.190.59.101 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 101.59.190.35.bc.googleusercontent.com
r.skimresources.com
5    13.33.96.216 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-96-216.sin2.r.cloudfront.net
aax.amazon-adsystem.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
1    13.33.92.130 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-92-130.sin2.r.cloudfront.net
cdn.prod.uidapi.com
2    64.233.170.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sg-in-f132.1e100.net
234794022749f960a58f52c6b5002407.safeframe.googlesyndication.com
6    67.199.150.81 (Singapore)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
4    54.149.208.24 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-149-208-24.us-west-2.compute.amazonaws.com
jadserve.postrelease.com
1    34.111.234.236 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 236.234.111.34.bc.googleusercontent.com
ml314.com
6    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
idsync.rlcdn.com
id.rlcdn.com
2    104.69.166.9 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a104-69-166-9.deploy.static.akamaitechnologies.com
tags.bluekai.com
stags.bluekai.com
2    3.222.18.142 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-222-18-142.compute-1.amazonaws.com
thrtle.com
1    13.227.255.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-255-71.sin52.r.cloudfront.net
cdn.parsely.com
1    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
1    104.18.24.185 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
1    207.65.33.78 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
2    54.87.117.119 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-87-117-119.compute-1.amazonaws.com
rp.liadm.com
1    142.251.12.102 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f102.1e100.net
ampcid.google.com
1    104.244.42.69 (United States)

ASN13414 (TWITTER, US)
t.co
1    104.244.42.195 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
2    151.101.193.140 (United States)

ASN54113 (FASTLY, US)
alb.reddit.com
10    52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
2    99.83.154.140 (United States)

ASN16509 (AMAZON-02, US)
PTR: aa7557bb34ea5624b.awsglobalaccelerator.com
api.sail-personalize.com
7    74.125.68.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f94.1e100.net
www.gstatic.com
1    52.84.251.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-251-44.sin5.r.cloudfront.net
cdn.linkedin.oribi.io
5    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
18    141.226.124.48 (Chicago, United States)

ASN200478 (TABOOLA-AS, IL)
ch-trc-events.taboola.com
ch-match.taboola.com
ch-vid-events.taboola.com
ch-wf.taboola.com
2    124.146.215.50 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
17    141.226.229.48 (Singapore)

ASN200478 (TABOOLA-AS, IL)
sync.taboola.com
sync-t1.taboola.com
1    35.158.65.41 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-65-41.eu-central-1.compute.amazonaws.com
ih.adscale.de
2    23.106.127.39 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ssbsync.smartadserver.com
11    69.173.158.64 (Singapore)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
6    13.250.69.77 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-250-69-77.ap-southeast-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
1    35.208.249.213 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 213.249.208.35.bc.googleusercontent.com
trace.mediago.io
17    67.199.150.86 (Singapore)

ASN3257 (GTT-BACKBONE GTT, US)
simage2.pubmatic.com
13    74.125.130.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f154.1e100.net
cm.g.doubleclick.net
15    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    209.191.163.208 (United States)

ASN14744 (INTERNAP-BLOCK-4, US)
ce.lijit.com
1    74.214.196.131 (Sunnyvale, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    23.106.127.165 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
rtb-csync.smartadserver.com
4    182.161.73.146 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
dis.criteo.com
21    141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu
id5-sync.com
7    103.43.90.54 (Singapore)

ASN29990 (ASN-APPNEX, US)
PTR: 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
ib.adnxs.com
3    50.57.31.206 (United States)

ASN19994 (RACKSPACE, US)
uipglob.semasio.net
5    119.9.108.191 (Hong Kong)

ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK)
uipapac.semasio.net
11    185.84.60.20 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    103.229.206.241 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
5    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
8    35.213.12.39 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com
x.bidswitch.net
1    146.0.227.110 (Ascension Island)

ASN20773 (GODADDY, DE)
inv-nets.admixer.net
3    3.120.23.80 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-23-80.eu-central-1.compute.amazonaws.com
rtb.mfadsrvr.com
7    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
u.openx.net
google-bidout-d.openx.net
us-u.openx.net
jp-u.openx.net
2    52.223.2.229 (United States)

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com
eb2.3lift.com
3    52.55.0.114 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-55-0-114.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
2    98.98.134.243 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
1    172.217.194.102 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f102.1e100.net
ampcid.google.com.au
7    52.71.184.108 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-184-108.compute-1.amazonaws.com
www.i.matheranalytics.com
2    34.120.135.53 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com
oajs.openx.net
2    162.19.138.116 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu
lb.eu-1-id5-sync.com
1    34.206.250.88 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-206-250-88.compute-1.amazonaws.com
pixel.keywee.co
2    44.215.116.28 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-215-116-28.compute-1.amazonaws.com
assoc-na.associates-amazon.com
1    23.76.217.151 (Hong Kong, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a23-76-217-151.deploy.static.akamaitechnologies.com
ead.oregonlive.com
1    35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com
esp.rtbhouse.com
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
18    74.125.24.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f132.1e100.net
tpc.googlesyndication.com
3    172.217.194.157 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f157.1e100.net
www.googletagservices.com
4    74.125.68.99 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f99.1e100.net
www.google.com
1    63.34.81.234 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-81-234.eu-west-1.compute.amazonaws.com
p1.parsely.com
9    157.240.235.35 (Singapore)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-04-sin6.facebook.com
www.facebook.com
5    172.217.194.154 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f154.1e100.net
googleads.g.doubleclick.net
pagead2.googlesyndication.com
1    74.125.68.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f156.1e100.net
stats.g.doubleclick.net
2    54.64.50.102 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-64-50-102.ap-northeast-1.compute.amazonaws.com
prebid-a.rubiconproject.com
16    142.250.4.139 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f139.1e100.net
play.google.com
3    184.51.240.213 (Hong Kong, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-240-213.deploy.static.akamaitechnologies.com
ads.pubmatic.com
5    13.228.126.19 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-228-126-19.ap-southeast-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    13.33.88.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-32.sin2.r.cloudfront.net
cr-p3.ladsp.com
6    184.51.138.68 (Hong Kong, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-138-68.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    13.227.254.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-254-80.sin52.r.cloudfront.net
check.analytics.rlcdn.com
9    207.65.33.82 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    34.83.125.63 (The Dalles, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 63.125.83.34.bc.googleusercontent.com
um.simpli.fi
1    51.68.39.188 (France)

ASN16276 (OVH, FR)
PTR: ns3129809.ip-51-68-39.eu
dsp.nrich.ai
6    89.207.22.105 (Singapore)

ASN41041 (VCLK-EU-SE, US)
PTR: sin02-nessy-float1.dotomi.com
inmobi-match.dotomi.com
medianet-match.dotomi.com
pubmatic-match.dotomi.com
1    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
1    52.95.115.196 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    52.84.251.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-251-94.sin5.r.cloudfront.net
trx-hub.com
3    172.217.194.155 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f155.1e100.net
pagead2.googlesyndication.com
2    64.233.170.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sg-in-f154.1e100.net
www.googleadservices.com
1    35.186.255.72 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 72.255.186.35.bc.googleusercontent.com
app.matheranalytics.com
1    104.16.240.21 (None, )

ASN13335 (CLOUDFLARENET, US)
c2.piano.io
6    207.65.33.76 (United States)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
image4.pubmatic.com
2    96.17.190.68 (Hong Kong, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a96-17-190-68.deploy.static.akamaitechnologies.com
video-ads.rubiconproject.com
5    42.99.140.177 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-177.pacnet.net
ads.stickyadstv.com
1    52.1.99.83 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-99-83.compute-1.amazonaws.com
idx.liadm.com
1    34.120.155.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.155.120.34.bc.googleusercontent.com
api.rlcdn.com
2    104.18.11.47 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
10    104.83.196.24 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a104-83-196-24.deploy.static.akamaitechnologies.com
contextual.media.net
2    104.17.183.177 (None, )

ASN13335 (CLOUDFLARENET, US)
buy.tinypass.com
10    139.5.84.243 (Canada)

ASN27381 (CASALE-MEDIA, CA)
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
14    151.101.66.133 (United States)

ASN54113 (FASTLY, US)
static.advance.net
10    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
3    103.229.10.180 (Singapore)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
2    18.138.18.111 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-138-18-111.ap-southeast-1.compute.amazonaws.com
cm.ambientdsp.com
6    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    35.186.154.107 (Singapore)

ASN15169 (GOOGLE, US)
PTR: 107.154.186.35.bc.googleusercontent.com
cm-supply-web.gammaplatform.com
2    107.178.254.65 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
1    34.98.67.3 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 3.67.98.34.bc.googleusercontent.com
tags.rd.linksynergy.com
3    50.116.239.135 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
1    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
1    13.33.88.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-64.sin2.r.cloudfront.net
cdn.stickyadstv.com
1    18.139.77.230 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-139-77-230.ap-southeast-1.compute.amazonaws.com
optimized-by.rubiconproject.com
1    35.214.148.104 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 104.148.214.35.bc.googleusercontent.com
csync.loopme.me
3    23.36.48.24 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-36-48-24.deploy.static.akamaitechnologies.com
hbx.media.net
c21lg-d.media.net
1    198.8.71.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
4    74.118.186.107 (Singapore)

ASN6336 (TURN-US-ASN, US)
sync.1rx.io
sync.targeting.unrulymedia.com
2    96.17.188.24 (Hong Kong, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a96-17-188-24.deploy.static.akamaitechnologies.com
cs.media.net
2    52.76.217.203 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-76-217-203.ap-southeast-1.compute.amazonaws.com
pm.w55c.net
2    64.74.236.191 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
1    34.199.73.116 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-73-116.compute-1.amazonaws.com
dmp.adblade.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
3    151.101.194.133 (United States)

ASN54113 (FASTLY, US)
fonts.advance.net
2    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
1    220.150.223.50 (Japan)

ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP)
PTR: 50.223.150.220.in-addr.arpa
sync-dsp.ad-m.asia
1    139.162.23.100 (Singapore)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li865-100.members.linode.com
gocm.c.appier.net
1    74.118.186.106 (None, )

ASN- ()
tag.targeting.unrulymedia.com
Apex Domain
Subdomains		 Transfer
78 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1097
pm-widget.taboola.com — Cisco Umbrella Rank: 3561
trc.taboola.com — Cisco Umbrella Rank: 722
display.bidder.taboola.com Failed
vidstat.taboola.com — Cisco Umbrella Rank: 3007
ch-trc-events.taboola.com — Cisco Umbrella Rank: 4021
images.taboola.com — Cisco Umbrella Rank: 1924
sync.taboola.com — Cisco Umbrella Rank: 1173
sync-t1.taboola.com — Cisco Umbrella Rank: 1527
match.taboola.com — Cisco Umbrella Rank: 6264
pips.taboola.com — Cisco Umbrella Rank: 1803
cds.taboola.com — Cisco Umbrella Rank: 2110
imprchmp.taboola.com — Cisco Umbrella Rank: 5170
ch-match.taboola.com — Cisco Umbrella Rank: 5351
wf.taboola.com — Cisco Umbrella Rank: 3066
ch-vid-events.taboola.com — Cisco Umbrella Rank: 4848
vidanalytics.taboola.com — Cisco Umbrella Rank: 13162
vidstatb.taboola.com — Cisco Umbrella Rank: 5604
ch-wf.taboola.com — Cisco Umbrella Rank: 5606
653 KB
45 oregonlive.com
www.oregonlive.com — Cisco Umbrella Rank: 74996
a051.oregonlive.com — Cisco Umbrella Rank: 129494
ead.oregonlive.com — Cisco Umbrella Rank: 150864
1 MB
42 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 989
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 672
simage2.pubmatic.com — Cisco Umbrella Rank: 982
ads.pubmatic.com — Cisco Umbrella Rank: 651
image2.pubmatic.com — Cisco Umbrella Rank: 1137
simage4.pubmatic.com — Cisco Umbrella Rank: 1434
image4.pubmatic.com — Cisco Umbrella Rank: 1409
42 KB
31 google.com
accounts.google.com — Cisco Umbrella Rank: 52
news.google.com — Cisco Umbrella Rank: 6045
ampcid.google.com — Cisco Umbrella Rank: 2676
www.google.com — Cisco Umbrella Rank: 3
play.google.com — Cisco Umbrella Rank: 58
157 KB
29 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 228
cm.g.doubleclick.net — Cisco Umbrella Rank: 261
googleads.g.doubleclick.net — Cisco Umbrella Rank: 55
stats.g.doubleclick.net — Cisco Umbrella Rank: 122
211 KB
26 googlesyndication.com
234794022749f960a58f52c6b5002407.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 163
pagead2.googlesyndication.com — Cisco Umbrella Rank: 125
693 KB
25 rubiconproject.com
micro.rubiconproject.com — Cisco Umbrella Rank: 3492
ads.rubiconproject.com — Cisco Umbrella Rank: 2396
fastlane.rubiconproject.com Failed
pixel.rubiconproject.com — Cisco Umbrella Rank: 388
prebid-a.rubiconproject.com — Cisco Umbrella Rank: 3175
eus.rubiconproject.com — Cisco Umbrella Rank: 737
token.rubiconproject.com — Cisco Umbrella Rank: 748
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1308
video-ads.rubiconproject.com — Cisco Umbrella Rank: 5075
optimized-by.rubiconproject.com — Cisco Umbrella Rank: 4098
206 KB
22 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1013
id5-sync.com — Cisco Umbrella Rank: 440
56 KB
19 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 361
aax.amazon-adsystem.com — Cisco Umbrella Rank: 435
s.amazon-adsystem.com — Cisco Umbrella Rank: 349
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1142
75 KB
17 advance.net
static.advance.net — Cisco Umbrella Rank: 39428
fonts.advance.net — Cisco Umbrella Rank: 50209
377 KB
17 moatads.com
z.moatads.com — Cisco Umbrella Rank: 767
px.moatads.com — Cisco Umbrella Rank: 668
98 KB
16 media.net
prebid.media.net — Cisco Umbrella Rank: 1481
contextual.media.net — Cisco Umbrella Rank: 764
hbx.media.net — Cisco Umbrella Rank: 1405
cs.media.net — Cisco Umbrella Rank: 1735
c21lg-d.media.net — Cisco Umbrella Rank: 2745
37 KB
15 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 396
8 KB
13 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1073
privacy.crwdcntrl.net — Cisco Umbrella Rank: 31051
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1036
sync.crwdcntrl.net — Cisco Umbrella Rank: 1028
52 KB
12 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 406
278 KB
11 adform.net
c1.adform.net — Cisco Umbrella Rank: 720
7 KB
11 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 545
ups.analytics.yahoo.com — Cisco Umbrella Rank: 356
5 KB
11 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 741
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 564
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 760
dsum.casalemedia.com — Cisco Umbrella Rank: 1784
9 KB
10 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 277
94 KB
10 openx.net
u.openx.net — Cisco Umbrella Rank: 935
oajs.openx.net — Cisco Umbrella Rank: 1546
google-bidout-d.openx.net — Cisco Umbrella Rank: 1553
us-u.openx.net — Cisco Umbrella Rank: 605
jp-u.openx.net — Cisco Umbrella Rank: 11334
2 KB
10 matheranalytics.com
js.matheranalytics.com — Cisco Umbrella Rank: 12161
www.i.matheranalytics.com — Cisco Umbrella Rank: 11921
app.matheranalytics.com — Cisco Umbrella Rank: 18623
44 KB
9 facebook.com
www.facebook.com — Cisco Umbrella Rank: 109
476 B
8 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 372
5 KB
8 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1400
uipapac.semasio.net — Cisco Umbrella Rank: 114369
4 KB
8 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 462
check.analytics.rlcdn.com — Cisco Umbrella Rank: 4556
api.rlcdn.com — Cisco Umbrella Rank: 1165
id.rlcdn.com — Cisco Umbrella Rank: 1004
2 KB
8 tinypass.com
experience.tinypass.com — Cisco Umbrella Rank: 8714
cdn.tinypass.com — Cisco Umbrella Rank: 6313
buy.tinypass.com — Cisco Umbrella Rank: 7195
api-v3.tinypass.com — Cisco Umbrella Rank: 20199
152 KB
7 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 275
5 KB
7 gstatic.com
www.gstatic.com
158 KB
7 skimresources.com
s.skimresources.com — Cisco Umbrella Rank: 4144
t.skimresources.com — Cisco Umbrella Rank: 4114
p.skimresources.com — Cisco Umbrella Rank: 5512
r.skimresources.com — Cisco Umbrella Rank: 3950
15 KB
6 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 964
2 KB
6 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 677
cdn.stickyadstv.com — Cisco Umbrella Rank: 5347
108 KB
6 dotomi.com
inmobi-match.dotomi.com — Cisco Umbrella Rank: 12414
medianet-match.dotomi.com — Cisco Umbrella Rank: 13120
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 4377
2 KB
6 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 442
dis.criteo.com — Cisco Umbrella Rank: 745
2 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 62
21 KB
6 sophi.io
cdn.sophi.io — Cisco Umbrella Rank: 24094
apps.sophi.io — Cisco Umbrella Rank: 37616
ecollector-us-east.sophi.io — Cisco Umbrella Rank: 32520
38 KB
5 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 615
1 KB
5 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 421
www.linkedin.com — Cisco Umbrella Rank: 686
5 KB
5 keywee.co
cdn.keywee.co — Cisco Umbrella Rank: 18517
pixel.keywee.co — Cisco Umbrella Rank: 15667
35 KB
4 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1324
exchange.postrelease.com Failed
3 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 183
332 KB
3 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 702
2 KB
3 turn.com
ad.turn.com — Cisco Umbrella Rank: 1080
1 KB
3 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1015
2 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 225
170 KB
3 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 976
2 KB
3 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 1249
2 KB
3 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1027
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 817
637 B
3 liadm.com
rp.liadm.com — Cisco Umbrella Rank: 1839
idx.liadm.com — Cisco Umbrella Rank: 2787
2 KB
3 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 1611
creativecdn.com — Cisco Umbrella Rank: 674
2 KB
3 associates-amazon.com
z-na.associates-amazon.com — Cisco Umbrella Rank: 11887
assoc-na.associates-amazon.com — Cisco Umbrella Rank: 4273
4 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 176
3 KB
2 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 6848
673 B
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 667
2 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1136
2 KB
2 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1497
tag.targeting.unrulymedia.com
919 B
2 pippio.com
pippio.com — Cisco Umbrella Rank: 1005
881 B
2 gammaplatform.com
cm-supply-web.gammaplatform.com — Cisco Umbrella Rank: 3672
996 B
2 ambientdsp.com
cm.ambientdsp.com — Cisco Umbrella Rank: 20898
1 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 849
cdn.indexww.com — Cisco Umbrella Rank: 1942
2 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 157
2 ladsp.com
cr-p3.ladsp.com — Cisco Umbrella Rank: 20129
1 KB
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1189
810 B
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 948
881 B
2 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1719
1021 B
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 437
742 B
2 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 1279
1 KB
2 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 1118
1 KB
2 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1218
2 KB
2 sail-personalize.com
api.sail-personalize.com — Cisco Umbrella Rank: 3705
494 B
2 reddit.com
alb.reddit.com — Cisco Umbrella Rank: 1702
712 B
2 parsely.com
cdn.parsely.com — Cisco Umbrella Rank: 3350
p1.parsely.com — Cisco Umbrella Rank: 2516
21 KB
2 thrtle.com
thrtle.com — Cisco Umbrella Rank: 1501
669 B
2 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 776
stags.bluekai.com — Cisco Umbrella Rank: 716
1 KB
2 blueconic.net
advancelocal.blueconic.net — Cisco Umbrella Rank: 32735
2 KB
2 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1341
lexicon.33across.com Failed
16 KB
2 privacymanager.io
ats-wrapper.privacymanager.io — Cisco Umbrella Rank: 3024
geo.privacymanager.io — Cisco Umbrella Rank: 2287
54 KB
2 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1640
at.teads.tv — Cisco Umbrella Rank: 4903
4 KB
2 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 785
588 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 76
210 KB
2 go-mpulse.net
s.go-mpulse.net — Cisco Umbrella Rank: 1498
c.go-mpulse.net — Cisco Umbrella Rank: 679
50 KB
2 satisfycork.com
satisfycork.com — Cisco Umbrella Rank: 34154
24 KB
1 appier.net
gocm.c.appier.net — Cisco Umbrella Rank: 2822
437 B
1 ad-m.asia
sync-dsp.ad-m.asia — Cisco Umbrella Rank: 3491
243 B
1 adblade.com
dmp.adblade.com — Cisco Umbrella Rank: 8983
229 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 1051
669 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1140
289 B
1 linksynergy.com
tags.rd.linksynergy.com — Cisco Umbrella Rank: 5379
391 B
1 piano.io
c2.piano.io — Cisco Umbrella Rank: 5826
4 KB
1 trx-hub.com
trx-hub.com — Cisco Umbrella Rank: 7541
464 B
1 nrich.ai
dsp.nrich.ai — Cisco Umbrella Rank: 3942
566 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1009
659 B
1 rtbhouse.com
esp.rtbhouse.com — Cisco Umbrella Rank: 3468
559 B
1 google.com.au
ampcid.google.com.au
370 B
1 admixer.net
inv-nets.admixer.net — Cisco Umbrella Rank: 3142
393 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 678
692 B
1 mediago.io
trace.mediago.io — Cisco Umbrella Rank: 1161
188 B
1 adscale.de
ih.adscale.de — Cisco Umbrella Rank: 3159
1 oribi.io
cdn.linkedin.oribi.io — Cisco Umbrella Rank: 1154
374 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 949
726 B
1 t.co
t.co — Cisco Umbrella Rank: 631
379 B
1 ml314.com
ml314.com — Cisco Umbrella Rank: 2146
404 B
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 1835
2 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1691
8 KB
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1460
17 KB
1 trackonomics.net
cdn-magiclinks.trackonomics.net — Cisco Umbrella Rank: 7387
28 KB
1 sail-horizon.com
ak.sail-horizon.com — Cisco Umbrella Rank: 3808
33 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 1072
5 KB
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 978
15 KB
1 redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1500
8 KB
1 ntv.io
s.ntv.io — Cisco Umbrella Rank: 3990
163 KB
1 cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
1 KB
1 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 751
481 B
0 bidr.io Failed
match.prod.bidr.io — Cisco Umbrella Rank: 727 Failed
538 113
Domain Requested by
25 www.oregonlive.com www.oregonlive.com
21 id5-sync.com 16 redirects www.oregonlive.com
cdn.id5-sync.com
micro.rubiconproject.com
19 a051.oregonlive.com www.oregonlive.com
a051.oregonlive.com
18 tpc.googlesyndication.com securepubads.g.doubleclick.net
www.oregonlive.com
234794022749f960a58f52c6b5002407.safeframe.googlesyndication.com
tpc.googlesyndication.com
17 simage2.pubmatic.com www.oregonlive.com
s.amazon-adsystem.com
ads.pubmatic.com
16 play.google.com www.gstatic.com
16 cm.g.doubleclick.net 11 redirects www.oregonlive.com
google-bidout-d.openx.net
eus.rubiconproject.com
15 match.adsrvr.org 15 redirects
14 static.advance.net buy.tinypass.com
www.oregonlive.com
14 sync.taboola.com 2 redirects www.oregonlive.com
imprchmp.taboola.com
ch-match.taboola.com
eus.rubiconproject.com
13 px.moatads.com www.oregonlive.com
12 cdn.cookielaw.org www.oregonlive.com
cdn.cookielaw.org
11 c1.adform.net 9 redirects ads.pubmatic.com
11 cdn.taboola.com www.oregonlive.com
cdn.taboola.com
10 cdnjs.cloudflare.com buy.tinypass.com
10 contextual.media.net micro.rubiconproject.com
contextual.media.net
10 s.amazon-adsystem.com 2 redirects c.amazon-adsystem.com
s.amazon-adsystem.com
ads.pubmatic.com
eus.rubiconproject.com
ssum-sec.casalemedia.com
www.oregonlive.com
10 securepubads.g.doubleclick.net 1 redirects www.oregonlive.com
securepubads.g.doubleclick.net
www.googletagservices.com
9 image2.pubmatic.com s.amazon-adsystem.com
ads.pubmatic.com
9 www.facebook.com www.oregonlive.com
9 ch-trc-events.taboola.com www.oregonlive.com
cdn.taboola.com
9 vidstat.taboola.com cdn.taboola.com
vidstat.taboola.com
www.oregonlive.com
8 x.bidswitch.net 8 redirects
7 www.i.matheranalytics.com www.oregonlive.com
7 ib.adnxs.com 7 redirects
7 www.gstatic.com news.google.com
www.gstatic.com
7 trc.taboola.com cdn.taboola.com
www.oregonlive.com
imprchmp.taboola.com
ch-match.taboola.com
7 news.google.com www.googletagmanager.com
news.google.com
www.oregonlive.com
www.gstatic.com
6 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
6 sync-tm.everesttech.net 4 redirects ads.pubmatic.com
6 pagead2.googlesyndication.com www.googletagservices.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
6 eus.rubiconproject.com ch-match.taboola.com
eus.rubiconproject.com
micro.rubiconproject.com
6 pr-bh.ybp.yahoo.com 5 redirects s.amazon-adsystem.com
6 pixel.rubiconproject.com 3 redirects eus.rubiconproject.com
6 images.taboola.com www.oregonlive.com
6 image6.pubmatic.com 2 redirects ads.pubmatic.com
6 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.oregonlive.com
5 buy.tinypass.com cdn.tinypass.com
buy.tinypass.com
5 ads.stickyadstv.com 2 redirects vidstat.taboola.com
cdn.stickyadstv.com
5 token.rubiconproject.com 5 redirects
5 ups.analytics.yahoo.com 5 redirects
5 pixel.tapad.com 4 redirects s.amazon-adsystem.com
5 uipapac.semasio.net 4 redirects s.amazon-adsystem.com
5 idsync.rlcdn.com 2 redirects bcp.crwdcntrl.net
www.oregonlive.com
5 aax.amazon-adsystem.com c.amazon-adsystem.com
5 tags.crwdcntrl.net www.oregonlive.com
tags.crwdcntrl.net
securepubads.g.doubleclick.net
4 ch-wf.taboola.com vidstat.taboola.com
4 simage4.pubmatic.com ads.pubmatic.com
4 www.google.com 1 redirects securepubads.g.doubleclick.net
234794022749f960a58f52c6b5002407.safeframe.googlesyndication.com
tpc.googlesyndication.com
4 dis.criteo.com 4 redirects
4 px.ads.linkedin.com 2 redirects www.oregonlive.com
eus.rubiconproject.com
4 jadserve.postrelease.com 1 redirects s.ntv.io
www.oregonlive.com
4 bcp.crwdcntrl.net tags.crwdcntrl.net
4 cdn.keywee.co 1 redirects www.oregonlive.com
cdn.keywee.co
4 connect.facebook.net www.oregonlive.com
connect.facebook.net
4 z.moatads.com www.oregonlive.com
z.moatads.com
securepubads.g.doubleclick.net
4 ecollector-us-east.sophi.io cdn.sophi.io
3 fonts.advance.net static.advance.net
3 sync.1rx.io 3 redirects
3 ad.turn.com 3 redirects
3 cms.quantserve.com 3 redirects
3 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
3 us-u.openx.net 1 redirects google-bidout-d.openx.net
3 ads.pubmatic.com s.amazon-adsystem.com
micro.rubiconproject.com
3 ch-vid-events.taboola.com www.oregonlive.com
vidstat.taboola.com
3 www.googletagservices.com securepubads.g.doubleclick.net
234794022749f960a58f52c6b5002407.safeframe.googlesyndication.com
3 sync.srv.stackadapt.com 3 redirects
3 rtb.mfadsrvr.com 3 redirects
3 uipglob.semasio.net 3 redirects
3 sync-t1.taboola.com www.oregonlive.com
3 sync.crwdcntrl.net bcp.crwdcntrl.net
s.amazon-adsystem.com
3 t.skimresources.com www.oregonlive.com
s.skimresources.com
3 sb.scorecardresearch.com 1 redirects www.oregonlive.com
3 accounts.google.com www.oregonlive.com
accounts.google.com
3 c.amazon-adsystem.com www.oregonlive.com
c.amazon-adsystem.com
2 pubmatic-match.dotomi.com 2 redirects
2 ipac.ctnsnet.com 1 redirects ads.pubmatic.com
2 c21lg-d.media.net contextual.media.net
2 creativecdn.com 2 redirects
2 b1sync.zemanta.com 2 redirects
2 pm.w55c.net 2 redirects
2 cs.media.net contextual.media.net
2 medianet-match.dotomi.com 2 redirects
2 image4.pubmatic.com www.oregonlive.com
2 pippio.com 2 redirects
2 cm-supply-web.gammaplatform.com 2 redirects
2 cm.ambientdsp.com 2 redirects
2 video-ads.rubiconproject.com vidstat.taboola.com
2 www.googleadservices.com www.oregonlive.com
2 vidanalytics.taboola.com cdn.taboola.com
2 inmobi-match.dotomi.com 2 redirects
2 cr-p3.ladsp.com 2 redirects
2 jp-u.openx.net google-bidout-d.openx.net
2 prebid-a.rubiconproject.com micro.rubiconproject.com
2 ch-match.taboola.com vidstat.taboola.com
2 googleads.g.doubleclick.net 234794022749f960a58f52c6b5002407.safeframe.googlesyndication.com
2 assoc-na.associates-amazon.com z-na.associates-amazon.com
2 lb.eu-1-id5-sync.com cdn.id5-sync.com
micro.rubiconproject.com
2 oajs.openx.net 1 redirects www.oregonlive.com
2 pixel-sync.sitescout.com 2 redirects
2 t.adx.opera.com 1 redirects www.oregonlive.com
2 eb2.3lift.com 1 redirects www.oregonlive.com
2 u.openx.net 1 redirects www.oregonlive.com
2 sync.mathtag.com 2 redirects
2 ce.lijit.com 1 redirects www.oregonlive.com
2 ssbsync.smartadserver.com 1 redirects www.oregonlive.com
2 tg.socdm.com 2 redirects
2 api.sail-personalize.com ak.sail-horizon.com
2 alb.reddit.com www.oregonlive.com
2 rp.liadm.com 1 redirects www.oregonlive.com
2 thrtle.com 1 redirects bcp.crwdcntrl.net
2 234794022749f960a58f52c6b5002407.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 p.skimresources.com www.oregonlive.com
2 advancelocal.blueconic.net a051.oregonlive.com
2 cdn-ima.33across.com www.oregonlive.com
securepubads.g.doubleclick.net
2 gum.criteo.com cdn.taboola.com
contextual.media.net
2 pm-widget.taboola.com cdn.taboola.com
pm-widget.taboola.com
2 js.matheranalytics.com 1 redirects www.oregonlive.com
2 geolocation.onetrust.com cdn.cookielaw.org
2 www.googletagmanager.com www.oregonlive.com
www.googletagmanager.com
2 satisfycork.com www.oregonlive.com
satisfycork.com
1 tag.targeting.unrulymedia.com vidstat.taboola.com
1 gocm.c.appier.net 1 redirects
1 sync-dsp.ad-m.asia ads.pubmatic.com
1 api-v3.tinypass.com cdn.tinypass.com
1 id.rlcdn.com contextual.media.net
1 dmp.adblade.com contextual.media.net
1 stags.bluekai.com 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 p.rfihub.com 1 redirects
1 hbx.media.net contextual.media.net
1 cdn.indexww.com ssum-sec.casalemedia.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 csync.loopme.me 1 redirects
1 optimized-by.rubiconproject.com video-ads.rubiconproject.com
1 cdn.stickyadstv.com vidstat.taboola.com
cdn.stickyadstv.com
1 tags.rd.linksynergy.com 1 redirects
1 js-sec.indexww.com micro.rubiconproject.com
1 api.rlcdn.com micro.rubiconproject.com
1 idx.liadm.com micro.rubiconproject.com
1 vidstatb.taboola.com www.oregonlive.com
1 c2.piano.io cdn.tinypass.com
1 app.matheranalytics.com js.matheranalytics.com
1 trx-hub.com www.oregonlive.com
1 aax-eu.amazon-adsystem.com eus.rubiconproject.com
1 pixel-us-east.rubiconproject.com 1 redirects
1 dsp.nrich.ai 1 redirects
1 um.simpli.fi 1 redirects
1 check.analytics.rlcdn.com micro.rubiconproject.com
1 wf.taboola.com vidstat.taboola.com
1 imprchmp.taboola.com vidstat.taboola.com
1 google-bidout-d.openx.net oa.openxcdn.net
1 stats.g.doubleclick.net www.google-analytics.com
1 p1.parsely.com www.oregonlive.com
1 cds.taboola.com cdn.taboola.com
1 esp.rtbhouse.com invstatic101.creativecdn.com
1 ead.oregonlive.com www.oregonlive.com
1 pips.taboola.com cdn.taboola.com
1 pixel.keywee.co www.oregonlive.com
1 ampcid.google.com.au www.google-analytics.com
1 match.taboola.com www.oregonlive.com
1 inv-nets.admixer.net 1 redirects
1 rtb-csync.smartadserver.com www.oregonlive.com
1 bh.contextweb.com www.oregonlive.com
1 trace.mediago.io 1 redirects
1 ih.adscale.de www.oregonlive.com
1 www.linkedin.com 1 redirects
1 cdn.linkedin.oribi.io snap.licdn.com
1 analytics.twitter.com www.oregonlive.com
1 t.co www.oregonlive.com
1 ampcid.google.com www.google-analytics.com
1 hbopenbid.pubmatic.com micro.rubiconproject.com
1 htlb.casalemedia.com micro.rubiconproject.com
1 prebid.media.net micro.rubiconproject.com
1 cdn.parsely.com d1z2jf7jlzjs58.cloudfront.net
1 tags.bluekai.com bcp.crwdcntrl.net
1 ml314.com bcp.crwdcntrl.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn.tinypass.com experience.tinypass.com
1 r.skimresources.com s.skimresources.com
1 at.teads.tv a.teads.tv
1 geo.privacymanager.io ats-wrapper.privacymanager.io
1 ads.rubiconproject.com micro.rubiconproject.com
1 cdn.id5-sync.com www.oregonlive.com
1 secure.cdn.fastclick.net www.oregonlive.com
1 c.go-mpulse.net s.go-mpulse.net
1 privacy.crwdcntrl.net tags.crwdcntrl.net
1 z-na.associates-amazon.com www.googletagmanager.com
1 cdn-magiclinks.trackonomics.net www.oregonlive.com
1 ak.sail-horizon.com www.googletagmanager.com
1 snap.licdn.com www.googletagmanager.com
1 static.ads-twitter.com www.googletagmanager.com
1 www.redditstatic.com www.oregonlive.com
1 s.ntv.io www.oregonlive.com
1 d1z2jf7jlzjs58.cloudfront.net www.oregonlive.com
1 experience.tinypass.com www.oregonlive.com
1 ats-wrapper.privacymanager.io www.oregonlive.com
1 s.skimresources.com www.googletagmanager.com
1 a.teads.tv www.googletagmanager.com
1 static.adsafeprotected.com www.oregonlive.com
1 micro.rubiconproject.com www.oregonlive.com
1 s.go-mpulse.net www.oregonlive.com
1 apps.sophi.io www.oregonlive.com
1 cdn.sophi.io www.oregonlive.com
0 match.prod.bidr.io Failed www.oregonlive.com
0 lexicon.33across.com Failed cdn-ima.33across.com
micro.rubiconproject.com
0 exchange.postrelease.com Failed micro.rubiconproject.com
0 display.bidder.taboola.com Failed micro.rubiconproject.com
0 fastlane.rubiconproject.com Failed micro.rubiconproject.com
538 211
Subject Issuer Validity Valid
advancelocal.web.arc-cdn.net
R3		 2023-07-20 -
2023-10-18		 3 months crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2023-04-01 -
2024-03-31		 a year crt.sh
satisfycork.com
R3		 2023-06-25 -
2023-09-23		 3 months crt.sh
cdn.sophi.io
Amazon RSA 2048 M02		 2023-02-28 -
2023-11-15		 9 months crt.sh
apps.sophi.io
Amazon RSA 2048 M01		 2023-03-18 -
2024-04-15		 a year crt.sh
akstat.io
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-05 -
2024-04-04		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2022-12-13 -
2023-12-13		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2022-11-07 -
2023-12-06		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
accounts.google.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
*.sophi.io
Amazon RSA 2048 M01		 2023-04-11 -
2024-05-10		 a year crt.sh
teads.tv
R3		 2023-06-26 -
2023-09-24		 3 months crt.sh
w723.lonestarlive.com
Amazon RSA 2048 M01		 2023-07-07 -
2024-08-04		 a year crt.sh
*.skimresources.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-25 -
2023-11-08		 a year crt.sh
*.privacymanager.io
Amazon RSA 2048 M01		 2023-07-27 -
2024-08-24		 a year crt.sh
moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-16 -
2023-11-18		 a year crt.sh
*.news.google.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-08-13 -
2024-08-12		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
*.ntv.io
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-24 -
2023-10-26		 a year crt.sh
*.scorecardresearch.com
Sectigo RSA Domain Validation Secure Server CA		 2022-12-15 -
2023-12-28		 a year crt.sh
www.redditstatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-12 -
2023-10-08		 6 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-05-27 -
2023-08-25		 3 months crt.sh
ads-twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-21 -
2024-07-19		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-02-01 -
2024-01-31		 a year crt.sh
ak.sail-horizon.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-01-16		 a year crt.sh
*.trackonomics.net
Sectigo RSA Domain Validation Secure Server CA		 2022-12-01 -
2023-12-01		 a year crt.sh
assoc-na.associates-amazon.com
Amazon RSA 2048 M01		 2023-03-08 -
2024-03-07		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-19 -
2023-10-18		 3 months crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-02 -
2023-12-02		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-06 -
2023-09-30		 a year crt.sh
*.blueconic.net
Amazon RSA 2048 M01		 2023-06-08 -
2024-07-06		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-07-27 -
2023-10-25		 3 months crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-06-27 -
2023-09-25		 3 months crt.sh
cdn.prod.uidapi.com
R3		 2023-08-10 -
2023-11-08		 3 months crt.sh
ml314.com
GTS CA 1D4		 2023-08-05 -
2023-11-03		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-07 -
2024-02-08		 a year crt.sh
*.parsely.com
Amazon RSA 2048 M02		 2023-05-06 -
2024-06-03		 a year crt.sh
prebid.media.net
GTS CA 1D4		 2023-07-05 -
2023-10-03		 3 months crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
t.co
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-20 -
2024-08-19		 a year crt.sh
*.twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-06-23 -
2024-07-23		 a year crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-19 -
2023-10-15		 6 months crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
*.anyword.com
Amazon RSA 2048 M01		 2023-06-05 -
2024-07-03		 a year crt.sh
api.sail-personalize.com
Amazon RSA 2048 M01		 2023-04-25 -
2024-05-23		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
linkedin.oribi.io
Amazon RSA 2048 M01		 2023-06-08 -
2024-07-07		 a year crt.sh
*.adscale.de
Amazon RSA 2048 M01		 2023-03-10 -
2024-04-07		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.contextweb.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-10 -
2024-05-09		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.adx.opera.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-22 -
2024-06-20		 a year crt.sh
*.postrelease.com
Amazon RSA 2048 M02		 2023-05-02 -
2024-05-30		 a year crt.sh
*.google.com.au
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
www.i.matheranalytics.com
Amazon RSA 2048 M01		 2023-03-02 -
2024-01-13		 10 months crt.sh
*.eu-1-id5-sync.com
R3		 2023-07-04 -
2023-10-02		 3 months crt.sh
pixel.keywee.co
Amazon ECDSA 256 M01		 2023-02-01 -
2024-03-01		 a year crt.sh
li.lisecurelink.com
R3		 2023-06-07 -
2023-09-05		 3 months crt.sh
esp.rtbhouse.com
GTS CA 1D4		 2023-07-14 -
2023-10-12		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
*.id5-sync.com
R3		 2023-07-04 -
2023-10-02		 3 months crt.sh
analytics.rlcdn.com
Amazon RSA 2048 M02		 2023-06-27 -
2024-07-24		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-04-04 -
2023-09-27		 6 months crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
*.trx-hub.com
Amazon RSA 2048 M02		 2023-01-21 -
2024-02-19		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
app.matheranalytics.com
GTS CA 1D4		 2023-08-10 -
2023-11-08		 3 months crt.sh
piano.io
Cloudflare Inc ECC CA-3		 2023-03-27 -
2024-03-26		 a year crt.sh
*.ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-16 -
2024-04-16		 a year crt.sh
*.liadm.com
Amazon RSA 2048 M01		 2023-02-21 -
2023-10-29		 8 months crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
advancelocal.com
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-10 -
2024-09-10		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
*.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-09 -
2024-02-09		 a year crt.sh
dmp.adblade.com
R3		 2023-06-29 -
2023-09-27		 3 months crt.sh
*.ctnsnet.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-04 -
2023-11-06		 10 months crt.sh
sync-dsp.ad-m.asia
R3		 2023-08-16 -
2023-11-14		 3 months crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA		 2023-05-10 -
2024-05-10		 a year crt.sh

This page contains 60 frames:

Primary Page: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Frame ID: A4E5F47BCFF7837FA73B3048388D88D9
Requests: 281 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=965
Frame ID: B95203670ECADAE57B9E6B8F2DF0D0B3
Requests: 1 HTTP requests in this frame

Frame: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.4417484203577249
Frame ID: BAA33CD2675E5B5B6E01DE496260C227
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/pixels?s=136%2C86%2C61%2C14%2C12%2C125&c=965&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Frame ID: E0B67DE751284CFD85C3AF24805409C9
Requests: 7 HTTP requests in this frame

Frame: https://234794022749f960a58f52c6b5002407.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: AB8C23E8F670EF717206E97EC89CBFCF
Requests: 1 HTTP requests in this frame

Frame: https://z.moatads.com/hd09824092/iframe.html
Frame ID: 1D20E7B5E92701799ACB8F0789D462C9
Requests: 1 HTTP requests in this frame

Frame: https://news.google.com/swg/ui/v1/serviceiframe?_=1692335036643&sut=AVu%2FYL0ZZ0LuldqTCx77NVZRadtHUbYP3%2FR4%2FmAzPypkk5N16VIC9C04zrlGB1eOtVhDBFM9NXrq6cX07wNsbMmR62YTK59Mjhaga2cbD0wNEuQG&publicationId=oregonlive.com
Frame ID: 22F7F610C4DCF575A6B1DD7DD99DEB37
Requests: 18 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5_an-db5&dcc=t
Frame ID: 30860B47426770F3EEFE43457519BE5A
Requests: 1 HTTP requests in this frame

Frame: https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZN77vsCo8YkAAOVljagAAAAA
Frame ID: EFD48ED4D983C5E3140B7E57023A7E30
Requests: 23 HTTP requests in this frame

Frame: https://234794022749f960a58f52c6b5002407.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B324D11BAF6F1529189C0DA4DE7837F7
Requests: 9 HTTP requests in this frame

Frame: https://z.moatads.com/advancedigitaldfp80721595993/moatad.js
Frame ID: 1D663046E359103201160784450A6C16
Requests: 8 HTTP requests in this frame

Frame: https://z.moatads.com/advancedigitaldfp80721595993/moatad.js
Frame ID: 5A289C5B7777408CADDFBE3922D038A6
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18337494240101138432/index.html
Frame ID: A84170E22368888BA3D023F633A411C9
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 51837461D6A0DC7421E070517CCABF68
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 638865B9E5121E10BDF48002FAA2C6A4
Requests: 6 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=an-db5_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: B8EF6B3BBD6F67A6E73EC3099A0F57D2
Requests: 1 HTTP requests in this frame

Frame: https://imprchmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8kLgCLAbU6DeRE8HlnBKo0W8iJ4LLOS0AAABgYOD4AImsPDbfcmNzC1aziVs0mq3WCt_ItxYZJw7DcLeczSwLIyCRlcfmW25sbsFqNnGLRrPVWuEb-dYi48RhGO6Ws5llYQUk0vQZTQdJw2k2CJ0Xy9NkEBVdb4vd4TR7DmqBrGly-d2gDE2nw-e61-t-v7ve8vL57Wan7WXX-N1-ucv3-UsGk8FesNhr_G7D6_SyfN6a09Nsdov8vrtbaXfrLS-f3-7W-F130_MtdJreEudb47y4LA_T6eHx2oWmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rABjfIODMcli4l-d0UPvtlr_LHwAAAABAAAAAAJAAEEhvKgHwoTp24v________8_xgB95o2M_____xsLPQAefAA8CAEAALgYsjb57chY1jlO5ACjCCMAAAAAQstwoUcm6QQViyr____9VgCuAAAEKB4cXNVk0R2UeAsDAABAMGaBHha_3-ywa_xul_n_________N_N_5h-NUIsHbhphTBR7Nb-AAABrfgEBANhoG3IDAPBGAE7QIWjFYLA6BDQbzWYHAAAA4M7___-_HpDyDQfLyWLj2U2WM4vLZXOYNsPBcjgz-WaOlXO5PUhRhWKjtePbfUik6TOaDpKG02wQOi-Wp8kgKrreFrvDafYc1AJZ0-Ty28-ELUaryWSzHM6Wi8lgOBqORvszEIvZAE3EYLmcTBaT3Wq0Gm2Gu9FssEACMZggihYNJqvRaLKYDFejyWq2XOx2G0TRqtVstBkMV7PJbLdbDQfD5WiEJmwxWk0mm-VwtlxMBsPRcDQaIhjYbEyD4WCyltgss7Vo5HG4JQ6Lxy2bzHYzh3M4MW5ca9HrY7qYjMPFZuNFggFae5E8LdKJbjgbeXwbx8Iw8-wGg9FqN1l4diOHxzHYTUy2kUUs0Zws0onssm_5hoPlZLHx7CbLmcXlsjlMm-FgOZyZfDPHyrncFzYb02A4mKwlNstsLRp5HG6Jw-Jxyyaz3czhHE6MG9da9PqYLibjcLHZ-Buz5WSzWQ02s31jtpxsNqvBZrbv0Bm-q8_ZqNwMax2TbbpbnD43p0HhMli806JF2jocfUad1zYRpsbenHdidTkvXoPCc_Coxp9ryGtOiczVg9Z7MCpiieAinShMtofd43LrLS-f324RS5Smi3Sil7t8n79kMBnsBYu9xu82vE4vy-etOT3NZrfI77u7lXa33vLy-e1ujd91Nz3fQqfpLXG-Nc6Ly_IwnR4er11oepstYongdJFORC_j6aL-IwebzSWDzVyxmMwVs8UqAQAAAAAAAABYgkmmmwAAAAA4GcRysFvu1ulABrvVZLNaLoAH31ZdP-e80L8rliu7usVuIwV68hqKNfaYQ5hsD7vH5dZbXj6_3coAHiYhmG32GUGs1WpZAwAAEMAGAAAQwE033gScWXH_____4wAAAATIoQcAAHC8D8gqbL3QA1eKX0FMBpPV_gGoEGu1Wt1urNVqBSyoxW41m0AAAIEV!&cmcv=&pix=undefined&cb=1692335038326&uv=3321&tms=1692335038326&abt=166721b_vA!206725b_vA!nonrv_vA!t45!testmsn_vB&ft=0&su=4&unm=INLINE_INSTREAM&aure=false&agl=1&cirid=2ecf79cf-056b-4465-a7d7-d8ba08796f2a&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 2E824CDF1CC67E17E5C02FF99822D63A
Requests: 4 HTTP requests in this frame

Frame: https://ch-match.taboola.com/sync?dast=V8kLgCLAbU6DeRE8HlnBKo0W8iJ4LLOS0AAABgYOD4AImsPDbfcmNzC1aziVs0mq3WCt_ItxYZJw7DcLeczSwLIyCRlcfmW25sbsFqNnGLRrPVWuEb-dYi48RhGO6Ws5llYQUk0vQZTQdJw2k2CJ0Xy9NkEBVdb4vd4TR7DmqBrGly-d2gDE2nw-e61-t-v7ve8vL57Wan7WXX-N1-ucv3-UsGk8FesNhr_G7D6_SyfN6a09Nsdov8vrtbaXfrLS-f3-7W-F130_MtdJreEudb47y4LA_T6eHx2oWmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rABjfIODMcli4l-d0UPvtlr_LHwAAAABAAAAAAJAAEEhvKgHwoTp24v________8_xgB95o2M_____xsLPQAefAA8CAEAALgYsjb57chY1jlO5ACjCCMAAAAAQstwoUcm6QQViyr____9VgCuAAAEKB4cXNVk0R2UeAsDAABAMGaBHha_3-ywa_xul_n_________N_N_5h-NUIsHbhphTBR7Nb-AAABrfgEBANhoG3IDAPBGAE7QIWjFYLA6BDQbzWYHAAAA4M7___-_HpDyDQfLyWLj2U2WM4vLZXOYNsPBcjgz-WaOlXO5PUhRhWKjtePbfUik6TOaDpKG02wQOi-Wp8kgKrreFrvDafYc1AJZ0-Ty28-ELUaryWSzHM6Wi8lgOBqORvszEIvZAE3EYLmcTBaT3Wq0Gm2Gu9FssEACMZggihYNJqvRaLKYDFejyWq2XOx2G0TRqtVstBkMV7PJbLdbDQfD5WiEJmwxWk0mm-VwtlxMBsPRcDQaIhjYbEyD4WCyltgss7Vo5HG4JQ6Lxy2bzHYzh3M4MW5ca9HrY7qYjMPFZuNFggFae5E8LdKJbjgbeXwbx8Iw8-wGg9FqN1l4diOHxzHYTUy2kUUs0Zws0onssm_5hoPlZLHx7CbLmcXlsjlMm-FgOZyZfDPHyrncFzYb02A4mKwlNstsLRp5HG6Jw-Jxyyaz3czhHE6MG9da9PqYLibjcLHZ-Buz5WSzWQ02s31jtpxsNqvBZrbv0Bm-q8_ZqNwMax2TbbpbnD43p0HhMli806JF2jocfUad1zYRpsbenHdidTkvXoPCc_Coxp9ryGtOiczVg9Z7MCpiieAinShMtofd43LrLS-f324RS5Smi3Sil7t8n79kMBnsBYu9xu82vE4vy-etOT3NZrfI77u7lXa33vLy-e1ujd91Nz3fQqfpLXG-Nc6Ly_IwnR4er11oepstYongdJFORC_j6aL-IwebzSWDzVyxmMwVs8UqAQAAAAAAAABYgkmmmwAAAAA4GcRysFvu1ulABrvVZLNaLoAH31ZdP-e80L8rliu7usVuIwV68hqKNfaYQ5hsD7vH5dZbXj6_3coAHiYhmG32GUGs1WpZAwAAEMAGAAAQwE033gScWXH_____4wAAAATIoQcAAHC8D8gqbL3QA1eKX0FMBpPV_gGoEGu1Wt1urNVqBSyoxW41m0AAAIEV!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 0022BA4EF24CC4CFCBB8E9C9C3AA141D
Requests: 3 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=7863576873242556398&ex=appnexus.com
Frame ID: 50C9852A3652B299DB6CE330804A48C9
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Frame ID: E1DAB32ABABBCDDCF367D64D4CB56FB9
Requests: 17 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: ADE2FD5A1E1728B59CD0C7DAD37CE8DF
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 34CF0B46E693836088185B80D2667CA0
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Frame ID: 3473B4CE2CD4FACA4AA8FA0CBFC06749
Requests: 11 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 567B0796EA0BB9CF32D625CB9BF66738
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID551EE106-756F-4E51-B29D-5D3D95B38A23
Frame ID: 39D052C01517B212F56BC9D21A57282C
Requests: 1 HTTP requests in this frame

Frame: https://ch-match.taboola.com/sync?dast=V8kLgCLAbU6DeRE8HlnBKo0W8iJ4LLOS0AAABgYOD4AImsPDbfcmNzC1aziVs0mq3WCt_ItxYZJw7DcLeczSwLIyCRlcfmW25sbsFqNnGLRrPVWuEb-dYi48RhGO6Ws5llYQUk0vQZTQdJw2k2CJ0Xy9NkEBVdb4vd4TR7DmqBrGly-d2gDE2nw-e61-t-v7ve8vL57Wan7WXX-N1-ucv3-UsGk8FesNhr_G7D6_SyfN6a09Nsdov8vrtbaXfrLS-f3-7W-F130_MtdJreEudb47y4LA_T6eHx2oWmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rABjfIODMcli4l-d0UPvtlr_LHwAAAABAAAAAAJAAEEhvKgHwoTp24v________8_xgB95o2M_____xsLPQAefAA8CAEAALgYsjb57chY1jlO5ACjCCMAAAAAQstwoUcm6QQViyr____9VgCuAAAEKB4cXNVk0R2UeAsDAABAMGaBHha_3-ywa_xul_n_________N_N_5h-NUIsHbhphTBR7Nb-AAABrfgEBANhoG3IDAPBGAE7QIWjFYLA6BDQbzWYHAAAA4M7___-_HpDyDQfLyWLj2U2WM4vLZXOYNsPBcjgz-WaOlXO5PUhRhWKjtePbfUik6TOaDpKG02wQOi-Wp8kgKrreFrvDafYc1AJZ0-Ty28-ELUaryWSzHM6Wi8lgOBqORvszEIvZAE3EYLmcTBaT3Wq0Gm2Gu9FssEACMZggihYNJqvRaLKYDFejyWq2XOx2G0TRqtVstBkMV7PJbLdbDQfD5WiEJmwxWk0mm-VwtlxMBsPRcDQaIhjYbEyD4WCyltgss7Vo5HG4JQ6Lxy2bzHYzh3M4MW5ca9HrY7qYjMPFZuNFggFae5E8LdKJbjgbeXwbx8Iw8-wGg9FqN1l4diOHxzHYTUy2kUUs0Zws0onssm_5hoPlZLHx7CbLmcXlsjlMm-FgOZyZfDPHyrncFzYb02A4mKwlNstsLRp5HG6Jw-Jxyyaz3czhHE6MG9da9PqYLibjcLHZ-Buz5WSzWQ02s31jtpxsNqvBZrbv0Bm-q8_ZqNwMax2TbbpbnD43p0HhMli806JF2jocfUad1zYRpsbenHdidTkvXoPCc_Coxp9ryGtOiczVg9Z7MCpiieAinShMtofd43LrLS-f324RS5Smi3Sil7t8n79kMBnsBYu9xu82vE4vy-etOT3NZrfI77u7lXa33vLy-e1ujd91Nz3fQqfpLXG-Nc6Ly_IwnR4er11oepstYongdJFORC_j6aL-IwebzSWDzVyxmMwVs8UqAQAAAAAAAABYgkmmmwAAAAA4GcRysFvu1ulABrvVZLNaLoAH31ZdP-e80L8rliu7usVuIwV68hqKNfaYQ5hsD7vH5dZbXj6_3coAHiYhmG32GUGs1WpZAwAAEMAGAAAQwE033gScWXH_____4wAAAATIoQcAAHC8D8gqbL3QA1eKX0FMBpPV_gGoEGu1Wt1urNVqBSyoxW41m0AAAIEV!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 45C75742CFC6A7D665938FC8F1A9087E
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Frame ID: 046EECD99FD51111CA1FFE14212DBC8E
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 40C28B2F6D629C111821CBF93F7C9E57
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=2034%2C2033%2C2030%2C273%2C157%2C2027%2C159%2C2026%2C117%2C359%2C239%2C97%2C99%2C56%2C59%2C3012%2C2043%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C3024%2C3022%2C171%2C3020%2C173%2C294%2C251%2C175%2C132%2C178%2C257%2C3017%2C214%2C3016%2C337%2C338%2C459%2C339%2C77%2C184%2C261%2C141%2C262%2C461%2C188%2C222%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: F4140B0DDB5E5FFDD6F5F242C14C1CFF
Requests: 17 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Frame ID: 80A2C32C59038BF7F859B8C311A62717
Requests: 12 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gpp=DBABLA~BVQqAAAACgA.QA&gpp_sid=7
Frame ID: 6FA4AA3DDCEE7EA8DE1D0CB05A641755
Requests: 2 HTTP requests in this frame

Frame: https://buy.tinypass.com/checkout/template/cacheableShow?aid=aUOJ4c05bh&templateId=OTRMUB4CTRX4&templateVariantId=OTV7NW69OI407&offerId=fakeOfferId&experienceId=EX0RHWLWUL3H&iframeId=offer_26ee15f2dc8a2a38fbf2-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.oregonlive.com
Frame ID: 4A7A5BC1675C92B51D36B03689701F45
Requests: 30 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 587B7C9EBDDFFAEA7ED3CF56C00818BB
Requests: 10 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=551EE106-756F-4E51-B29D-5D3D95B38A23&gdpr=0&gdpr_consent=
Frame ID: 30963BD2F79783C2F3A12825D9FA8F53
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=1T_KpYVpzfPOPpqm1T2DooE_zPXOMp2kgDIqp5Jr
Frame ID: 6D6326A94991B63D295C51428D087840
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=118o1bwn7gl9
Frame ID: 30ADE427C11C34EEF9150E00768CA893
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7863576873242556398&gdpr=0&gdpr_consent=
Frame ID: B7F20AE58C53DAB903F876BBE507D2A4
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 49147486CC96755ACD4B039873BF4F85
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZN77wwAAAPAQywBV
Frame ID: B5B56B342F0A72F65D5B3EB3E73131FB
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=T5JGdZOhWWx9qO_rLbwWkELLcKE&gdpr=0&gdpr_consent=
Frame ID: D23CD09C36DCC2081FC5E002456AF75D
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=afej6twsv6tr
Frame ID: 1041038220A001090E7A11FA2DAD8CA2
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=551EE106-756F-4E51-B29D-5D3D95B38A23&gdpr=0&gdpr_consent=
Frame ID: F6B9565410967D1A9104F3EBCFBE0C3D
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=MgzvSGJa6B4pDb9LMAymHDNb6hspXelOMQHlTC5E
Frame ID: 9CCB0D43B9924370D42FA65685E07DED
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=118o1bwworz4
Frame ID: 73DAD777AFD312593F88FD9B73A0570C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7863576873242556398&gdpr=0&gdpr_consent=
Frame ID: 4F397B90582295997F29913700B0A420
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 1D55BF020F0F37C4C353C327E8A7E35F
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZN77wwAJZreGIgAN
Frame ID: ED94EF8482C6B283C963599CE15E47A5
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID551EE106-756F-4E51-B29D-5D3D95B38A23
Frame ID: 1C0396F84FC56AE0DF6690300EC0487B
Requests: 1 HTTP requests in this frame

Frame: https://video-ads.rubiconproject.com/video/bridge-31050.js
Frame ID: 66AA35E4C4ABC385873C21FB03E98264
Requests: 2 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 136959CD1D02419F0D1406568F6B5253
Requests: 4 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=8&vsid=3353366432889778000V10&type=rkt&refUrl=&vid=23350435163353366432889778000V10&ovsid=1977432093378128057
Frame ID: 2BBA849398BF6EAE7E7474A45D32CE67
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=T5JGdZOhWWx9qO_rLbwWkELLcKE&gdpr=0&gdpr_consent=
Frame ID: B598C3A56D19BC81831457A08FEF4F81
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=afej6twsv6tr
Frame ID: 7F8EFDC35667AE558DFB7BD1495B28A9
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 4B13760641E6C16B86B9629B2C5748B7
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=7665fa5896fc4041a02edd47b9750c21
Frame ID: 11423DACCAE5FC640DFEA0F7C0723812
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?piggybackCookie=OPUc166af47755d431da875e2ed02f2fa1f&vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA%3D
Frame ID: 0FEF46FBDBA35775811FA98A3444CC71
Requests: 1 HTTP requests in this frame

Frame: https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Frame ID: C76C4E11FD20D64FA4E4B53C0F05EFD4
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=yozjjDr8BI6V_7FNxvveZA
Frame ID: 90622A9F0E37B3441B4C69C18880CC63
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E81B254DFDCA4B9872BA237261939CD8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D2770948572B24B759581A0584021BE6
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Computers still down in Oregon county hit by cyberattack - oregonlive.comLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronBack ButtonSearch IconFilter Icon

Detected technologies

Overall confidence: 100%
Detected patterns
  • accounts\.google\.com/gsi/client
Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"
Overall confidence: 100%
Detected patterns
  • /([\d.]+(?:-?rc[.\d]*)*)/angular(?:\.min)?\.js
  • \bangular.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

538
Requests

83 %
HTTPS

0 %
IPv6

113
Domains

211
Subdomains

141
IPs

13
Countries

6028 kB
Transfer

18150 kB
Size

235
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 55
  • https://cdn.keywee.co/dist/analytics.min.js HTTP 301
  • https://cdn.keywee.co/dist/analytics-1.5.12.min.js
Request Chain 61
  • https://js.matheranalytics.com/s/ma63527/484602609/all/ml.js?cb=1632 HTTP 301
  • https://js.matheranalytics.com/static/ltm/ma63527/all/15/ml.br.js
Request Chain 110
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&rd=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D240%26tp%3DPUBM%26tpid%3D%23PM_USER_ID%26gdpr%3D0 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&rd=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D240%26tp%3DPUBM%26tpid%3D%23PM_USER_ID%26gdpr%3D0&rdf=1 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=551EE106-756F-4E51-B29D-5D3D95B38A23&gdpr=0
Request Chain 111
  • https://jadserve.postrelease.com/dmp/5?vk=4d9a01da34958f70238a20be8a904041/gdpr=0&ntv_r=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D8157%2Ftp%3DNLDN%2Ftpid%3DNTV_USER_ID%2Fgdpr%3D0 HTTP 302
  • https://sync.crwdcntrl.net/map/c=8157/tp=NLDN/tpid=41a191d8-5ae5-4a33-94c3-903e4621595e/gdpr=0
Request Chain 115
  • https://thrtle.com/insync?vxii_pid=10014&gdpr=0&vxii_pdid=4d9a01da34958f70238a20be8a904041 HTTP 302
  • https://thrtle.com/insync?gdpr=0&vxii_pdid=4d9a01da34958f70238a20be8a904041&vxii_pid=12&vxii_pid1=10014&vxii_rcid=8f0cb452-945b-4635-920a-a00e6e5ddaa8
Request Chain 130
  • https://rp.liadm.com/j?dtstmp=1692335036193&se=e30&duid=4ba582fb2221--01h83gen8xktc15tdqmhqd5kny&pu=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&wpn=prebid HTTP 302
  • https://rp.liadm.com/j?dtstmp=1692335036193&se=e30&duid=4ba582fb2221--01h83gen8xktc15tdqmhqd5kny&pu=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&wpn=prebid&n3pc=true
Request Chain 133
  • https://sb.scorecardresearch.com/b?c1=2&c2=6034988&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1692335036218&ns_c=UTF-8&c3=&c4=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&c7=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&c8=Computers%20still%20down%20in%20Oregon%20county%20hit%20by%20cyberattack%20-%20oregonlive.com&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6034988&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1692335036218&ns_c=UTF-8&c3=&c4=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&c7=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&c8=Computers%20still%20down%20in%20Oregon%20county%20hit%20by%20cyberattack%20-%20oregonlive.com&c9=
Request Chain 144
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5_an-db5 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5_an-db5&dcc=t
Request Chain 153
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1692335036900&url=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&tm=gtmv2 HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1692335036900&url=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&tm=gtmv2&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3252378%26time%3D1692335036900%26url%3Dhttps%253A%252F%252Fwww.oregonlive.com%252Fnews%252F2020%252F01%252Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html%26tm%3Dgtmv2%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1692335036900&url=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&tm=gtmv2&cookiesTest=true&liSync=true
Request Chain 171
  • https://tg.socdm.com/aux/idsync?proto=taboola HTTP 302
  • https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZN77vsCo8YkAAOVljagAAAAA
Request Chain 174
  • https://pixel.rubiconproject.com/exchange/sync.php?p=16698 HTTP 302
  • https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LLG4L5CG-H-2N2O
Request Chain 175
  • https://pr-bh.ybp.yahoo.com/sync/taboola/03c40802-bf26-4dca-babc-6267fa98b8c5-tuctbd8813c?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-wbRxwo5E2oSmVpnDy.5zNSRAUHa5vBfx.mZh.g--~A
Request Chain 176
  • https://trace.mediago.io/ju/cs/taboola HTTP 302
  • https://sync.taboola.com/sg/baidurtb-network/1/rtb-h/?taboola_hm=eeb3dec9450921e4872c6d86c6f2fe95
Request Chain 177
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESELd8cbQVOVxiSbHRMKBUEME&google_cver=1
Request Chain 179
  • https://sync.taboola.com/sg/google-network/1/rtb/?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=03c40802-bf26-4dca-babc-6267fa98b8c5-tuctbd8813c
Request Chain 180
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=03fe9b01-43dc-4fda-ad2d-91fffd659144
Request Chain 181
  • https://ce.lijit.com/merge?pid=42&3pid=03c40802-bf26-4dca-babc-6267fa98b8c5-tuctbd8813c&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=42&3pid=03c40802-bf26-4dca-babc-6267fa98b8c5-tuctbd8813c&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Request Chain 184
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=00ba0101-218e-463a-b0f2-54fd1550533a
Request Chain 185
  • https://id5-sync.com/s/464/9.gif?puid=03c40802-bf26-4dca-babc-6267fa98b8c5-tuctbd8813c&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/464/464/7/1.gif?puid=03c40802-bf26-4dca-babc-6267fa98b8c5-tuctbd8813c&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/464/2/6/2.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/2/6/2.gif?puid=7863576873242556398&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F5%2F3.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://uipapac.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F5%2F3.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://uipapac.semasio.net/id5/1/get2?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F5%2F3.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/464/112/5/3.gif?puid=934F23FD2378EBFB&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F10%2F4%2F4.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F10%2F4%2F4.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/464/10/4/4.gif?puid=1908309046779791046&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ac515wr6dudasH1VE53MPiPSY9HObRpr63_ilCgPMg&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F3%2F3%2F5.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/3/3/5.gif?puid=37a564de-fbc3-4a00-9e7e-2bfe50407375&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=8b999cfa-351b-4b8b-9198-9c822931a478&ttl=%%TTL%% HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F1%2F7.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/108/1/7.gif?puid=3642a27d-858e-4c26-b54a-6e8c703ac9d3&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F10%2F0%2F8.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/464/10/0/8.gif?puid=1908309046779791046&gdpr=0&gdpr_consent=
Request Chain 186
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=0&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dtaboola%26bsw_param%3D9c6d1569-389b-4141-9965-a0c573d5deff%26gdpr%3D0%26consent%3D%26gdpr_pd%3D%26expires%3D7 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=542863e733184c42bdcf045574989afa&ssp=taboola&bsw_param=9c6d1569-389b-4141-9965-a0c573d5deff&gdpr=0&consent=&gdpr_pd=&expires=7 HTTP 302
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=85d455f1-a9cd-401c-b4a8-2f85f780b33b&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 187
  • https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=b891cd1a-f4d0-4056-8fe1-6a338fe37346 HTTP 302
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=b891cd1a-f4d0-4056-8fe1-6a338fe37346&tbid=03c40802-bf26-4dca-babc-6267fa98b8c5-tuctbd8813c&query=taboola_hm%3Db891cd1a-f4d0-4056-8fe1-6a338fe37346&isDirect=0
Request Chain 189
  • https://eb2.3lift.com/xuid?mid=7772&xuid=03c40802-bf26-4dca-babc-6267fa98b8c5-tuctbd8813c&dongle=tbla&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=03c40802-bf26-4dca-babc-6267fa98b8c5-tuctbd8813c&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=
Request Chain 190
  • https://sync.srv.stackadapt.com/sync?nid=140 HTTP 302
  • https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=T5JGdZOhWWx9qO_rLbwWkELLcKE
Request Chain 192
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&ph=295bf259-a378-4089-aae8-a2a995ba8627&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26us_privacy%3D1---%26orig%3Dvideo%26taboola_hm%3D HTTP 302
  • https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=82b92d3a-18f1-4b13-a1fb-769fac7dc1ab
Request Chain 193
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=121&0&&us_privacy=&redir= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=121&0&&us_privacy=&redir= HTTP 302
  • https://sync.taboola.com/sg/centrortb-network/1/rtb-h/?taboola_hm=e4314d07-0d11-48d6-99a3-aa5b810dead3-64defbc0-5553
Request Chain 206
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&rid=esp&cc=1
Request Chain 269
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=7863576873242556398&ex=appnexus.com
Request Chain 274
  • https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP 302
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=03fe9b01-43dc-4fda-ad2d-91fffd659144
Request Chain 275
  • https://pr-bh.ybp.yahoo.com/sync/taboola/03c40802-bf26-4dca-babc-6267fa98b8c5-tuctbd8813c?gdpr=0&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-C121MzVE2oTt.3G2DpSjw5xFHjJbO7oaTdmlJw--~A
Request Chain 276
  • https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=0&us_privacy=1--- HTTP 302
  • https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=0&us_privacy=1---&verify=true HTTP 302
  • https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-a7IooBNE2uG9uTacXETc27lu1XVN7cu6~A&gdpr_in_effect=0
Request Chain 279
  • https://match.adsrvr.org/track/cmf/openx?oxid=0583ce19-f2f0-7a44-d355-77190d00651f&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/openx?oxid=0583ce19-f2f0-7a44-d355-77190d00651f&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=03fe9b01-43dc-4fda-ad2d-91fffd659144&ttd_puid=0583ce19-f2f0-7a44-d355-77190d00651f&gdpr=0&gdpr_consent=
Request Chain 280
  • https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZN77v8Co8YkAAOVljeMAAAAA
Request Chain 281
  • https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AaFKKtbFoNeVks8AD7Il_4IwPs8AAAGKBwdj-w
Request Chain 283
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOGoBctB7X3Nupz9teDnpnk&google_cver=1
Request Chain 288
  • https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP 302
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=8b999cfa-351b-4b8b-9198-9c822931a478
Request Chain 289
  • https://pr-bh.ybp.yahoo.com/sync/taboola/03c40802-bf26-4dca-babc-6267fa98b8c5-tuctbd8813c?gdpr=0&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-cwgGRtBE2oQ5EwSxpDfGe8rIWrJuvKGrgbzuhg--~A
Request Chain 291
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 306
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=VR7hBnVvTlGynV09lbOKIw%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 307
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=551EE106-756F-4E51-B29D-5D3D95B38A23 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=551EE106-756F-4E51-B29D-5D3D95B38A23 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=3642a27d-858e-4c26-b54a-6e8c703ac9d3%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=8b999cfa-351b-4b8b-9198-9c822931a478&ttd_puid=3642a27d-858e-4c26-b54a-6e8c703ac9d3%2C%2C
Request Chain 309
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=551EE106-756F-4E51-B29D-5D3D95B38A23&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipapac.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=551EE106-756F-4E51-B29D-5D3D95B38A23&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipapac.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=551EE106-756F-4E51-B29D-5D3D95B38A23&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 310
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTUxRUUxMDYtNzU2Ri00RTUxLUIyOUQtNUQzRDk1QjM4QTIz&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 311
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJ-16_erUMgiz3hKaz0y4_k&google_cver=1
Request Chain 312
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:F0A81E0D1BBC488EBBC038DE7AB08D2B
Request Chain 314
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=8b999cfa-351b-4b8b-9198-9c822931a478&gdpr=0&gdpr_consent=
Request Chain 315
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=85d455f1-a9cd-401c-b4a8-2f85f780b33b&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=7edfd391-d5a6-42c6-90bb-c48894b916f4&expires=1&user_group=5&ssp=pubmatic&bsw_param=85d455f1-a9cd-401c-b4a8-2f85f780b33b&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=85d455f1-a9cd-401c-b4a8-2f85f780b33b&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 322
  • https://id5-sync.com/i/392/8.gif?id5id=ID5*JYGQuMpCN7hk9xHQJYdc9NpAYJPR5uUPEB26wadcDtFcDv-W3AAfX7AqJtgLoFzLXA8rsj3IG0F-VGI3S8vmog&o=api&gdpr_consent=undefined&gdpr=false HTTP 302
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F392%2F112%2F7%2F2.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://uipapac.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F392%2F112%2F7%2F2.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/392/112/7/2.gif?puid=8A4747CF8C22792&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ac515wr6dudasH1VE53MPiPSY9HObRpr63_ilCgPMg&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F392%2F3%2F6%2F3.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/392/3/6/3.gif?puid=37a564de-fbc3-4a00-9e7e-2bfe50407375&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F392%2F108%2F5%2F4.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/392/108/5/4.gif?puid=3642a27d-858e-4c26-b54a-6e8c703ac9d3&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/392/2/4/5.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/392/2/4/5.gif?puid=7863576873242556398&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=8b999cfa-351b-4b8b-9198-9c822931a478&ttl=%%TTL%% HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F392%2F10%2F2%2F7.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/392/10/2/7.gif?puid=1908309046779791046&gdpr=0&gdpr_consent= HTTP 302
  • https://token.rubiconproject.com/token?pid=49266&puid={ID5UID}&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/285.gif?puid=LLG4L5CG-H-2N2O&gdpr=0 HTTP 302
  • https://inmobi-match.dotomi.com/match/bounce/current?networkId=98193&version=1&gdpr=0&gdpr_consent= HTTP 302
  • https://inmobi-match.dotomi.com/match/bounce/current?DotomiTest=2141ce61f1162281&is_secure=true&networkId=98193&version=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/822.gif?puid=AAAMQiMznviFNgMPlTAHAAAAAAA&expiration=1692421446&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 324
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=16698&gdpr=0&us_privacy=1---&gdpr=0&us_privacy=1---&khaos=LLG4L5CG-H-2N2O HTTP 302
  • https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LLG4L5CG-H-2N2O&gdpr=0&us_privacy=1---
Request Chain 325
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODRjMmQxNGMzY2I5Yjg4YmI4ZmIwMjYyZjhmODRiNTY0OTJlOTAyZQ&gdpr=0&us_privacy=1---
Request Chain 326
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEP8Od1vImlrzLbb8D84UmfE&google_cver=1
Request Chain 327
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0&us_privacy=1--- HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/x8z3Z6UU5BECyIRZm84PgQ?csrc=&gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-nTp9sNJE2oJZYo40DnDNJLhZRAd3DTcH_fnE1A--~A
Request Chain 328
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=8b999cfa-351b-4b8b-9198-9c822931a478&gdpr=0&gdpr_consent=&expires=30
Request Chain 330
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TExHNEw1Q0ctSC0yTjJP&gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEDs_I_cFeszPWGswqeJyLmA&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExHNEw1Q0ctSC0yTjJP&google_push=&gdpr=0
Request Chain 331
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0&us_privacy=1--- HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLG4L5CG-H-2N2O&gdpr=0&us_privacy=1---
Request Chain 332
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=kBTidpe4RWS6hjmxVpt9sQ&rk=usync-na&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=kBTidpe4RWS6hjmxVpt9sQ&gdpr=0
Request Chain 350
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=CNfgEvfveZOzsDYyLssUPot-c-AjqqNqvcraH67HiEZjo5IeYFRABILfI00dgpYCAgJABoAHtwtm1AsgBCeACAKgDAcgDAqoE6gJP0AoSLgurB2PUAeyuvTELonKyPLvCup2ahDuNs4e5xg69mY9oKYo5Y2M-P_OlWsLul-Uc7xUvaabdDr4Epahf187xVZHDGKy4WZsu3titLBiaY8LDbFiTEbK3JhNZvjRhtB7DXfJ5-YwB0cSumBpc5Yih-HkQKKhnFgVWOWvFiMBHvlofuZqIpmvNOdmh-1OjcdS_BgRDP3q7TmGKOnIAoIHWmEqGp3jlV52ZuYwLdT1vwpfA1AKQpPRYsMZ1Un6us_SKpGqo05Ju0eRlRWBIWldb01JsGcmHYz8rL6V1Bu84bd0NaS-JK2xV9vlrADBldAhLHyblHWx_3nLyIWAbMgi7lEwa2Yp2B9vbExMermXsNTV9MNZ--E1cvuU3mQoPkO5zVVunig9nvt8GtRU5qayDd0s2qEjxswgN67j9BQ7k35RYK3J5PbLwp4G5vSAxZybg_bQQOqJHD9HBEdN7SM_kwEeEIXbvcMAE44HT9cwE4AQBkgUECAQYAZIFBAgFGASgBl2AB_u8psoBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQqKIM0ggUCIBhEAEYHTICigI6AoBASL39wTqaCaoBaHR0cHM6Ly9tdXNjbGUtYm9vc3Rlci5pbz9icmFuY2gtbmFtZT1jaGFpciZ0ZXN0LW5hbWU9Z28xY2loJnV0bV9zb3VyY2U9Z29vZ2xlJnV0bV9tZWRpdW09Y3BjJmNhbXBhaWduX2lkPTIwNDU0MTA2MjM4JmFkZ3JvdXBfaWQ9MTU4MDg2Nzc1MDExJmFkX2lkPTY2OTcyMjc3MTAwNCZ1dG1fdGVybT2ACgPICwHaDBAKChDg9dSazcS9_gcSAgED2BMN0BUBmBYBgBcBshceChwIABIUcHViLTY0MjIyMzE2NTE0OTMyNzgY35Ef&sigh=uNJfgdjtRoc&uach_m=[UACH]&ase=2&cid=CAQSPABpAlJWKuU_arY4FG9rlvI8qEaJRbdeBROJituB_QAaRAWtYadpm-PcvmSaXdiDC7b3qbTqH1LGnvw0jBgB&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xa4ca99c8ae68f21a0000000000000000%22,%222%22:%220x93703c8f2be0035e0000000000000000%22,%225%22:%220x815472d132c9d7af0000000000000000%22},%22debug_key%22:%224469048895941089650%22,%22debug_reporting%22:true,%22destination%22:%22https://muscle-booster.io%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22649486701%22],%224%22:[%2208-18%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223729397240287554513%22}&andc=true
Request Chain 375
  • https://pr-bh.ybp.yahoo.com/sync/taboola/03c40802-bf26-4dca-babc-6267fa98b8c5-tuctbd8813c?gdpr=0&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-3MNfTbtE2oRhvMwQ4.XNwLMg88Y2fps.uh0YgQ--~A
Request Chain 376
  • https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=0&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-a7IooBNE2uG9uTacXETc27lu1XVN7cu6~A&gdpr_in_effect=0
Request Chain 401
  • https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 429
  • https://c1.adform.net/serving/cookie/match?party=14&cid=551EE106-756F-4E51-B29D-5D3D95B38A23&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=551EE106-756F-4E51-B29D-5D3D95B38A23&gdpr=0&gdpr_consent=
Request Chain 430
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=1T_KpYVpzfPOPpqm1T2DooE_zPXOMp2kgDIqp5Jr
Request Chain 431
  • https://cm.ambientdsp.com/cm/send?vc=pmj HTTP 301
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=118o1bwn7gl9
Request Chain 432
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7863576873242556398&gdpr=0&gdpr_consent=
Request Chain 433
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 434
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZN77wwAAAPAQywBV
Request Chain 435
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=T5JGdZOhWWx9qO_rLbwWkELLcKE&gdpr=0&gdpr_consent=
Request Chain 436
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=afej6twsv6tr
Request Chain 437
  • https://idsync.rlcdn.com/420486.gif?partner_uid=551EE106-756F-4E51-B29D-5D3D95B38A23 HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=92678aca106c222dfaade70d089ca5dde1281feb3daece9ca445e3b61ace0fcf791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA5MjY3OGFjYTEwNmMyMjJkZmFhZGU3MGQwODljYTVkZGUxMjgxZmViM2RhZWNlOWNhNDQ1ZTNiNjFhY2UwZmNmNzkxNDI2YjU0MTdkY2UyMRAAGgwIw_f7pgYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA5MjY3OGFjYTEwNmMyMjJkZmFhZGU3MGQwODljYTVkZGUxMjgxZmViM2RhZWNlOWNhNDQ1ZTNiNjFhY2UwZmNmNzkxNDI2YjU0MTdkY2UyMRAAGgwIw_f7pgYSBAgCEABCAEoA&google_gid=CAESEDSKwbK0nOApkUZY0l9r8nA&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=a0a6e585-e542-4f7b-8599-bf6bda753f75
Request Chain 438
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=551EE106-756F-4E51-B29D-5D3D95B38A23&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-.vX.eVhE2uXlC3h2y_4mvHjMfO22y5Q-~A&gdpr=0
Request Chain 439
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3129732796144541368
Request Chain 440
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3716523809623638564&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 441
  • https://c1.adform.net/serving/cookie/match?party=14&cid=551EE106-756F-4E51-B29D-5D3D95B38A23&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=551EE106-756F-4E51-B29D-5D3D95B38A23&gdpr=0&gdpr_consent=
Request Chain 442
  • https://idsync.rlcdn.com/420486.gif?partner_uid=551EE106-756F-4E51-B29D-5D3D95B38A23 HTTP 307
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=5045b17f-3fb7-4c24-8c2c-f7ea349b04c7
Request Chain 443
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=MgzvSGJa6B4pDb9LMAymHDNb6hspXelOMQHlTC5E
Request Chain 444
  • https://cm.ambientdsp.com/cm/send?vc=pmj HTTP 301
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=118o1bwworz4
Request Chain 445
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7863576873242556398&gdpr=0&gdpr_consent=
Request Chain 446
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 447
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=551EE106-756F-4E51-B29D-5D3D95B38A23&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-.vX.eVhE2uXlC3h2y_4mvHjMfO22y5Q-~A&gdpr=0
Request Chain 448
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZN77wwAJZreGIgAN
Request Chain 454
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?us_privacy=1---&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZN77wm-kt8ryulzCHlnBYwAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELVQiTGvJkeky_yV29dLqK0&google_cver=1
Request Chain 456
  • https://match.adsrvr.org/track/cmf/casale?us_privacy=1--- HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=8b999cfa-351b-4b8b-9198-9c822931a478&expiration=1694927043&gdpr=0&gdpr_consent=
Request Chain 457
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZN77wm_kt8ryulzCHlnBYwAAEmsAAAIB&gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELAxLoKJ8ankqpLuhmZAck8&google_cver=1
Request Chain 458
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=1---&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=f3a24a65-2fb7-4df6-8a6e-a73cc0302135&gpp_sid=null&gpp=null&us_privacy=1---&gdpr_consent=null&gdpr=null
Request Chain 459
  • https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=4530681814726889376&gdpr=0&gdpr_consent=
Request Chain 460
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&us_privacy=1--- HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&us_privacy=1---&_test=ZN77wwAGMnYSbgBV HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZN77wwAGMnYSbgBV&us_privacy=1---&_test=ZN77wwAGMnYSbgBV
Request Chain 461
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&us_privacy=1--- HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=7863576873242556398&us_privacy=1---
Request Chain 466
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3353366432889778000V10%26type%3Drkt%26refUrl%3D%26vid%3D23350435163353366432889778000V10%26ovsid%3D%7Buserid%7D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3353366432889778000V10&type=rkt&refUrl=&vid=23350435163353366432889778000V10&ovsid=1977432093378128057
Request Chain 467
  • https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3353366432889778000V10%26type%3Dcon%26refUrl%3D%26vid%3D23350435163353366432889778000V10%26ovsid%3D%24UID HTTP 302
  • https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=7af504b98647257b&is_secure=true&version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3353366432889778000V10%26type%3Dcon%26refUrl%3D%26vid%3D23350435163353366432889778000V10%26ovsid%3D%24UID HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3353366432889778000V10&type=con&refUrl=&vid=23350435163353366432889778000V10&ovsid=AAAJrVUv6KOD8QM6wH7KAAAAAAA&expiration=1692421444&is_secure=true
Request Chain 468
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3353366432889778000V10%26type%3Dr1%26refUrl%3D%26vid%3D23350435163353366432889778000V10%26ovsid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&zcc=1&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3353366432889778000V10%26type%3Dr1%26refUrl%3D%26vid%3D23350435163353366432889778000V10%26ovsid%3D%5BRX_UUID%5D&cb=1692335044108 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=7206829049 HTTP 302
  • https://sync.1rx.io/usersync/turn/3716523809623638564?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-bf7e7654-3a31-4510-adb4-9e67b63e59de-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3353366432889778000V10%26type%3Dr1%26refUrl%3D%26vid%3D23350435163353366432889778000V10%26ovsid%3DRX-bf7e7654-3a31-4510-adb4-9e67b63e59de-004 HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3353366432889778000V10&type=r1&refUrl=&vid=23350435163353366432889778000V10&ovsid=RX-bf7e7654-3a31-4510-adb4-9e67b63e59de-004
Request Chain 469
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzM1MzM2NjQzMjg4OTc3ODAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEG-HGEgg_t0nFKFow_rQB3I&google_cver=1
Request Chain 470
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3353366432889778000V10%26type%3Ddxu%26refUrl%3D%26vid%3D23350435163353366432889778000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3353366432889778000V10%26type%3Ddxu%26refUrl%3D%26vid%3D23350435163353366432889778000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3353366432889778000V10&type=dxu&refUrl=&vid=23350435163353366432889778000V10&ovsid=EPncLZo91QwREw5
Request Chain 471
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=00ba0101-218e-463a-b0f2-54fd1550533a
Request Chain 472
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=medianet&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=medianet&gdpr=0&user_id=nLEaoMznHfaHsEqjnrFT9J3mH_OH4Bymn7wTPGGS HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=85d455f1-a9cd-401c-b4a8-2f85f780b33b&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 473
  • https://b1sync.zemanta.com/usersync/medianet/?puid=${VSID}&cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3353366432889778000V10%26type%3Dzem%26refUrl%3D%26vid%3D23350435163353366432889778000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=53I2OPE7Joc9Vv-EHxBm&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2MJGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPJVGNETET2QIU3UU33DHFLHMLKFJB4EE3LIOR2HA4ZFGNASKMSGEUZEMY3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIJJSIZRWW43ZNZRS44DIOASTGRTDOMSTGRBYEZXXM43JMQ6V6X22KVEUIX27EZZGKZSVOJWD2JTUPFYGKPL2MVWSM5DZOBST26TFNUTHM2LEHUZDGMZVGA2DGNJRGYZTGNJTGM3DMNBTGI4DQOJXG44DAMBQKYYTAJTWONUWIPJTGM2TGMZWGY2DGMRYHA4TONZYGAYDAVRRGA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2MJGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPJVGNETET2QIU3UU33DHFLHMLKFJB4EE3LIOR2HA4ZFGNASKMSGEUZEMY3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIJJSIZRWW43ZNZRS44DIOASTGRTDOMSTGRBYEZXXM43JMQ6V6X22KVEUIX27EZZGKZSVOJWD2JTUPFYGKPL2MVWSM5DZOBST26TFNUTHM2LEHUZDGMZVGA2DGNJRGYZTGNJTGM3DMNBTGI4DQOJXG44DAMBQKYYTAJTWONUWIPJTGM2TGMZWGY2DGMRYHA4TONZYGAYDAVRRGA HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&ovsid=53I2OPE7Joc9Vv-EHxBmhttps%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8&ovsid=__ZUID__&refUrl=&type=zem&type=zem&vid=23350435163353366432889778000V10&vsid=3353366432889778000V10
Request Chain 475
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3353366432889778000V10 HTTP 302
  • https://contextual.media.net/cksync.php?type=mf&ovsid=b891cd1a-f4d0-4056-8fe1-6a338fe37346&cs=1
Request Chain 477
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=8b999cfa-351b-4b8b-9198-9c822931a478
Request Chain 478
  • https://creativecdn.com/cm-notify?pi=medianet HTTP 302
  • https://creativecdn.com/cm-notify?pi=medianet&tc=1 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&vsid=%7BMedia.net_User_id%7D&type=rbh&ovsid=kbhJOymLa2OtKuhbL3so&pi=medianet&tc=1
Request Chain 490
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null&gpp_string=DBABLA~BVQqAAAACgA.QA&gpp_sid=7 HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=42e4c623bb801e1484f732704e29e096&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3dnull&gdpr=0&gdpr_consent=null HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=w8a9c_7268523676445433364&gdpr=0&gdpr_consent=null HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=8b999cfa-351b-4b8b-9198-9c822931a478&gdpr=0&gdpr_consent= HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=42e4c623bb801e1484f732704e29e096&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d&892=8b999cfa-351b-4b8b-9198-9c822931a478&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=w8a9c_7268523676445433364&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://ads.stickyadstv.com/user-registering?userId=AAEUCU7JvfgAACRKRN-VbQ&dataProviderId=817&gdpr=0 HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=42e4c623bb801e1484f732704e29e096&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d&26913=AAEUCU7JvfgAACRKRN-VbQ&gdpr=0 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=w8a9c_7268523676445433364&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent= HTTP 303
  • https://ads.stickyadstv.com/user-registering?userId=AAEUCU7JvfgAACRKRN-VbQ&dataProviderId=817&gdpr=0 HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=42e4c623bb801e1484f732704e29e096&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d&26913=AAEUCU7JvfgAACRKRN-VbQ&gdpr=0 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=w8a9c_7268523676445433364&gdpr=0&gdpr_consent= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/42e4c623bb801e1484f732704e29e096?gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-GoEHL6NE2oN9GQo205VW8dayjjJUlLFLRZnbHRg.~A HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=42e4c623bb801e1484f732704e29e096&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d&717=y-GoEHL6NE2oN9GQo205VW8dayjjJUlLFLRZnbHRg.%7EA HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=w8a9c_7268523676445433364&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=
Request Chain 498
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NDJlNGM2MjNiYjgwMWUxNDg0ZjczMjcwNGUyOWUwOTY=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Request Chain 499
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=42e4c623bb801e1484f732704e29e096&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Request Chain 503
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=T5JGdZOhWWx9qO_rLbwWkELLcKE&gdpr=0&gdpr_consent=
Request Chain 504
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1908309046779791046
Request Chain 505
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=afej6twsv6tr
Request Chain 507
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=7665fa5896fc4041a02edd47b9750c21
Request Chain 508
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?piggybackCookie=OPUc166af47755d431da875e2ed02f2fa1f&vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA%3D
Request Chain 510
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=yozjjDr8BI6V_7FNxvveZA
Request Chain 511
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3716523809623638564&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 512
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=551EE106-756F-4E51-B29D-5D3D95B38A23&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=156c1c0eef6a1b3f&is_secure=true&networkId=17100&version=1&nuid=551EE106-756F-4E51-B29D-5D3D95B38A23&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAJrVUv6KOElwMjFL35AAAAAAA&expiration=1692421445&nuid=551EE106-756F-4E51-B29D-5D3D95B38A23&is_secure=true&gdpr_consent=&gdpr=0

538 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request computers-still-down-in-oregon-county-hit-by-cyberattack.html
www.oregonlive.com/news/2020/01/ 		218 KB
39 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.176 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-176.pacnet.net
Software
openresty /
Resource Hash
dc92c8999198a51265f009ec6da651581b61a33dcae9f42848c9ce659b6077bd
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

akamai-true-ttl
-1
cache-control
private, max-age=60
content-encoding
gzip
content-length
38952
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=utf-8
date
Fri, 18 Aug 2023 05:03:52 GMT
etag
W/"35678-WrJOaXTCuZnS+muI5mL5pylePG0"
expires
Fri, 18 Aug 2023 05:04:52 GMT
last-modified
Fri, 18 Aug 2023 05:03:52 GMT
referrer-policy
no-referrer-when-downgrade
server
openresty
server-timing
cdn-cache; desc=REVALIDATE edge; dur=774 origin; dur=433 ak_p; desc="1692335031304_711167148_17606066_120671_10564_184_373_255";dur=1
vary
Accept-Encoding
x-akamai-transformed
9 36863 0 pmb=mRUM,2
x-amz-cf-id
CoD9mDEzaQSpelLovkZzsYt5zv7c3p9g42rqzgKUcy4WlzASFLinUA==
x-amz-cf-pop
ORD56-P4
x-arc-pb-request-id
79be78f0-174d-4e8e-8f48-b7c2769e8a10 d404eefd-6234-4cad-8734-5dd6bb18351f
x-arc-request-id
0.ac8c632a.1692335031.10ca5b2
default.css
www.oregonlive.com/pf/dist/components/output-types/ 		45 B
630 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.oregonlive.com/pf/dist/components/output-types/default.css?d=1106
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.176 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-176.pacnet.net
Software
openresty /
Resource Hash
bba5cf4bf97f335423ef8083a04d8810370b013c18a623e2aec413075ef82ddc
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Fri, 18 Aug 2023 05:03:53 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
PHL50-C1
x-amz-server-side-encryption
AES256
x-arc-request-id
0.ac8c632a.1692335033.10cb078
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1692335033102_711167148_17608824_28_8714_184_0_255";dur=1
content-length
57
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 17 Aug 2023 14:59:31 GMT
server
openresty
etag
"534bb0614e61e484cae7d5dc8ecc424c"
x-edgeconnect-cache-status
1
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
NgtdX9wz6AYHtg5RGeBiXdu0CHRqUPNSOp_sy9e2N0HpQkox5X206A==
expires
Sat, 17 Aug 2024 05:03:53 GMT
default.css
www.oregonlive.com/pf/dist/components/combinations/ 		419 KB
63 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.oregonlive.com/pf/dist/components/combinations/default.css?d=1106
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.176 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-176.pacnet.net
Software
openresty /
Resource Hash
01fd9c87ffa9fb58c3fb0467e6ec1f5a7ffbf5d7295c7b65d7279d15f2c8c1f5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Fri, 18 Aug 2023 05:03:53 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
ATL56-C1
x-amz-server-side-encryption
AES256
x-arc-request-id
0.ac8c632a.1692335033.10cb079
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1692335033102_711167148_17608825_27_8944_184_0_255";dur=1
content-length
64393
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 17 Aug 2023 14:59:31 GMT
server
openresty
etag
W/"4c7274445a1c80a71741d0568eeb888b"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
public, max-age=31536000
x-amz-cf-id
yrV6-gmvsa2LdvUdPwKtgXkgvjbGkg_NZ2p_5bjDjKDg2x93H3g_eQ==
expires
Sat, 17 Aug 2024 05:03:53 GMT
style.css
www.oregonlive.com/pf/resources/dist/oregonlive/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.oregonlive.com/pf/resources/dist/oregonlive/css/style.css?d=1106
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.176 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-176.pacnet.net
Software
openresty /
Resource Hash
267e3a2203571c2cc40b3ac7d7cc77dd00ef3673896af1244df949968280be42
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Fri, 18 Aug 2023 05:03:53 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
JFK50-P2
x-amz-server-side-encryption
AES256
x-arc-request-id
0.ac8c632a.1692335033.10cb07a
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1692335033102_711167148_17608826_31_8706_184_0_255";dur=1
content-length
506
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 17 Aug 2023 14:59:30 GMT
server
openresty
etag
W/"1f517006ce641ec9ae1d173f01aec8a5"
x-edgeconnect-cache-status
0
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
ZdK_yMD8lS5LpOPXi8B4_rcZJQ3YxFE-gE1CWRnmNugx274oCvkwug==
expires
Sat, 17 Aug 2024 05:03:53 GMT
react.js
www.oregonlive.com/pf/dist/engine/ 		352 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.oregonlive.com/pf/dist/engine/react.js?d=1106
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.176 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-176.pacnet.net
Software
openresty /
Resource Hash
c13e730af67227371b6b25dbbb6a6f8f1ea677a98e54d4e09ca1486a7d5417a2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Fri, 18 Aug 2023 05:03:53 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
IAD79-C2
x-amz-server-side-encryption
AES256
x-arc-request-id
0.ac8c632a.1692335033.10cb551
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1692335033737_711167148_17610065_36_9301_184_0_146";dur=1
content-length
107944
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 17 Aug 2023 14:59:31 GMT
server
openresty
etag
W/"6a6cf643b8c124190c98fc9073f76db1"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-cf-id
pVNuYYsYgw9msqsyVAn8TjEUnqEaVtRytR7-LQU5pAeMHch92ojNaA==
expires
Sat, 17 Aug 2024 05:03:53 GMT
default.js
www.oregonlive.com/pf/dist/components/combinations/ 		2 MB
453 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.oregonlive.com/pf/dist/components/combinations/default.js?d=1106
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.176 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-176.pacnet.net
Software
openresty /
Resource Hash
87508a160ad090c4ed36da45d17e48081fae6ee2322896211021cbea380eff93
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Fri, 18 Aug 2023 05:03:53 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
ATL56-C1
x-amz-server-side-encryption
AES256
x-arc-request-id
0.ac8c632a.1692335033.10cb56a
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1692335033749_711167148_17610090_116_8769_184_0_146";dur=1
content-length
462808
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 17 Aug 2023 14:59:31 GMT
server
openresty
etag
W/"23e59e2b5cc566c8624d899f90fd9e91"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-cf-id
tYkemc1PBcWinYIWcoosHW9fzofUsJokJc1SwunWCtyj7ABZC-fU5g==
expires
Sat, 17 Aug 2024 05:03:53 GMT
166b5d40-3430-46a0-8fb2-43f30962dec7-3.woff
www.oregonlive.com/pf/resources/fonts/ 		54 KB
54 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.oregonlive.com/pf/resources/fonts/166b5d40-3430-46a0-8fb2-43f30962dec7-3.woff?d=1106
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.176 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-176.pacnet.net
Software
openresty /
Resource Hash
6fa8b9c20d5c4f5711f76f4f4adafafc90e8f89bac2c7b3dfc2c7e63abb55d21
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Origin
https://www.oregonlive.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Fri, 18 Aug 2023 05:03:53 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
JFK50-P2
x-amz-server-side-encryption
AES256
x-arc-request-id
0.ac8c632a.1692335033.10cb07b
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1692335033102_711167148_17608827_35_8659_184_0_219";dur=1
content-length
54391
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 17 Aug 2023 14:59:30 GMT
server
openresty
etag
W/"63c3700153fd19bac6ac63c816251c03"
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
22C1HJLeWJDaKVK89lR3HTRdi8mXdaLEPabLcfXk2vWhZJ_ElCV0rw==
expires
Sat, 17 Aug 2024 05:03:53 GMT
448c4642-c106-472f-9c6a-a4d7b5347b03-3.woff
www.oregonlive.com/pf/resources/fonts/ 		53 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.oregonlive.com/pf/resources/fonts/448c4642-c106-472f-9c6a-a4d7b5347b03-3.woff?d=1106
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.176 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-176.pacnet.net
Software
openresty /
Resource Hash
c942cb01ca7d8956086518f0315ac0be0374cb0f0a38ffe67a52bc4ae7ff5f6f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Origin
https://www.oregonlive.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Fri, 18 Aug 2023 05:03:53 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
IAD79-C2
x-amz-server-side-encryption
AES256
x-arc-request-id
0.ac8c632a.1692335033.10cb07c
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1692335033102_711167148_17608828_40_8655_184_0_219";dur=1
content-length
53376
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 17 Aug 2023 14:59:30 GMT
server
openresty
etag
W/"00b8650c0e6992c5c9ced8f621e43ffd"
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
y6dpw8j5TAStU_B-vGqFyYbQQZabvcnhZALF4fToWvvGdIuMtJAKig==
expires
Sat, 17 Aug 2024 05:03:53 GMT
a408f907-3ee4-4578-a3d1-4134558cb82a-3.woff
www.oregonlive.com/pf/resources/fonts/ 		53 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.oregonlive.com/pf/resources/fonts/a408f907-3ee4-4578-a3d1-4134558cb82a-3.woff?d=1106
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.176 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-176.pacnet.net
Software
openresty /
Resource Hash
c25ce818c3c2ab4992bc0b61a60d1822f239a638af59ad63ed2fe2028e3037f8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Origin
https://www.oregonlive.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Fri, 18 Aug 2023 05:03:53 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
ORD56-P4
x-amz-server-side-encryption
AES256
x-arc-request-id
0.ac8c632a.1692335033.10cb07d
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1692335033102_711167148_17608829_40_8612_184_0_219";dur=1
content-length
53862
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 17 Aug 2023 14:59:30 GMT
server
openresty
etag
W/"527a99c70868c89d6be3cc11a8feb999"
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
WIshC6Ky-IZB4tsF2atZ7NQ_ws-IS7FKbxwQu-paSrmxjUTFzc_E8g==
expires
Sat, 17 Aug 2024 05:03:53 GMT
farnhamheadline-medium.woff
www.oregonlive.com/pf/resources/fonts/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.oregonlive.com/pf/resources/fonts/farnhamheadline-medium.woff?d=1106
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.176 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-176.pacnet.net
Software
openresty /
Resource Hash
7ff100c907d85bc5b7503e7a88c0a7f256ed2561ee431ffc10fcd7cce517c321
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Origin
https://www.oregonlive.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Fri, 18 Aug 2023 05:03:53 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
IAD79-C2
x-amz-server-side-encryption
AES256
x-arc-request-id
0.ac8c632a.1692335033.10cb07f
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1692335033102_711167148_17608831_42_9029_184_0_219";dur=1
content-length
36831
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 17 Aug 2023 14:59:30 GMT
server
openresty
etag
W/"05b85684cbf3bc11490297c50cfd67c3"
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
kH5765IH7SSYWdd2-9s-v2SrFnx_6HzLbOr2BddJ_7MfEbtI0_R3Ng==
expires
Sat, 17 Aug 2024 05:03:53 GMT
farnhamheadline-semi-bold.woff
www.oregonlive.com/pf/resources/fonts/ 		36 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.oregonlive.com/pf/resources/fonts/farnhamheadline-semi-bold.woff?d=1106
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.176 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-176.pacnet.net
Software
openresty /
Resource Hash
80aef8ca7c0f2e0384b4862dc03f1f4222d61f4179a7031a2180530722db8142
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Origin
https://www.oregonlive.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Fri, 18 Aug 2023 05:03:53 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
ATL56-C1
x-amz-server-side-encryption
AES256
x-arc-request-id
0.ac8c632a.1692335033.10cb080
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1692335033102_711167148_17608832_41_8772_184_0_219";dur=1
content-length
37066
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 17 Aug 2023 14:59:30 GMT
server
openresty
etag
W/"c9a8222fbabe6b700baacd21dd7a1f61"
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
YFwHDw-yEcUMA6vCAnW5DkU9j0Fu6hqSDneKsk-JxlhUhwdudlEDBg==
expires
Sat, 17 Aug 2024 05:03:53 GMT
SPI7P5TEK5HPNGQEJDQZY3BDJU.JPG
www.oregonlive.com/resizer/IHFcSnzk9HPv_U1ROLo00jVcuJ0=/800x0/smart/arc-anglerfish-arc2-prod-advancelocal.s3.amazonaws.com/public/ 		76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.oregonlive.com/resizer/IHFcSnzk9HPv_U1ROLo00jVcuJ0=/800x0/smart/arc-anglerfish-arc2-prod-advancelocal.s3.amazonaws.com/public/SPI7P5TEK5HPNGQEJDQZY3BDJU.JPG
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.176 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-176.pacnet.net
Software
Akamai Image Server /
Resource Hash
a69bd03902a192069b0da5ab6dfa0716ae471768a27169daeca4d4862d15070e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

akamai-true-ttl
300
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 18 Aug 2023 05:03:58 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
server
Akamai Image Server
etag
"0e1f66a7a6ba26d5071e24aefc13774c45f0e875"
x-arc-request-id
0.ac8c632a.1692335033.10cb56b
content-type
image/jpeg
cache-control
private, max-age=300
server-timing
cdn-cache; desc=MISS, edge; dur=779, origin; dur=3897, ak_p; desc="1692335033749_711167148_17610091_467707_10084_184_0_219";dur=1
x-akamai-note
original-image
content-length
77316
expires
Fri, 18 Aug 2023 05:08:58 GMT
iabCcpaIntegrationScript-noGAM.js
cdn.cookielaw.org/opt-out/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/opt-out/iabCcpaIntegrationScript-noGAM.js
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.170.114 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e3c7bdc4bfffb58a973062aabf808691f7603416290254b76161cab69952053
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 18 Aug 2023 05:03:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
ZkLmnzyu8aoAQNwZHm6Yqw==
age
355
x-ms-lease-status
unlocked
last-modified
Tue, 22 Feb 2022 22:01:18 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
92965cfc-901e-0118-2ce1-5ab326000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
7f879cebbbaba89e-SYD
logo_main_inverse.svg
www.oregonlive.com/pf/resources/images/oregonlive/logos/ 		8 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.oregonlive.com/pf/resources/images/oregonlive/logos/logo_main_inverse.svg?d=1106
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.176 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-176.pacnet.net
Software
openresty /
Resource Hash
4302184dc2fbb5a79ca1d4aff202b3765ca02b66a143330d9b8cda00e8373ad4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Fri, 18 Aug 2023 05:03:53 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
ATL56-C1
x-amz-server-side-encryption
AES256
x-arc-request-id
0.ac8c632a.1692335033.10cb56c
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1692335033750_711167148_17610092_179_8301_184_0_146";dur=1
content-length
3177
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 17 Aug 2023 14:59:30 GMT
server
openresty
etag
W/"c42135171c86843d697e4ff9e7b9136d"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
X4v_SqP1MOqWXf8GY7DAcnAjqaFBRj9RZo8ae3v3JT69BH9NmxseSw==
expires
Sat, 17 Aug 2024 05:03:53 GMT
logo_main_sm.svg
www.oregonlive.com/pf/resources/images/oregonlive/logos/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.oregonlive.com/pf/resources/images/oregonlive/logos/logo_main_sm.svg?d=1106
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.176 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-176.pacnet.net
Software
openresty /
Resource Hash
d1e32ebab2bdf5ce44bbafbc57e6788f5eb0c9ae6b0d499f5038bfa8147a3c51
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Fri, 18 Aug 2023 05:03:53 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
MIA3-P2
x-amz-server-side-encryption
AES256
x-arc-request-id
0.ac8c632a.1692335033.10cb56d
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1692335033760_711167148_17610093_1548_9051_184_0_146";dur=1
content-length
746
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 17 Aug 2023 14:59:30 GMT
server
openresty
etag
W/"c49149634ed4f8a4fc059bfa63e29957"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
uhHQGuToVx3lUvN3lLdiSINtpKM2hsFRygIHgyyExf2i6vOa29AxTg==
expires
Sat, 17 Aug 2024 05:03:53 GMT
facebook.svg
www.oregonlive.com/pf/resources/images/common/logos/ 		643 B
935 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.oregonlive.com/pf/resources/images/common/logos/facebook.svg?d=1106
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.176 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-176.pacnet.net
Software
openresty /
Resource Hash
d916a11c273edc69e2cc3c965ab77bbb3a38144b7e1c32932d30cb438bf0d494
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Fri, 18 Aug 2023 05:03:53 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
ATL56-C1
x-amz-server-side-encryption
AES256
x-arc-request-id
0.ac8c632a.1692335033.10cb56e
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1692335033749_711167148_17610094_125_8682_184_0_146";dur=1
content-length
391
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 17 Aug 2023 14:59:30 GMT
server
openresty
etag
W/"a0fc0683d116fb29711e1590c024630e"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
NFQA3J9GjOlcy7WFI0C4wqUgm02bTc0fiBKohmdUjdWb2uwL2RHzuA==
expires
Sat, 17 Aug 2024 05:03:53 GMT
twitter.svg
www.oregonlive.com/pf/resources/images/common/logos/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.oregonlive.com/pf/resources/images/common/logos/twitter.svg?d=1106
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.176 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-176.pacnet.net
Software
openresty /
Resource Hash
789228062659fc3c5412265a5a836b6c4d79b2ccde24f14952bc7409a267938b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Fri, 18 Aug 2023 05:03:53 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
ORD56-P4
x-amz-server-side-encryption
AES256
x-arc-request-id
0.ac8c632a.1692335033.10cb56f
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1692335033750_711167148_17610095_213_8578_184_0_146";dur=1
content-length
660
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 17 Aug 2023 14:59:30 GMT
server
openresty
etag
W/"c78cf749050a48f890188cd9d72632c9"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
CItMXnc2fF-vq8xJdRsUB5dYxRqFjZjdzeKjM7PFph6I0Adt8fCZeg==
expires
Sat, 17 Aug 2024 05:03:53 GMT
logo_footer.png
www.oregonlive.com/pf/resources/images/oregonlive/logos/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.oregonlive.com/pf/resources/images/oregonlive/logos/logo_footer.png?d=1106
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.176 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-176.pacnet.net
Software
Akamai Image Manager /
Resource Hash
7eee9e000aaabdab2fc4d8b5d7ed31a4253269f090b7be4dca7b3cb0398f2b63
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 18 Aug 2023 05:03:53 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 17 Aug 2023 16:04:20 GMT
server
Akamai Image Manager
etag
W/"649e5a3e0a9246cd8a5d527ce31784d7"
x-arc-request-id
0.ac8c632a.1692335033.10cb570
content-type
image/avif
access-control-allow-origin
*
cache-control
private, no-transform, max-age=31489250
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1692335033749_711167148_17610096_275_10471_184_0_146";dur=1
content-length
7761
expires
Fri, 16 Aug 2024 16:04:43 GMT
AdvanceLocal_horizontal.svg
www.oregonlive.com/pf/resources/images/common/logos/ 		9 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.oregonlive.com/pf/resources/images/common/logos/AdvanceLocal_horizontal.svg?d=1106
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.176 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-176.pacnet.net
Software
openresty /
Resource Hash
702c805fec65a8cc8c6c40aed34123b021e5ed6107cc6dfdebc4b0fc2e229887
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Fri, 18 Aug 2023 05:03:53 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
MIA3-P2
x-amz-server-side-encryption
AES256
x-arc-request-id
0.ac8c632a.1692335033.10cb571
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1692335033749_711167148_17610097_127_9226_184_0_146";dur=1
content-length
3554
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 17 Aug 2023 14:59:30 GMT
server
openresty
etag
W/"3770993da506fb6d4bbccfcdcc3a4800"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
_VS6XFhRpXP_LYw2hnPjisullzP2IgK2AJ4bWwjsPZLe-xw8nRL8Dw==
expires
Sat, 17 Aug 2024 05:03:53 GMT
privacyoptions29x14.png
www.oregonlive.com/pf/resources/images/common/icons/ 		626 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.oregonlive.com/pf/resources/images/common/icons/privacyoptions29x14.png?d=1106
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.176 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-176.pacnet.net
Software
Akamai Image Manager /
Resource Hash
81d96c2c7c2e932a708503820d985a2cec124fb641787b758321ffae78359ce8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 18 Aug 2023 05:03:53 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 17 Aug 2023 16:04:18 GMT
server
Akamai Image Manager
etag
W/"3becc0b0069622544a1ffb2da90eebe3"
x-arc-request-id
0.ac8c632a.1692335033.10cb572
content-type
image/png
access-control-allow-origin
*
cache-control
private, no-transform, max-age=31489317
server-timing
cdn-cache; desc=HIT, edge; dur=18, ak_p; desc="1692335033749_711167148_17610098_1940_9677_184_0_146";dur=1
content-length
626
expires
Fri, 16 Aug 2024 16:05:50 GMT
ad-choices-arrow.png
www.oregonlive.com/pf/resources/images/common/logos/ 		190 B
694 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.oregonlive.com/pf/resources/images/common/logos/ad-choices-arrow.png?d=1106
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.176 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-176.pacnet.net
Software
Akamai Image Manager /
Resource Hash
9ead871d27f3a0d803f4d6139feb2f2694d3a26c54fd6734f789a06aad0f5303
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

akamai-true-ttl
31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 18 Aug 2023 05:03:53 GMT
x-check-cacheable
YES
x-arc-request-id
0.ac8c632a.1692335033.10cb6b1
server-timing
cdn-cache; desc=HIT, edge; dur=3, ak_p; desc="1692335033923_711167148_17610417_427_11288_184_0_146";dur=1
content-length
190
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 17 Aug 2023 16:04:18 GMT
server
Akamai Image Manager
x-serial
809
etag
W/"c6e75cc6be8dcb2f2d1ab36209f3c3b7"
content-type
image/webp
access-control-allow-origin
*
cache-control
private, no-transform, max-age=31489190
expires
Fri, 16 Aug 2024 16:03:43 GMT
v2zrwiLW-achVplS3ys-fY6fLnX5yJM-xY5XAcs-tuqstRjN7A1etgL0
satisfycork.com/ 		64 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://satisfycork.com/v2zrwiLW-achVplS3ys-fY6fLnX5yJM-xY5XAcs-tuqstRjN7A1etgL0
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.169.226 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.169.160.34.bc.googleusercontent.com
Software
/
Resource Hash
322f142ce35a13ac012bf711dc8cbeaceb71ec8412210b78d35551400e901c33
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
via
1.1 google
date
Fri, 18 Aug 2023 05:03:54 GMT
x-datacenter
gce-asia-east1
etag
"74cd02343e3563cb1f6d12554766d352365ffac8fde5a0a2ebc64910b726c9a5"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-asia-east1-mx29
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
x-buildnumber
971037043
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sophi.min.js
cdn.sophi.io/advancelocal/ 		102 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.sophi.io/advancelocal/sophi.min.js
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.249.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-249-34.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b9afeb90db17ffa772a8bbc38f8ae37524ac4c0660dfc228f528cfe36a38d53d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 01:14:10 GMT
x-amz-version-id
.qZXsiAWjTa0yWFLcXE5U.grm2eEgIL7
content-encoding
br
last-modified
Mon, 27 Feb 2023 17:38:35 GMT
server
AmazonS3
via
1.1 66a1d049e76b3705fd453637d74c10dc.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN52-C2
x-amz-server-side-encryption
AES256
etag
W/"0915af152c652f927c398faa26e9904b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
age
13785
x-amz-cf-id
KOdo4htKnJ_3MEAHRtyvYGlcu3DBtdm0EBsXKYt5Rm-D8bAil5Oj3A==
al-oregonlive.segments.min.js
apps.sophi.io/latest/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apps.sophi.io/latest/al-oregonlive.segments.min.js
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-125.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a93dedd108ae410c46fc75f617609e111581aa7f90720c27ceb5206313758adc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
5x2IR7J0xkwIt3g4z.AO9yl7geO3_2Sr
content-encoding
gzip
via
1.1 d9b92c8e025d0ae3b9e15cd61fa52236.cloudfront.net (CloudFront)
date
Fri, 18 Aug 2023 05:03:36 GMT
last-modified
Thu, 09 Feb 2023 19:54:03 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-P1
age
19
x-amz-server-side-encryption
AES256
etag
W/"97f59f2fbc7ca0c69eafb22b7847c3c5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=0
x-amz-cf-id
ftG4GS4fxCXZSVC02YOlRJs3qA80Q6bXOA_81xu7f-lI1uImrm3LlA==
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.170.114 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b97b49ee323dbccf9a13f15fa3d93188d01681652d52b1ed40ad00c32dfb0513
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 18 Aug 2023 05:03:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
X1C0PY0lSDg1JSpsyFxfYA==
age
3123
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
6837
x-ms-lease-status
unlocked
last-modified
Thu, 17 Aug 2023 19:31:03 GMT
server
cloudflare
etag
0x8DB9F587E9B1B98
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
bef2d7ac-a01e-0054-6b43-d176d4000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7f879cebbbaca89e-SYD
ZJZ6B-5MMG4-NRYDS-PZZP3-UH9TA
s.go-mpulse.net/boomerang/ 		205 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.go-mpulse.net/boomerang/ZJZ6B-5MMG4-NRYDS-PZZP3-UH9TA
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.89.118.131 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-118-131.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:03:54 GMT
content-encoding
br
last-modified
Tue, 08 Aug 2023 16:38:31 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=604800
timing-allow-origin
*
content-length
50393
gtm.js
www.googletagmanager.com/ 		463 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PJ8XJM8
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
8da6cd8ebb2600b722aa58f0c47d111b68c2434f69fa30f686fad807a4734cb8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:03:54 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
131028
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 18 Aug 2023 05:03:54 GMT
chevron-white.svg
www.oregonlive.com/pf/resources/images/common/arrows/ 		864 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.oregonlive.com/pf/resources/images/common/arrows/chevron-white.svg?d=1106
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/pf/dist/components/combinations/default.css?d=1106
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.176 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-176.pacnet.net
Software
openresty /
Resource Hash
e19f6076815240b2afedf8033b0a2ccf200d3851f11df779d05f3c533560504d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/pf/dist/components/combinations/default.css?d=1106
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Fri, 18 Aug 2023 05:03:53 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
ORD52-C3
x-amz-server-side-encryption
AES256
x-arc-request-id
0.ac8c632a.1692335033.10cb6b2
server-timing
cdn-cache; desc=HIT, edge; dur=2, ak_p; desc="1692335033922_711167148_17610418_266_7796_184_0_219";dur=1
content-length
486
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 17 Aug 2023 14:59:30 GMT
server
openresty
etag
W/"691552a6377a1dfc9eeae87d6aeb8931"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
BFm829F7JWc8X6eWW_ygOiGQGM7mV7HGF7lSs5de2D3tVo1nro47ow==
expires
Sat, 17 Aug 2024 05:03:53 GMT
icon-bookmark.svg
www.oregonlive.com/pf/resources/images/common/icons/ 		923 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.oregonlive.com/pf/resources/images/common/icons/icon-bookmark.svg?d=1106
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/pf/dist/components/combinations/default.css?d=1106
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.176 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-176.pacnet.net
Software
openresty /
Resource Hash
e2dbdbfc9ef1ab5a177115fa45531f6229974e37ae5ec6562dc7a8d0208bee62
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/pf/dist/components/combinations/default.css?d=1106
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Fri, 18 Aug 2023 05:03:53 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
IAD79-C2
x-amz-server-side-encryption
AES256
x-arc-request-id
0.ac8c632a.1692335033.10cb6b3
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1692335033922_711167148_17610419_122_7697_184_0_146";dur=1
content-length
483
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 17 Aug 2023 14:59:30 GMT
server
openresty
etag
W/"a1d9fc562a5f53cae49af64cb9389107"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
dzDo9m8ojveelGfSnGae3LSiy6z8dbpV0rmSZB5KT-EGhUXPP9XmBg==
expires
Sat, 17 Aug 2024 05:03:53 GMT
icon-bookmarks.svg
www.oregonlive.com/pf/resources/images/common/icons/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.oregonlive.com/pf/resources/images/common/icons/icon-bookmarks.svg?d=1106
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/pf/dist/components/combinations/default.css?d=1106
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.176 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-176.pacnet.net
Software
openresty /
Resource Hash
ff048888d2deed4fd6b3bb53479d76447f4c7ba23295c9f9d40b095741f3fc2b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/pf/dist/components/combinations/default.css?d=1106
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Fri, 18 Aug 2023 05:03:53 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
JFK50-P2
x-amz-server-side-encryption
AES256
x-arc-request-id
0.ac8c632a.1692335033.10cb6b4
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1692335033922_711167148_17610420_88_7732_184_0_146";dur=1
content-length
800
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 17 Aug 2023 14:59:30 GMT
server
openresty
etag
W/"a0dc7c8223ace06a43c1edd08fa11fab"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
uzLPzX7lYsjRt_NqwtFxMEEeBY8MXemMchy5hdTEUoimd0813L7Spw==
expires
Sat, 17 Aug 2024 05:03:53 GMT
e2930f61-9d70-4270-994d-cc7ff49ba4d2.json
cdn.cookielaw.org/consent/e2930f61-9d70-4270-994d-cc7ff49ba4d2/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/e2930f61-9d70-4270-994d-cc7ff49ba4d2/e2930f61-9d70-4270-994d-cc7ff49ba4d2.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.170.114 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38903147ff1e9dc2a0bbcaca21cf98dae4cb131964fe3e5f33fd04275736ce2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 18 Aug 2023 05:03:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
15404
content-md5
X7K2P0toslqJdzUfuWJTVQ==
content-length
1806
x-ms-lease-status
unlocked
last-modified
Tue, 08 Aug 2023 17:57:31 GMT
server
cloudflare
etag
0x8DB9838F00D3718
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
5b57c009-101e-00a5-6721-ca6ff9000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7f879cef7b2fa86a-SYD
expires
Sat, 19 Aug 2023 05:03:54 GMT
dnsfeed
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 		86 B
264 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/dnsfeed
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/opt-out/iabCcpaIntegrationScript-noGAM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.29.38 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4db37df55d8f1152c4cc550d1696cfbf7923f4e608a621dc8550b7ebfca83095
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:03:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
cf-ray
7f879cef7949a823-SYD
vary
Accept-Encoding
content-type
text/javascript
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		98 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/pf/dist/components/combinations/default.js?d=1106
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
cafe /
Resource Hash
44499c8739ee606153376700597887f6713fca2575fd495ae61b3a82199fbb59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:03:55 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28941
x-xss-protection
0
server
cafe
etag
86 / 19587 / m202308100101 / config-hash: 7328467961731406261
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 18 Aug 2023 05:03:55 GMT
10071.js
micro.rubiconproject.com/prebid/dynamic/ 		492 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://micro.rubiconproject.com/prebid/dynamic/10071.js
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/pf/dist/components/combinations/default.js?d=1106
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.76.212.194 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-76-212-194.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4148184b349e7b92ef422b4df626288f7ac44b983d314c7abb554c2e33009656

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:03:54 GMT
content-encoding
gzip
server
Apache
vary
accept-encoding, referer
edge-cache-tag
prod-prebid-10071_OR_Desktop_Mobile.js
content-type
text/javascript
cache-control
public, must-revalidate, max-age=14400
content-length
143394
expires
Fri, 18 Aug 2023 13:51:26 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		246 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/pf/dist/components/combinations/default.js?d=1106
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.249.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-249-127.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
28168f094d3633fec225e7ecd9982c5405b51f2fceae610016b6ec9cc10606a9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 04:28:00 GMT
content-encoding
gzip
via
1.1 cebe7291f382f643e4ea2329a2d8016a.cloudfront.net (CloudFront), 1.1 265469026e8f406d053e31b75a003ea2.cloudfront.net (CloudFront)
last-modified
Thu, 10 Aug 2023 20:50:38 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2, SIN52-C3
age
2154
x-amz-server-side-encryption
AES256
etag
W/"93708b50a97059783aafdf3c6548167d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
bvQ1vS4zMRMl6k3HgjeD1ndnVv1OdFLQ6ZpjkqKdwLHRar2DvdQcug==
lt.min.js
tags.crwdcntrl.net/lt/c/965/ 		57 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/965/lt.min.js
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/pf/dist/components/combinations/default.js?d=1106
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.249.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-249-98.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5f05b942929ab03b8d85d83edf23bdd24aa08525250ac258ab7d336a59a7c218

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:40:00 GMT
content-encoding
gzip
via
1.1 5e9560902c947c0c0082c46d3ef672b8.cloudfront.net (CloudFront)
last-modified
Wed, 31 May 2023 18:37:44 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-C2
age
62655
x-amz-server-side-encryption
AES256
etag
W/"ac901da2bbf27137a2aed3a30a43bc22"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
GWbRAwU4mbntkLz2ZpZ_6JBvxqdQVoryV-FJqGHuWRn8KHmVGFe1Qw==
loader.js
cdn.taboola.com/libtrc/advance-network/ 		305 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/advance-network/loader.js
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
837542c6b69f567cd30739d8999c27f9baada489ea0b869ee8c08c3803a6209f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
ota1PLClc8xYHSUyooxKiS3mfvAaRzNF
content-encoding
gzip
via
1.1 varnish
date
Fri, 18 Aug 2023 05:03:54 GMT
x-amz-request-id
1YY686NDRNR8QKET
age
10795
x-amz-server-side-encryption
AES256
x-cache
HIT
x-from-cache
1
x-envoy-upstream-service-time
6
content-length
76139
x-amz-id-2
feC7ckLHxgahgIX91mOe++B8EIHc2KAqzOW/2+8FGtcB0DVTpY0XFcd7J8U8oUGikUZpz3RYCro=
x-served-by
cache-bfi-krnt7300100-BFI
last-modified
Thu, 17 Aug 2023 23:00:47 UTC
server
nginx
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1692335035.920844,VS0,VE0
etag
"5e3fa6eaba6cd14b31886fcb46ed1c7c44993bfa"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
abp
25
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
4
icon-menu-outline.svg
www.oregonlive.com/pf/resources/images/common/icons/ 		523 B
867 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.oregonlive.com/pf/resources/images/common/icons/icon-menu-outline.svg?d=1106
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/pf/dist/components/combinations/default.css?d=1106
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.176 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-176.pacnet.net
Software
openresty /
Resource Hash
3f5684bf5aa4a6eb5c9015394c8739dff39377a73adf72c30ba511d0ab5b50f3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.oregonlive.com/pf/dist/components/combinations/default.css?d=1106
Origin
https://www.oregonlive.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Fri, 18 Aug 2023 05:03:54 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
IAD79-C2
x-amz-server-side-encryption
AES256
x-arc-request-id
0.ac8c632a.1692335034.10cbaed
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1692335034461_711167148_17611501_57_11372_184_0_219";dur=1
content-length
278
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 17 Aug 2023 14:59:30 GMT
server
openresty
etag
W/"ef41b0e325b0902f9a8781e21cc20457"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, HEAD
content-type
image/svg+xml
access-control-allow-origin
*, *
cache-control
public, max-age=31536000
x-amz-cf-id
3pGavxcF70tCZSMoNUDKKMLjNavL4_B5SI_RZlrD7z-W5YYvhnUNqg==
expires
Sat, 17 Aug 2024 05:03:54 GMT
client
accounts.google.com/gsi/ 		194 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/client
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/pf/dist/components/combinations/default.js?d=1106
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.84 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f84.1e100.net
Software
ESF /
Resource Hash
67b40be10ffac90397c104e864d8a6ea43a9f59a441e0576fbf2b16edeea045e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ix8b4RMG86janGloYQpdaA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:03:55 GMT
content-security-policy
script-src 'report-sample' 'nonce-ix8b4RMG86janGloYQpdaA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Fri, 18 Aug 2023 05:03:55 GMT
skeleton.gif
static.adsafeprotected.com/ 		43 B
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif?adslot=yjvbku_728x90_
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-32.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 04:32:31 GMT
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via
1.1 bdc887cea2b02ccd10a15dd4a890c9c2.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN52-P1
age
433885
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
9s2fTitcmNvKR7Z7hfq-08Isx4KTIttPECn8x7MZh4YfwPrqYtCq8Q==
user-white.svg
www.oregonlive.com/pf/resources/images/common/icons/ 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.oregonlive.com/pf/resources/images/common/icons/user-white.svg?d=1106
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/pf/dist/components/combinations/default.css?d=1106
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.176 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-176.pacnet.net
Software
openresty /
Resource Hash
e6b7fa504c979ce53dc80798978eff98214cbcb20b7db259990c0632b7abe248
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/pf/dist/components/combinations/default.css?d=1106
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Fri, 18 Aug 2023 05:03:54 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
JFK50-P2
x-amz-server-side-encryption
AES256
x-arc-request-id
0.ac8c632a.1692335034.10cbb1c
server-timing
cdn-cache; desc=HIT, edge; dur=11, ak_p; desc="1692335034482_711167148_17611548_1135_10780_184_0_146";dur=1
content-length
2508
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 17 Aug 2023 14:59:30 GMT
server
openresty
etag
W/"fdc13d9553130cf8463df06e8ba5682d"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
RzxT7en3dFAOpr4sLMV0GvuxcNZ3oGQV3YPgzxegPWcvaM961W3DMA==
expires
Sat, 17 Aug 2024 05:03:54 GMT
tp2
ecollector-us-east.sophi.io/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ecollector-us-east.sophi.io/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.130.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a8fd921d2017b5f79.awsglobalaccelerator.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.oregonlive.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-allow-origin
https://www.oregonlive.com
access-control-max-age
600
content-length
0
date
Fri, 18 Aug 2023 05:03:55 GMT
server
nginx
tp2
ecollector-us-east.sophi.io/com.snowplowanalytics.snowplow/ 		2 B
225 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ecollector-us-east.sophi.io/com.snowplowanalytics.snowplow/tp2
Requested by
Host: cdn.sophi.io
URL: https://cdn.sophi.io/advancelocal/sophi.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.130.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a8fd921d2017b5f79.awsglobalaccelerator.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
https://www.oregonlive.com
date
Fri, 18 Aug 2023 05:03:55 GMT
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
server
nginx
content-length
2
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
tag.js
a.teads.tv/analytics/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/analytics/tag.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PJ8XJM8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.137.72 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-137-72.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fb0721ad92aff052c96e6a1b2cdb18c25c76041897126c03161c969ac2844804

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
q9b9clsZLLfdBtwdmheOfdbmJj61AqqK
date
Fri, 18 Aug 2023 05:03:55 GMT
content-encoding
br
last-modified
Wed, 16 Aug 2023 09:22:55 GMT
x-amz-request-id
49T14SP0DZJR3G1G
etag
"ee3af1e29ac1607ef3d41c515d1e05ad"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
private, max-age=3600
accept-ranges
bytes
content-length
3418
x-amz-id-2
5c2ZdiPsPxEJ9hZPR+qZofbwIb2EuK6gmEwgla0w12gAGrnsa0I0Aht3U2cQFJ+oQcyigz+NSQTkJYcA5Zx40Q==
script.js
a051.oregonlive.com/ 		139 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a051.oregonlive.com/script.js
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-112.sin5.r.cloudfront.net
Software
- /
Resource Hash
11f08bc0ed24c4b85ca08b55c13b3b3aa2ca53f67c6fd98041f05246380c0779
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:00:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 c38127ef40e972ba03fa4e269bbdb780.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
SIN5-C1
age
186
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
42758
x-xss-protection
1; mode=block
last-modified
Fri, 18 Aug 2023 04:59:33 GMT
server
-
etag
1e264e6d7f1c776a3daac76f6642e454
content-type
text/javascript; charset=utf-8
cache-control
public, no-cache="Set-Cookie", max-age=600
x-robots-tag
noindex, nofollow
x-amz-cf-id
dFrUkNxDoaIxk7meHLBacTeiWYFl-m4H0W0Myo8FkVYQyF-LRdDi3g==
expires
Fri, 18 Aug 2023 05:10:49 GMT
126006X1587347.skimlinks.js
s.skimresources.com/js/ 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.skimresources.com/js/126006X1587347.skimlinks.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PJ8XJM8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
AmazonS3 /
Resource Hash
385a7f805b688c9ffe8b59f1e96d9dca64274e928538ddf9e302f96551288f54

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:03:55 GMT
content-encoding
gzip
last-modified
Mon, 12 Jun 2023 15:02:06 GMT
server
AmazonS3
x-amz-request-id
2C3ZJFM77FN5T6C9
etag
"d7939e6be6e41af21a1fbd1078ad0d0b"
x-hw
1692335035.cds210.sy2.hn,1692335035.cds015.sy2.c
content-type
application/octet-stream
cache-control
max-age=3600
accept-ranges
bytes
content-length
14015
x-amz-id-2
yH5ZzQ39QA4Vl1hCAByL5B4g5WosSD5kZ1u7F/xYRtI3VEwZwROYiQ7gW7mLyBCV6uOedTUwsUU=
ats.js
ats-wrapper.privacymanager.io/ats-modules/f4105e35-d596-4694-b9a4-ed81ae9873a1/ 		170 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats-wrapper.privacymanager.io/ats-modules/f4105e35-d596-4694-b9a4-ed81ae9873a1/ats.js
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-128.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eda9564c974e50e218b053250d32a0e164218ed2a8b4a17082e864c69de47802

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
zeLJ4GdTgGIR370ejJzMsAKjl_UhZEgh
content-encoding
gzip
via
1.1 4ac3d01dc034ade34c90e81091421c76.cloudfront.net (CloudFront)
date
Fri, 18 Aug 2023 04:10:19 GMT
last-modified
Thu, 17 Aug 2023 12:01:23 GMT
server
AmazonS3
x-amz-cf-pop
SIN5-C1
age
3296
x-amz-server-side-encryption
AES256
etag
W/"012b61b190412d4de535cc8e275b0641"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-id
UFGtXdlRYCrbJktkFJ4XOTE5qF35Hw6SwFbRI9KzL-wedTsQyc1Y3g==
moatheader.js
z.moatads.com/advanceddigitalheader640552616592/ 		242 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/advanceddigitalheader640552616592/moatheader.js
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.241.170 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-241-170.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
7a0abeb2041ae8220bd3d9bc68112383f9a03ab13379db7700834ab98d96e2d9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:03:55 GMT
content-encoding
gzip
last-modified
Thu, 17 Aug 2023 18:06:47 GMT
server
AmazonS3
x-amz-request-id
1680KMBVRDFYXYHM
etag
"3a74c63d21bf47370afda9135eb157d9"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=25371
accept-ranges
bytes
content-length
86670
x-amz-id-2
x5S6F+D0437Bexrys+s1SbfUc55OUGd8HT9aCjbtUaaN8q9IS+UDh4qWTAjyUkUhEDkNWdRGsJI=
swg.js
news.google.com/swg/js/v1/ 		200 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PJ8XJM8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f139.1e100.net
Software
sffe /
Resource Hash
293375f65666d51bd1356489abafa609e5a47750829b0956ae23ea60a47a60b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 04:29:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2078
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
59381
x-xss-protection
0
last-modified
Wed, 26 Jul 2023 18:06:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/javascript
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Fri, 18 Aug 2023 05:19:17 GMT
load
experience.tinypass.com/xbuilder/experience/ 		338 B
491 B 		Script
General
Check archive.org
Download Go to
Full URL
https://experience.tinypass.com/xbuilder/experience/load?aid=aUOJ4c05bh
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.182.177 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
464b98e4ec83bb60ad92bd76656277037d3548e44a7d1dcddec0c0a41ada20e6
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
date
Fri, 18 Aug 2023 05:03:55 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 18 Aug 2023 04:41:42 GMT
server
cloudflare
age
1333
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=1800
cf-ray
7f879cf5c8ff551b-SYD
alt-svc
h3=":443"; ma=86400
x-request-id
kpnm6zqngd
expires
Fri, 18 Aug 2023 05:33:55 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PJ8XJM8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f101.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 18 Aug 2023 05:03:40 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
16
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 18 Aug 2023 07:03:40 GMT
p.js
d1z2jf7jlzjs58.cloudfront.net/ 		930 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1z2jf7jlzjs58.cloudfront.net/p.js
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.18.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-18-49.sin5.r.cloudfront.net
Software
nginx /
Resource Hash
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 03:02:58 GMT
Via
1.1 bde90de775f830a27e211540ca659966.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
SIN5-C1
Age
7257
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
930
Pragma
public
Last-Modified
Wed, 06 May 2020 20:19:48 GMT
Server
nginx
ETag
"5eb31be4-3a2"
Content-Type
application/javascript
Cache-Control
max-age=86400, public
Accept-Ranges
bytes
X-Amz-Cf-Id
jMBn-_W0lZnIladf2p9ShLAV2yedntM2Jpmdz8hCdGOC6fGKM7H7Jg==
Expires
Sat, 19 Aug 2023 03:02:58 GMT
load.js
s.ntv.io/serve/ 		615 KB
163 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ntv.io/serve/load.js
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.241.81 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-241-81.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
7e8e0dd52fdad574552c3e7f492becb949de12a2936ddae55844807b3e80e90d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 05:03:56 GMT
Content-Encoding
gzip
x-amz-request-id
A3P8VB0W1VFB6Q4E
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
x-amz-id-2
a7BUrqkROIlLvplSDEkMjI+vDADeqg6saNiyTDYjIaVATmqbv3g8vgIRieWqnT9WkfqThVRMHkI=
Last-Modified
Thu, 17 Aug 2023 15:34:12 GMT
Server
AmazonS3
ETag
"db20caff20c655b418416921f457ce0c"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-75.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:04:52 GMT
content-encoding
gzip
via
1.1 1a02409761988e5f5317a9c2166b3050.cloudfront.net (CloudFront)
last-modified
Fri, 21 Jul 2023 22:21:17 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-C3
age
34042
x-amz-server-side-encryption
AES256
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
WpLE3TEB3Pp2DmoYzYzZwPkzVtYK6c0a6VHu5EeckLB56GX3OZVxrw==
pixel.js
www.redditstatic.com/ads/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:03:56 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
last-modified
Thu, 15 Jun 2023 20:49:59 GMT
server
snooserv
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag
"4a205643a240cb95fa82289d62b5af7e"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
application/javascript
cache-control
public, max-age=60
accept-ranges
bytes
content-length
7409
fbevents.js
connect.facebook.net/en_US/ 		173 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
ec140ae8baa4b61226d96beba9277a0072e45b805004b8ea983c5d43402aeb66
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 18 Aug 2023 05:03:56 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
47412
x-xss-protection
0
pragma
public
x-fb-debug
5+WzTY6s2I+CtPE4RKsefS2lgxyLLnhc7MNO2sNBEoJqpahrcGYP5Ut/MMLaTdULEx4/zHQzmsXx6S2F/Be/xw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics-1.5.12.min.js
cdn.keywee.co/dist/
Redirect Chain
  • https://cdn.keywee.co/dist/analytics.min.js
  • https://cdn.keywee.co/dist/analytics-1.5.12.min.js
22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.keywee.co/dist/analytics-1.5.12.min.js
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Server
52.84.251.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-52.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d29d84e698eb10452f97d8a6f249b73496beb844cef58e920e3832bd321d64a2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 09:11:00 GMT
content-encoding
gzip
via
1.1 0b3572829f6f42309f3adfa694398770.cloudfront.net (CloudFront)
last-modified
Mon, 28 Dec 2020 09:55:56 GMT
server
AmazonS3
x-amz-cf-pop
SIN5-C1
age
244377
etag
W/"13a05c433850fad0455e2ee1a1707eb0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=259200,public
x-amz-cf-id
8uU42fcEfE_m8hmx5sk-vxwO52gipKkRMysiFWkbdtkirWQ-Ck-K6g==

Redirect headers

date
Fri, 18 Aug 2023 02:38:46 GMT
via
1.1 0b3572829f6f42309f3adfa694398770.cloudfront.net (CloudFront)
server
AmazonS3
x-amz-cf-pop
SIN5-C1
age
8711
x-cache
Hit from cloudfront
location
/dist/analytics-1.5.12.min.js
content-length
0
x-amz-cf-id
coHZfcqIKje3gyasXuyQhA-7GHfXG_0f4ua8tOaOGdSKlGXuzsgtxQ==
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PJ8XJM8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.108.157 Tokyo, Japan, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:03:56 GMT
content-encoding
gzip
last-modified
Thu, 27 Oct 2022 18:08:41 GMT
etag
"32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15375
x-served-by
cache-iad-kcgs7200042-IAD, cache-tyo11967-TYO
insight.min.js
snap.licdn.com/li.lms-analytics/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PJ8XJM8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.192 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-192.pacnet.net
Software
/
Resource Hash
fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency
990, 990
date
Fri, 18 Aug 2023 05:03:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 24 Jul 2023 09:07:54 GMT
x-cdn
AKAM
x-edgeconnect-midmile-rtt
1, 4
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=49652
accept-ranges
bytes
content-length
4862
spm.v1.min.js
ak.sail-horizon.com/spm/ 		98 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ak.sail-horizon.com/spm/spm.v1.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PJ8XJM8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-74.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8c67d47496a8af1f4c99a350ababf131661cf111a02460c5e9f6d9539db481c3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:01:38 GMT
content-encoding
gzip
via
1.1 1a95269c34e986ace2bf21962deb2db4.cloudfront.net (CloudFront)
last-modified
Wed, 28 Jun 2023 16:11:15 GMT
server
AmazonS3
x-amz-cf-pop
SIN5-C1
age
138
x-amz-server-side-encryption
AES256
etag
W/"6f6b3838a24066fc24338c58c675bb27"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=600; must-revalidate
x-amz-cf-id
TiroziNkpGIqfEkMuGUbNGx2GhfqAtoRtGmHPtcAM1KkoapiwZjD1w==
advance_417d9_oregon.js
cdn-magiclinks.trackonomics.net/client/static/v2/ 		95 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-magiclinks.trackonomics.net/client/static/v2/advance_417d9_oregon.js
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-88.sin52.r.cloudfront.net
Software
Apache/2.4.34 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.8 /
Resource Hash
a87ef79face3a1a1e6562ef5e6c1c180aa81d286778b8b64b668bb7562aabb7f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 21:35:58 GMT
content-encoding
gzip
via
1.1 574ab88ff85f4ad30dd2d3a36c2bab20.cloudfront.net (CloudFront)
last-modified
Tue, 28 Jun 2022 12:32:55 GMT
server
Apache/2.4.34 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.8
x-amz-cf-pop
SIN52-P1
age
26879
etag
W/"17d93-5e2813c6ce220"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
access-control-allow-origin
*
x-amz-cf-id
6pC0-09NRB1U5_vqFq6CKUILclgwT83Ak7edSrxqhXNz720AqDh3sQ==
v2
z-na.associates-amazon.com/onetag/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z-na.associates-amazon.com/onetag/v2?MarketPlace=US&instanceId=b15b987f-f5f5-4eb9-b883-884f1f3a7702
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PJ8XJM8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.66.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-66-79.sin52.r.cloudfront.net
Software
Server /
Resource Hash
0a4ab1dd16d5540e47bf0f752df56a0b928bfa95d911e767db1c1a542f93b94a
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:03:57 GMT
content-encoding
gzip
accept-charset
UTF-8
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 1cd5c12ec5c5433e14b730e0a6a2276c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
SIN52-P1
x-amz-rid
H6T276GPB2Y9B90XAJ7X
vary
accept-encoding,Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript
access-control-allow-origin
*
x-amz-cf-id
XdOJBMT5ZhVGPhg5vMX0fmYuFYOZuUI0MX4O0v1uh-7_YUKqkLzYnQ==
ml.br.js
js.matheranalytics.com/static/ltm/ma63527/all/15/
Redirect Chain
  • https://js.matheranalytics.com/s/ma63527/484602609/all/ml.js?cb=1632
  • https://js.matheranalytics.com/static/ltm/ma63527/all/15/ml.br.js
142 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.matheranalytics.com/static/ltm/ma63527/all/15/ml.br.js
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Server
107.178.250.234 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
234.250.178.107.bc.googleusercontent.com
Software
nginx /
Resource Hash
68b5df8a16ee7bbfd4789f8533b7f9882f9095625a8be1f56e352bc10710484d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:21:21 GMT
content-encoding
br
via
1.1 google
last-modified
Wed, 07 Apr 2021 17:41:03 GMT
server
nginx
age
63755
etag
"8be38a11960c372ea9c4119961294047"
vary
Accept-Encoding
x-cache
HIT Sun, 18 Dec 2022 05:20:39 GMT
content-type
application/x-javascript
cache-control
public,max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42243

Redirect headers

date
Fri, 18 Aug 2023 05:03:56 GMT
via
1.1 google
server
nginx
vary
Accept-Encoding
location
https://js.matheranalytics.com/static/ltm/ma63527/all/15/ml.br.js
cache-control
public, max-age=269200
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-served-by
5-gc-uswest1-t41p1018
js
www.googletagmanager.com/gtag/ 		234 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-PWR1T65GXN&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PJ8XJM8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
4def2d299d9f9eede33180e33f85280a37054c22f3d8bf30d23a998a673939e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:03:54 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83185
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 18 Aug 2023 05:03:54 GMT
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		77 B
324 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.29.38 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22b95f2e160d8ec135358ce824808f0fe21b7f4dbc59ade7cc46bba981244990
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:03:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
7f879cf379ceaad7-SYD
access-control-allow-headers
Content-Type
set
privacy.crwdcntrl.net/consent/ 		301 B
579 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://privacy.crwdcntrl.net/consent/set?ct=skip&ca=1&ccd=1&cds=1&cta=1&c=965
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/965/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.169.66.86 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-169-66-86.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
e8a4bb6fa3f1e6e95bd0d99442548109c7c30937d9736d43e962cecdcf2989ea

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 05:03:55 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.oregonlive.com
cache-control
no-cache
x-server
10.42.25.251
access-control-allow-credentials
true
content-length
301
expires
0
data
bcp.crwdcntrl.net/6/ 		725 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/965/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.74.67.35 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-67-35.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
98c4cca1205b8a44c4680d22d824c9f004ac1bd61ebfbc1d1ca9dde5e196b964

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 05:03:55 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.oregonlive.com
cache-control
no-cache
x-server
10.42.30.112
access-control-allow-credentials
true
content-length
725
expires
0
config.json
c.go-mpulse.net/api/ 		51 B
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.go-mpulse.net/api/config.json?key=ZJZ6B-5MMG4-NRYDS-PZZP3-UH9TA&d=www.oregonlive.com&t=5641117&v=1.720.0&sl=0&si=90835bce-2a33-4f6c-8337-d5337ba83b18-rzkm2e&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=468264
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/ZJZ6B-5MMG4-NRYDS-PZZP3-UH9TA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
184.51.136.140 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-136-140.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
81f033d5ee2c8d5d5933e4ad5ef80dbfc94e84fc10c50ee249409d123d27090c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 18 Aug 2023 05:03:56 GMT
Cache-Control
private, max-age=120, stale-while-revalidate=60, stale-if-error=120
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
51
Content-Type
application/json
config
c.amazon-adsystem.com/cdn/prod/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3178&u=https%3A%2F%2Fwww.oregonlive.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.249.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-249-127.sin52.r.cloudfront.net
Software
Server /
Resource Hash
9a2fec935a49dc9b8c69a9867c1762ef4e5d56b52e52b62c70a1fd09b9e67a1d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:03:54 GMT
via
1.1 265469026e8f406d053e31b75a003ea2.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
SIN52-C3
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.oregonlive.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
2451
x-amz-cf-id
i_S6ZwYcbkf3z-A3cZ3escKtT0c8E2DxGSeKq-N6kxJWsnQkT5seTA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.249.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-249-127.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
rBtfgJUMGYsy5fZuQwMAU7hSD.fVdF76
content-encoding
gzip
via
1.1 4107eb96660e4932c95658bc4727dd6c.cloudfront.net (CloudFront)
date
Fri, 18 Aug 2023 05:03:55 GMT
x-amz-cf-pop
SIN52-C3
age
13832
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Sat, 24 Jun 2023 09:19:11 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
_-bmI2lQ_alOyoczzztp9Shyuiy581OMqWlYN-pVulRT16C2jirvfA==
collect
www.google-analytics.com/g/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-PWR1T65GXN&gtm=45je38g0&_p=1442454486&cid=858605516.1692335035&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dt=Computers%20still%20down%20in%20Oregon%20county%20hit%20by%20cyberattack&dp=%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&dl=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&sid=1692335035&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1&ep.headline=computers%20still%20down%20in%20oregon%20county%20hit%20by%20cyberattack&ep.author=bamaap&ep.entry_id=CINFM3HB25GGDPLVS5QIEHJCOQ&ep.page_type=cal&ep.product=cal&ep.platform=desktop&ep.user_subscription_status=undefined&ep.ab_test_group_user=sub-group-c&ep.search_term=undefined&ep.targeting_codes=undefined&ep.targeting_codes2=undefined&ep.targeting_codes3=undefined&ep.targeting_codes4=undefined&ep.targeting_codes5=undefined&ep.targeting_codes6=undefined&ep.entry_tags=%40hp-top-stories&ep.referring_subdomain=undefined&ep.browser_cookie_region=undefined&epn.monthly_visit_number=1&ep.content_region=undefined&ep.content_topics=Defense%20and%20Cybersecurity&ep.blog_category=news&ep.section=News&ep.article_date_original=2020-01-30T00%3A07%3A33.935Z&ep.article_date_updated=2020-01-30T00%3A07%3A33.935Z&ep.entity_type=location%7Cperson%7Clocation&ep.entity_value=City%20Hall%7CGordon%20McCraw%7CTillamook%20County&ep.auxiliaries=undefined&ep.gigya_user_id=undefined&ep.usprivacy_cookie=undefined&ep.userid_flag=false&ep.targeting_codes7=undefined&ep.targeting_codes8=undefined&ep.targeting_codes9=undefined
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PWR1T65GXN&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f101.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 05:04:01 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.oregonlive.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
b73197f97df74b1ab89b10031510398530f14ad04acf7efc95c4
satisfycork.com/send/ 		284 B
796 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://satisfycork.com/send/b73197f97df74b1ab89b10031510398530f14ad04acf7efc95c4
Requested by
Host: satisfycork.com
URL: https://satisfycork.com/v2zrwiLW-achVplS3ys-fY6fLnX5yJM-xY5XAcs-tuqstRjN7A1etgL0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.169.226 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.169.160.34.bc.googleusercontent.com
Software
/
Resource Hash
09df9a62d101d9c0b6db0515d7d5c66378e56135f9eec0759bafd4d8c9728d25
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Fri, 18 Aug 2023 05:03:56 GMT
via
1.1 google
x-buildnumber
971037043
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
284
x-datacenter
gce-asia-east1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.oregonlive.com
x-hostname
fen-hoothoot-asia-east1-mx29
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Fri, 18 Aug 2023 05:03:54 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/ 		400 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
cafe /
Resource Hash
7c9bc2f87d1979394f62c69d6ebeb2ff4156ce5db46d5ee555c549a45a14d75c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 15:25:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
49124
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129087
x-xss-protection
0
server
cafe
etag
2193028555055074692
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 16 Aug 2024 15:25:11 GMT
tr5
cdn.taboola.com/libtrc/ 		3 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/tr5?abgroup=trecs-networks-panel_var
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-served-by
cache-bfi-krnt7300100-BFI
date
Fri, 18 Aug 2023 05:03:55 GMT
via
1.1 varnish
server
Varnish
x-timer
S1692335035.498894,VS0,VE0
x-cache
HIT
content-type
text/html
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
content-length
3
retry-after
0
x-cache-hits
0
load.js
pm-widget.taboola.com/advance-network/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pm-widget.taboola.com/advance-network/load.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/advance-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4a7d32c035ab85e9ac6bb5771e94299170e2e48288c27238266fa7605abef34c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
dJFxC_l2L7XHvPORTIvLSTBk52C3TEj3
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Fri, 18 Aug 2023 05:03:56 GMT
x-amz-request-id
S0850JRR2405RGA8
age
3086
x-cache
HIT, HIT
content-length
1225
x-amz-id-2
i2/1AQbR2ZyCRCuTQkPL38goFpIla5M5rzXIX+cSwvhJYcHsxvajd48yHofFSx/Id4pr68FEZYg=
x-served-by
cache-sjc10082-SJC, cache-bfi-krnt7300100-BFI
last-modified
Wed, 26 Apr 2023 10:26:00 GMT
server
AmazonS3
x-timer
S1692335037.609585,VS0,VE0
etag
"db5841b9f458e09b7da99dd1445de48b"
vary
Accept-Encoding,,
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-cache-hits
134922, 50
sync
gum.criteo.com/ 		46 B
288 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/advance-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:03:56 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
248716
expires
60
impl.20230808-32-RELEASE.js
cdn.taboola.com/libtrc/ 		799 KB
166 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20230808-32-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/advance-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
38759ef6c32f7fc3c68248fea58e28b5a668a734717b0a7d18f96a0a1c5edb9a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
2Odri6wDTcc5Cqk8y7Vo3CkLQ7O2tCb9
content-encoding
br
via
1.1 varnish
date
Fri, 18 Aug 2023 05:03:55 GMT
x-amz-request-id
1ZWS7PSZGWJ4TATP
age
1450
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
169195
x-amz-id-2
OJhFfVja474Jo5fZaaohrNpADbKiWTD6jHAIcwhOX858wBxpu6PUzitN967/WwFt1jJxELBR9ps=
x-served-by
cache-bfi-krnt7300100-BFI
last-modified
Tue, 08 Aug 2023 13:57:58 GMT
server
AmazonS3-br
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1692335036.512442,VS0,VE0
etag
"0177d3459beacf758e209957a267c1b8"
vary
Accept-Encoding
content-type
application/javascript
abp
60
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
2
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202307.1.0/ 		405 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202307.1.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.170.114 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71d07479f4b2b809e5769a352f4f55b84690289026ace7ed5395230002551a11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 18 Aug 2023 05:03:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
orDm7smwsr/pjTi/DOTSGQ==
age
28635
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
99815
x-ms-lease-status
unlocked
last-modified
Wed, 02 Aug 2023 03:24:04 GMT
server
cloudflare
etag
0x8DB9307EC3B2CDE
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
a7ed9111-701e-0095-7b03-c5b9d5000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7f879cf42b78a89e-SYD
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.76.223.160 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-76-223-160.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:03:57 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Fri, 18 Aug 2023 05:18:57 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.249.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-249-98.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6e91aaec2cb3510b97bb0655abdb08942dbefd617b169d0cd97b23fc48e68b2b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:35:12 GMT
content-encoding
gzip
via
1.1 5e9560902c947c0c0082c46d3ef672b8.cloudfront.net (CloudFront)
last-modified
Wed, 31 May 2023 20:34:15 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-C2
age
62924
x-amz-server-side-encryption
AES256
etag
W/"560498a44e7d42477433425cdafd6a16"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
i9YnmfQ-9tVNLNKg2n9JDJ_GLytQ-wDXBNq8kX9sFIbmMPAi-hEj4w==
ima.js
cdn-ima.33across.com/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ima.js
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.112 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e102f8fcda630190f1eaccad78339089dbdc4de850ac6bca7bd057db23d36e94

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:03:57 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 04 Aug 2023 18:38:36 GMT
server
cloudflare
age
44962
etag
W/"64cd45ac-60bb"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
7f879cfdc864a974-SYD
expires
Mon, 21 Aug 2023 05:03:57 GMT
id5-api.js
cdn.id5-sync.com/api/1.0/ 		111 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.53.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b73551c88d4f5b0cc444200144cd27f03b964ede84adeaed07eadfd2cad9d28
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:03:57 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 02 Aug 2023 11:32:19 GMT
server
cloudflare
x-amz-request-id
F3473X1PRSNSDYA3
age
2947
etag
W/"850654f90e2ec1863b605c4395898e58"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7f879cffa9d2a959-SYD
x-amz-id-2
rVJ7RyNaON0k4W13ZEBTVwC2qrFDQE2hATNgP4Mf9iJOQidPpsYMl1SlcxGR4QNyw2rCcYG7/fw=
lt.iframe.html
tags.crwdcntrl.net/lt/shared/2/ Frame B952 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=965
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/965/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.249.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-249-98.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a6af62ed047986e026099c3a3ba5135a44e07b3f4f5b84fc4a1ba62ee8b3daed

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
62924
cache-control
public, max-age=86400
content-encoding
gzip
content-type
text/html
date
Thu, 17 Aug 2023 11:35:12 GMT
etag
W/"ab50484458d62eef36ef1969b84da1b5"
last-modified
Tue, 25 Apr 2023 19:53:12 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 5e9560902c947c0c0082c46d3ef672b8.cloudfront.net (CloudFront)
x-amz-cf-id
cbhgFdSC5U8ir9_y5DNMTCgfhnelYervnV5Ev7h3vu8V69UTq0l9cw==
x-amz-cf-pop
SIN52-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cs
advancelocal.blueconic.net/DG/DEFAULT/ 		17 B
698 B 		Script
General
Check archive.org
Download Go to
Full URL
https://advancelocal.blueconic.net/DG/DEFAULT/cs?&callback=bc_json1072
Requested by
Host: a051.oregonlive.com
URL: https://a051.oregonlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.88.250.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-88-250-216.compute-1.amazonaws.com
Software
- /
Resource Hash
6b87f5f5372a30b741f7f44fff4b0f7743fc948ba7ac1ff8c79dd7f766f18a91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 05:03:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-permitted-cross-domain-policies
master-only
content-type
text/javascript; charset=utf-8
p3p
policyref="", CP="DSP"
cache-control
no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag
noindex, nofollow
content-length
37
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
10071-pbjs-floors.json
ads.rubiconproject.com/floors/ 		32 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/floors/10071-pbjs-floors.json
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.76.212.194 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-76-212-194.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
995bdec44ae607147a98afd2ac56e83666b266d7db6fffe9c11a18473c9fc9c1

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Aug 2023 05:03:56 GMT
content-encoding
gzip
last-modified
Fri, 18 Aug 2023 04:40:45 GMT
server
Apache
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=1500
access-control-allow-credentials
true
accept-ranges
bytes
content-length
3407
style
accounts.google.com/gsi/ 		533 B
585 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/style
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.84 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f84.1e100.net
Software
ESF /
Resource Hash
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-7blEHZlliZv7AKJGa0YNfQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:03:55 GMT
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-7blEHZlliZv7AKJGa0YNfQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
text/css; charset=utf-8
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Fri, 18 Aug 2023 05:03:55 GMT
status
accounts.google.com/gsi/ 		40 B
529 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/status?client_id=270265407129-joelins8ivkr7a8n4rsuan51lbqoatee.apps.googleusercontent.com&as=5JUov6UOCT9lNqDvTStP8A
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.84 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f84.1e100.net
Software
ESF /
Resource Hash
ef2d55e75b04456881144fc6cbad4d12a2c7e2f0e80b06124cc3a6abfd3b6bcb
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-GXNMlbLY5cqgllXYX-m-HA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:03:55 GMT
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-GXNMlbLY5cqgllXYX-m-HA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
x-content-type-options
nosniff
content-encoding
gzip
content-disposition
attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
server
ESF
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.oregonlive.com
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
geo.privacymanager.io/ 		31 B
608 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats-wrapper.privacymanager.io
URL: https://ats-wrapper.privacymanager.io/ats-modules/f4105e35-d596-4694-b9a4-ed81ae9873a1/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-129.sin5.r.cloudfront.net
Software
/
Resource Hash
9c68b2aacc269439681b9a0d2624d2473595c07e5a2500f191b9517f6a2aac24

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 23:17:40 GMT
via
1.1 a4e03b25c402f8e111eba098232bf16e.cloudfront.net (CloudFront), 1.1 b69cdfc59bad6747d764482ac620f776.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-C1, SIN5-C1
age
20776
x-amzn-requestid
6ebb838d-227b-43cb-85bf-a6fda9db1602
x-amzn-trace-id
Root=1-64deaa94-2a3467596ca5708d1dd9280d;Sampled=0;lineage=06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
J0-XQEvZjoEFQ8A=
content-length
31
x-amz-cf-id
x6GaeCh3z3kdDQL5t-gcLG6QbqFI4ecDyaW-lwLexQoxK71p7sl7Qg==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
en.json
cdn.cookielaw.org/consent/e2930f61-9d70-4270-994d-cc7ff49ba4d2/57213931-6615-4f7a-8be2-3cb808916014/ 		307 KB
43 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/e2930f61-9d70-4270-994d-cc7ff49ba4d2/57213931-6615-4f7a-8be2-3cb808916014/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202307.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.170.114 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e233e12cbd403cd9d72fc958ead1c350d343605eaec4d350df6f6faac7d66432
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 18 Aug 2023 05:03:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
15380
content-md5
jEPDu830yYsYCfIqjriJvw==
content-length
43401
x-ms-lease-status
unlocked
last-modified
Tue, 08 Aug 2023 17:57:36 GMT
server
cloudflare
etag
0x8DB9838F3015029
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
4a38288b-301e-000b-5d21-cac2e8000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7f879cf5b8e7a86a-SYD
expires
Sat, 19 Aug 2023 05:03:55 GMT
fpc
at.teads.tv/ 		56 B
243 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://at.teads.tv/fpc?analytics_tag_id=PUB_11014&tfpvi=&gdpr_status=22&gdpr_reason=220&gdpr_consent=&ccpa_consent=&shared_ids=&sv=471b531&
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/analytics/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.137.72 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-137-72.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
36af4d6b8a43be75eed0817eb25ec5058491035a2f4f5d75099a42bd78f781c3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 05:03:55 GMT
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.oregonlive.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
56
expires
Fri, 18 Aug 2023 05:03:55 GMT
robots.txt
t.skimresources.com/api/v2/ Frame BAA3 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.4417484203577249
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.10 aiohttp/3.8.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:03:56 GMT
via
1.1 google
cache-control
private, no-store
server
Python/3.10 aiohttp/3.8.4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain charset=UTF-8
px.gif
p.skimresources.com/ 		43 B
276 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.skimresources.com/px.gif?ch=1&rn=8.720590686889746
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
date
Fri, 18 Aug 2023 05:03:57 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
px.gif
p.skimresources.com/ 		43 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.skimresources.com/px.gif?ch=2&rn=8.720590686889746
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
date
Fri, 18 Aug 2023 05:03:57 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
/
r.skimresources.com/api/ 		150 B
376 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.skimresources.com/api/
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/126006X1587347.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
101.59.190.35.bc.googleusercontent.com
Software
openresty/1.19.9.1 /
Resource Hash
f6e49c08a216275180a3a9599b0a2dad341ce94fc6a7209a134bca201f3922a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 18 Aug 2023 05:03:56 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
gzip
server
openresty/1.19.9.1
via
1.1 google
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.oregonlive.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixels
bcp.crwdcntrl.net/ Frame E0B6 		914 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/pixels?s=136%2C86%2C61%2C14%2C12%2C125&c=965&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=965
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.74.67.35 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-67-35.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
0043eab00893c94eda0188c1771212fa934b755f7d7e4a325d2085426084979b

Request headers

Referer
https://tags.crwdcntrl.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-cache
content-length
914
content-type
text/html
date
Fri, 18 Aug 2023 05:03:55 GMT
expires
0
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma
no-cache
server
Jetty(9.4.38.v20210224)
x-server
10.42.23.65
otGPP.js
cdn.cookielaw.org/scripttemplates/202307.1.0/ 		57 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202307.1.0/otGPP.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202307.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.170.114 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9f7230a2e07d0f3bcae9b22155a91cb0323bb0dc646d8b6b52a147aead1956c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 18 Aug 2023 05:03:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
aTAVNql72eT0tFw+mRMlfA==
age
56356
x-ms-lease-status
unlocked
last-modified
Wed, 02 Aug 2023 03:24:08 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
2fa9c148-601e-00ec-11fb-c4d09f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
7f879cf68ddea89e-SYD
tinypass.min.js
cdn.tinypass.com/api/ 		353 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tinypass.com/api/tinypass.min.js
Requested by
Host: experience.tinypass.com
URL: https://experience.tinypass.com/xbuilder/experience/load?aid=aUOJ4c05bh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.182.177 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4dbc2eae03ca4226fc3d257599eefc3b4867a581725ae4e1d7845a11f784786
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:03:57 GMT
x-amz-version-id
o7LEoQhg2j80ke.JcbOSxlNPTqD6sKdW
content-encoding
br
cf-cache-status
HIT
strict-transport-security
max-age=86400; includeSubDomains
x-amz-request-id
BCH48PR5VPVVNC3J
age
7299
x-amz-server-side-encryption
AES256
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=86400
x-amz-id-2
Ij5/9n4UrTkSKve/tzwK/m7t6iiaLS/xoV5TrBlniKxPCO4CaAUx2C3BshGmHl8FpS7U9ivThFQ=
last-modified
Mon, 14 Aug 2023 09:57:02 GMT
server
cloudflare
etag
W/"131add1ff0f42a5786f44982ecb16d46"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
7f879cfe4f37551b-SYD
expires
Fri, 18 Aug 2023 09:03:57 GMT
%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%223178%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat...
aax.amazon-adsystem.com/x/px/p/PH/ 		43 B
308 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%223178%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat%22%3A%22started%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fwww.oregonlive.com%252Fnews%252F2020%252F01%252Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html%22%2C%22lv%22%3A%2223.725.1446%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.96.216 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-96-216.sin2.r.cloudfront.net
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 05:03:56 GMT
via
1.1 de07fad430c1bc86fd21b4e969faf29c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
no-cache
content-length
43
x-amz-cf-id
D4eOnrg7KDgO_dgqLhKaOuTOFgs908SAmWvY7NkXbB7Hidh2qsQvUg==
%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%223178%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat...
aax.amazon-adsystem.com/x/px/p/PH/ 		43 B
307 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%223178%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat%22%3A%22started%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fwww.oregonlive.com%252Fnews%252F2020%252F01%252Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html%22%2C%22lv%22%3A%2223.725.1446%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.96.216 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-96-216.sin2.r.cloudfront.net
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 05:03:56 GMT
via
1.1 de07fad430c1bc86fd21b4e969faf29c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
no-cache
content-length
43
x-amz-cf-id
y84i0L07mGsYjOPIgE_aeBNSc1hloAkxSlbuM3Ja0iYfQHML_ApBHg==
bid
aax.amazon-adsystem.com/e/dtb/ 		149 B
485 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3178&u=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&pid=UJIW8tlyrDw2f&cb=0&ws=1600x1200&v=23.725.1446&t=1500&slots=%5B%7B%22sd%22%3A%22topRail-Below-Flex%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%2C%22970x90%22%5D%2C%22sn%22%3A%22Advance_OR_ATF_DESKTOP%22%7D%2C%7B%22sd%22%3A%22rightRail-Top-300xFlex%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22Advance_OR_ATF_DESKTOP%22%7D%2C%7B%22sd%22%3A%22rightRail-Bottom-300xFlex%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22Advance_OR_BTF_DESKTOP%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22lotame%22%3A%22081c00a15d0180ed94e248888e4916d53938e9716699b50234e936fa923fae2a%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.96.216 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-96-216.sin2.r.cloudfront.net
Software
Server /
Resource Hash
8dbcfe068ad41e21ad7d62745c57ac57c8b7b8caea4ae34ba1ecf9f69baa983e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:03:56 GMT
via
1.1 87c4d73b5ac2faa4ca336ce968e1aa1a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.oregonlive.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
149
x-amz-cf-id
azPYYJ9Ug3amE1Nody6ZBPSfSQFQjN-0Nv7fXVZ9qmeNQkZt6_vTSA==
%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%223178%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat...
aax.amazon-adsystem.com/x/px/p/PH/ 		43 B
308 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%223178%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat%22%3A%22cancelled%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fwww.oregonlive.com%252Fnews%252F2020%252F01%252Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html%22%2C%22lv%22%3A%2223.725.1446%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.96.216 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-96-216.sin2.r.cloudfront.net
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 05:03:55 GMT
via
1.1 de07fad430c1bc86fd21b4e969faf29c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
no-cache
content-length
43
x-amz-cf-id
hEKkyavYCOaQ-PyVScE435DKdWLdtXH09o5pFcdLg89ZpzBoXMr7ew==
%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%223178%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat...
aax.amazon-adsystem.com/x/px/p/PH/ 		43 B
309 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%223178%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat%22%3A%22cancelled%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fwww.oregonlive.com%252Fnews%252F2020%252F01%252Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html%22%2C%22lv%22%3A%2223.725.1446%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.96.216 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-96-216.sin2.r.cloudfront.net
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 05:03:56 GMT
via
1.1 de07fad430c1bc86fd21b4e969faf29c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
no-cache
content-length
43
x-amz-cf-id
lYy-Hx-PvJSzGSomUdmRzE3IcbSCvj801H2dL39wyMWlrz_g5ebi6w==
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 17:24:06 GMT
content-encoding
gzip
age
1769991
x-guploader-uploadid
ADPycdsJpfkq5br9sLBg2UrU2kLZa_xJwCtecUlvnv6mejy7q64RSuGCpiYKStdCYi9xQfgXiOM_0louXUe4otB99X3Mbg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Sat, 27 Jul 2024 17:24:06 GMT
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:03:57 GMT
via
1.1 google, 1.1 google
last-modified
Thu, 03 Aug 2023 03:28:51 GMT
server
Google Frontend
etag
fc4e6bfe266081c4873c6f08c8298e5c
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
59bc9c888785a4b21638ae2f23bb38b6
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1207
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.33.92.130 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-92-130.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
null
Date
Fri, 18 Aug 2023 01:38:11 GMT
Via
1.1 cebe7291f382f643e4ea2329a2d8016a.cloudfront.net (CloudFront)
Last-Modified
Thu, 04 May 2023 00:14:06 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SIN2-P2
Age
12347
x-amz-server-side-encryption
AES256
ETag
"4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1858
X-Amz-Cf-Id
cNTPZ1L8uAHVB1QCKEGxZHDmZCU0oH87NJ4EuZuEekgKqBj0RGKhdg==
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.249.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-249-98.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:35:11 GMT
content-encoding
gzip
via
1.1 5e9560902c947c0c0082c46d3ef672b8.cloudfront.net (CloudFront)
last-modified
Wed, 31 May 2023 20:34:33 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-C2
age
62926
x-amz-server-side-encryption
AES256
etag
W/"550ead3a95bd6cfcd917d45c5f8f4553"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
0XLrF9xO8G8ap7c4h7bFsk372Wqp-MsLsRAzNM2-9_eSVw2H2pp5gQ==
ob.js
cdn-ima.33across.com/ 		40 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ob.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.112 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41fd4ed5ad93e39cd84d043e905e66e3bbb9dbb50cf2d7bbf68bfeef79f3d3cc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:03:57 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 04 Aug 2023 18:38:49 GMT
server
cloudflare
age
44966
etag
W/"64cd45b9-a13f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
7f879cfeda32a974-SYD
expires
Mon, 21 Aug 2023 05:03:57 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		803 B
806 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=398669120220532&correlator=2020680854370950&output=ldjh&gdfp_req=1&vrg=202308100101&ptt=17&impl=fifs&iu_parts=344101295%2COR%2Cwww.oregonlive.com%2Cnews&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=320x50&fluid=height&ifi=1&didk=3491045196&sfv=1-0-40&fsbs=1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1692335035964&lmt=1692306232&adxs=0&adys=174&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&frm=20&vis=1&psz=1600x154&msz=1600x0&fws=0&ohw=0&ga_vid=858605516.1692335035&ga_sid=1692335036&ga_hid=1442454486&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYtayduKAxSABSAghkEhsKDDMzYWNyb3NzLmNvbRi1rJ24oDFIAFICCGQSFAoFb3BlbngYtayduKAxSABSAghkEhkKCnVpZGFwaS5jb20YtayduKAxSABSAghkEjQKCnB1YmNpZC5vcmcSJGQyNWJiZGU2LTljZDAtNGQ2MC1iYTZlLWViNjMyOTJlMWRhMFgB&dlt=1692335032993&idt=2902&prev_scp=rg_adslot%3DTopRail_Sponsor%26rg_atf%3Dtrue%26rg_iab%3Dfalse%26rg_counter%3D1%26rg_gpid%3Ddesktop-TopRail_Sponsor%26rg_pagetype%3Dcal%26rg_product%3Diabfalse%26rg_subex%3Dfalse&cust_params=ccaud%3Dc3688%252Cc3035%252Cc0333%252Cc3649%252Cc3699%252Cc3698%252Call%252Cc3695%252C9002%26rg_auth%3Dfalse%26rg_sub%3Dfalse%26rg_idl%3Dfalse%26tag%3Dhp-top-stories%26entryid%3DCINFM3HB25GGDPLVS5QIEHJCOQ%26author%3Dbamaap%26rg_product%3Dcal%26rg_aux%3D0%26rg_topic%3Dvn%26rg_pagetype%3Dcal%26rg_fbwv%3Dfalse%26rg_pv%3D1%26rg_cv%3D1%26rg_usp%3Dfalse%26rg_platform%3Ddesktop&adks=3784218088
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
cafe /
Resource Hash
beee485eb4cd26ff40efb272d8899ea615a5eaa57f86201a7545c73d75a12eee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:03:56 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
432
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.oregonlive.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
234794022749f960a58f52c6b5002407.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame AB8C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://234794022749f960a58f52c6b5002407.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 18 Aug 2023 05:03:56 GMT
expires
Sat, 17 Aug 2024 05:03:56 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
tp2
ecollector-us-east.sophi.io/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ecollector-us-east.sophi.io/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.130.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a8fd921d2017b5f79.awsglobalaccelerator.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.oregonlive.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-allow-origin
https://www.oregonlive.com
access-control-max-age
600
content-length
0
date
Fri, 18 Aug 2023 05:03:56 GMT
server
nginx
tp2
ecollector-us-east.sophi.io/com.snowplowanalytics.snowplow/ 		2 B
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ecollector-us-east.sophi.io/com.snowplowanalytics.snowplow/tp2
Requested by
Host: cdn.sophi.io
URL: https://cdn.sophi.io/advancelocal/sophi.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.130.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a8fd921d2017b5f79.awsglobalaccelerator.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
https://www.oregonlive.com
date
Fri, 18 Aug 2023 05:03:56 GMT
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
server
nginx
content-length
2
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
qmap
sync.crwdcntrl.net/ Frame E0B6
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&rd=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D240%26tp%3DPUBM%26tpid%3D%23PM_USER_ID%26gdpr%3D0
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&rd=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D240%26tp%3DPUBM%26tpid%3D%23PM_USER_ID%26gdpr%3D0&rdf=1
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=551EE106-756F-4E51-B29D-5D3D95B38A23&gdpr=0
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=551EE106-756F-4E51-B29D-5D3D95B38A23&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C86%2C61%2C14%2C12%2C125&c=965&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
54.169.66.86 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-169-66-86.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 05:03:56 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.6.145
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=551EE106-756F-4E51-B29D-5D3D95B38A23&gdpr=0
date
Fri, 18 Aug 2023 05:03:56 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
gdpr=0
sync.crwdcntrl.net/map/c=8157/tp=NLDN/tpid=41a191d8-5ae5-4a33-94c3-903e4621595e/ Frame E0B6
Redirect Chain
  • https://jadserve.postrelease.com/dmp/5?vk=4d9a01da34958f70238a20be8a904041/gdpr=0&ntv_r=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D8157%2Ftp%3DNLDN%2Ftpid%3DNTV_USER_ID%2Fgdpr%3D0
  • https://sync.crwdcntrl.net/map/c=8157/tp=NLDN/tpid=41a191d8-5ae5-4a33-94c3-903e4621595e/gdpr=0
49 B
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=8157/tp=NLDN/tpid=41a191d8-5ae5-4a33-94c3-903e4621595e/gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C86%2C61%2C14%2C12%2C125&c=965&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
54.169.66.86 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-169-66-86.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 05:03:56 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.31.9
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 05:03:56 GMT
server
nginx/1.12.2
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.crwdcntrl.net/map/c=8157/tp=NLDN/tpid=41a191d8-5ae5-4a33-94c3-903e4621595e/gdpr=0
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
expires
Mon, 1 Jan 1990 12:00:00 GMT
utsync.ashx
ml314.com/ Frame E0B6 		43 B
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ml314.com/utsync.ashx?eid=50146&et=0&fp=4d9a01da34958f70238a20be8a904041&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C86%2C61%2C14%2C12%2C125&c=965&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
236.234.111.34.bc.googleusercontent.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 05:03:55 GMT
via
1.1 google
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
0,Sat, 19 Aug 2023 01:03:56 GMT
382416.gif
idsync.rlcdn.com/ Frame E0B6 		42 B
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/382416.gif?partner_uid=4d9a01da34958f70238a20be8a904041&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C86%2C61%2C14%2C12%2C125&c=965&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:03:56 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
5907
tags.bluekai.com/site/ Frame E0B6 		62 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/5907?limit=0&id=1863df4136527e0a85257a92f89a776c
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C86%2C61%2C14%2C12%2C125&c=965&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.69.166.9 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-69-166-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Fri, 18 Aug 2023 05:03:56 GMT
content-length
62
content-type
image/gif
insync
thrtle.com/ Frame E0B6
Redirect Chain
  • https://thrtle.com/insync?vxii_pid=10014&gdpr=0&vxii_pdid=4d9a01da34958f70238a20be8a904041
  • https://thrtle.com/insync?gdpr=0&vxii_pdid=4d9a01da34958f70238a20be8a904041&vxii_pid=12&vxii_pid1=10014&vxii_rcid=8f0cb452-945b-4635-920a-a00e6e5ddaa8
43 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thrtle.com/insync?gdpr=0&vxii_pdid=4d9a01da34958f70238a20be8a904041&vxii_pid=12&vxii_pid1=10014&vxii_rcid=8f0cb452-945b-4635-920a-a00e6e5ddaa8
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C86%2C61%2C14%2C12%2C125&c=965&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
3.222.18.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-18-142.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

p3p
CP="NOI OUR BUS UNI COM NAV"
date
Fri, 18 Aug 2023 05:03:57 GMT
content-length
43
content-type
image/gif

Redirect headers

location
https://thrtle.com/insync?gdpr=0&vxii_pdid=4d9a01da34958f70238a20be8a904041&vxii_pid=12&vxii_pid1=10014&vxii_rcid=8f0cb452-945b-4635-920a-a00e6e5ddaa8
date
Fri, 18 Aug 2023 05:03:56 GMT
content-type
text/html; charset=utf-8
content-length
189
p3p
CP="NOI OUR BUS UNI COM NAV"
p.js
cdn.parsely.com/keys/oregonlive.com/ 		56 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.parsely.com/keys/oregonlive.com/p.js
Requested by
Host: d1z2jf7jlzjs58.cloudfront.net
URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.255.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-255-71.sin52.r.cloudfront.net
Software
nginx /
Resource Hash
2ab287922952332e11c86964b99d9b82bab8f35f3ab95dd32f13be8e06618342

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
public
date
Fri, 18 Aug 2023 02:50:20 GMT
content-encoding
gzip
via
1.1 bf37a08a8e52d3968f35ae1bb4eaae78.cloudfront.net (CloudFront)
last-modified
Wed, 29 Jun 2022 14:34:05 GMT
server
nginx
x-amz-cf-pop
SIN52-C3
age
8601
etag
W/"62bc62dd-df43"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400, public
x-amz-cf-id
rdR0IG2qUzz7n6-nD-Lz584EjiDb0M68wvGMkmzw3NXqXZ1hRDFDVg==
expires
Sat, 19 Aug 2023 02:40:36 GMT
otFlat.json
cdn.cookielaw.org/scripttemplates/202307.1.0/assets/ 		13 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202307.1.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202307.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.170.114 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 18 Aug 2023 05:03:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Ouu54lzG2wJaO/UHcdVWaA==
age
15354
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
3017
x-ms-lease-status
unlocked
last-modified
Wed, 02 Aug 2023 03:23:58 GMT
server
cloudflare
etag
0x8DB9307E8B8F39C
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
e6e5f645-201e-005a-7921-ca5f64000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7f879cf76a58a86a-SYD
otPcCenter.json
cdn.cookielaw.org/scripttemplates/202307.1.0/assets/v2/ 		61 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202307.1.0/assets/v2/otPcCenter.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202307.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.170.114 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d55ad3bc35664e6ce9dc3e6a71bb6d3a4c8fddeb6af1a195727c0361ddd92a2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 18 Aug 2023 05:03:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
lrjqvumkzLVMxa35AVJR4w==
age
15354
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
12544
x-ms-lease-status
unlocked
last-modified
Wed, 02 Aug 2023 03:24:00 GMT
server
cloudflare
etag
0x8DB9307EA0A6EFC
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
cc2371aa-401e-005c-2c21-ca6cdb000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7f879cf76a59a86a-SYD
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202307.1.0/assets/ 		21 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202307.1.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202307.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.170.114 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ed6388d56fc9f2044791e0559ab4a283381791e359dc2981449955e702de56d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 18 Aug 2023 05:03:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
/b68gAlvQhCuyX9fCPcDyg==
age
15354
x-ms-lease-status
unlocked
last-modified
Wed, 02 Aug 2023 03:24:08 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
0881c1a2-601e-004b-2c21-cac5d0000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
7f879cf76a5ba86a-SYD
json
trc.taboola.com/advance-oregon/trc/3/ 		40 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/advance-oregon/trc/3/json?llvl=2&tim=13%253A03%253A56.046&lti=trecs-networks-panel_var&pubit=n&t=1&data=%7B%22cmps%22%3A2%2C%22id%22%3A%2235524%22%2C%22sd%22%3A%22%22%2C%22ui%22%3A%22%22%2C%22ii%22%3A%22%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html%22%2C%22it%22%3A%22text%22%2C%22vi%22%3A1692335036041%2C%22cv%22%3A%2220230808-32-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html%22%2C%22qs%22%3A%22%22%2C%22bv%22%3A%220%22%2C%22btv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html%22%2C%22vpi%22%3A%22%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A5028%2C%22sde%22%3A%221.000%22%2C%22lt%22%3A%22trecs-networks-panel_var%22%2C%22nsid%22%3A%22advance-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22uip%22%3A%22Right%20Rail%20hybrid%20Thumbnails%22%2C%22orig_uip%22%3A%22Right%20Rail%20hybrid%20Thumbnails%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-rr%3Apub%3Dadvance-network%3Aabp%3D0%22%2C%22cd%22%3A1086.8%2C%22mw%22%3A300%7D%5D%2C%22pev%22%3A%2212625%22%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22cacheKey%22%3A%22text%3D%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html%2CRight%20Rail%20hybrid%20Thumbnails%3Dalternating-thumbnails-rr%3Apub%3Dadvance-network%3Aabp%3D0%22%2C%22_cn%22%3A%22tions_1%22%2C%22lbt%22%3A1691503120783%2C%22wc%22%3Atrue%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/advance-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
95d826b95c5c75cd83c684dc0fc903cb46275baf257d3821a9349939820a4370

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
596
date
Fri, 18 Aug 2023 05:03:56 GMT
content-encoding
gzip
via
1.1 varnish
x-fastly-to-nlb-rtt
48214
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-bfi-krnt7300100-BFI
x-log-content-encoding
gzip
server
nginx
x-timer
S1692335036.166912,VS0,VE596
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://www.oregonlive.com
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		0
0
prebid
prebid.media.net/rtb/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU211111
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
025e3bee82d067a6dc7c93d3458425c3c64417ddf0937d16001be40ca9c70fdb

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 05:03:56 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.oregonlive.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
406
alt-svc
clear
expires
Fri, 18 Aug 2023 05:03:56 GMT
1494814
display.bidder.taboola.com/OpenRTB/TaboolaHB/auction/ 		0
0
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
551 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=488360
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb96947492772b410ca9f76eca5676993ff2106479b70b2b8ab2342035d59cc7

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 05:03:56 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FkfKWiYD336Y6wj5Cv4OhpvhZnXCg2TutC12TTR0wUZCjucZbHIxGDVjUuW5JImTknFax87PpJZnoa945on0w%2Bio7PdZ0kBUfrAfPOnZ8bIreMWR1Fs6AVyB%2BSuYO%2BCqE%2FPVvjTG"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.oregonlive.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7f879cf8fdc4a88c-SYD
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
translator
hbopenbid.pubmatic.com/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.78 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.oregonlive.com
date
Fri, 18 Aug 2023 05:03:55 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
exchange.postrelease.com/ 		0
0
ot_guard_logo.svg
cdn.cookielaw.org/logos/static/ 		497 B
493 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202307.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.170.114 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 18 Aug 2023 05:03:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
tXyZydHjxQshFMbbBT1/8A==
age
8801
x-ms-lease-status
unlocked
last-modified
Thu, 17 Aug 2023 03:26:04 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
f27a876c-901e-0060-6514-d1451c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
7f879cf83b10a86a-SYD
FormLogo.jpg
cdn.cookielaw.org/logos/57316691-7a35-4427-b868-f6c059de9bc0/35656d81-562c-47ba-aff0-16edf448dab7/0d7a52a3-a02e-40a3-9489-b86dacb2590b/ 		89 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/57316691-7a35-4427-b868-f6c059de9bc0/35656d81-562c-47ba-aff0-16edf448dab7/0d7a52a3-a02e-40a3-9489-b86dacb2590b/FormLogo.jpg
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.170.114 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abb22177c1f36f82f451ba3b46fd96e4bc0f5b5ad510b15b4d5ec37fc1e9b7f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 18 Aug 2023 05:03:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
/VgjLzERih8MeSo4vme4Lw==
age
22116
content-length
90639
x-ms-lease-status
unlocked
cf-bgj
h2pri
last-modified
Thu, 06 Apr 2023 16:10:22 GMT
server
cloudflare
etag
0x8DB36B96CBA69F0
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
b338a7b8-001e-00de-6d24-80884f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7f879cf8482fa89e-SYD
powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/powered_by_logo.svg
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.170.114 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 18 Aug 2023 05:03:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
Y+c301RBZNK39PvKQWrIBw==
age
32937
x-ms-lease-status
unlocked
last-modified
Thu, 17 Aug 2023 03:26:05 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
54cacdb2-101e-000c-3835-d1ae8b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
7f879cf84830a89e-SYD
j
rp.liadm.com/
Redirect Chain
  • https://rp.liadm.com/j?dtstmp=1692335036193&se=e30&duid=4ba582fb2221--01h83gen8xktc15tdqmhqd5kny&pu=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-b...
  • https://rp.liadm.com/j?dtstmp=1692335036193&se=e30&duid=4ba582fb2221--01h83gen8xktc15tdqmhqd5kny&pu=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-b...
47 B
601 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rp.liadm.com/j?dtstmp=1692335036193&se=e30&duid=4ba582fb2221--01h83gen8xktc15tdqmhqd5kny&pu=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&wpn=prebid&n3pc=true
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Server
54.87.117.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-117-119.compute-1.amazonaws.com
Software
/
Resource Hash
9d502c34537154b36a83ce2118728102928b1fefc504781787c7d7ce4e6e04eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:03:57 GMT
x-pixel-event-id
9242b996-1dab-4133-9e73-4016bed03949
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
strict-transport-security
max-age=31536000; includeSubDomains
x-frame-options
DENY
vary
Origin
content-type
application/json
request-time
0
access-control-allow-origin
https://www.oregonlive.com
access-control-allow-credentials
true
trace-id
cba3769bd58e738d
content-length
47
x-xss-protection
1; mode=block

Redirect headers

date
Fri, 18 Aug 2023 05:03:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
vary
Origin
location
/j?dtstmp=1692335036193&se=e30&duid=4ba582fb2221--01h83gen8xktc15tdqmhqd5kny&pu=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&wpn=prebid&n3pc=true
access-control-allow-origin
https://www.oregonlive.com
request-time
0
access-control-allow-credentials
true
trace-id
83285b2fb8c01796
content-length
0
x-xss-protection
1; mode=block
page
t.skimresources.com/api/v2/ 		22 B
88 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.skimresources.com/api/v2/page
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/126006X1587347.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.10 aiohttp/3.8.4 /
Resource Hash
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 05:03:56 GMT
via
1.1 google
x-content-type-options
nosniff
server
Python/3.10 aiohttp/3.8.4
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8, application/javascript
access-control-allow-origin
https://www.oregonlive.com
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
content-length
22
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
link
t.skimresources.com/api/v2/ 		22 B
441 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.skimresources.com/api/v2/link
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/126006X1587347.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.10 aiohttp/3.8.4 /
Resource Hash
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 05:03:56 GMT
via
1.1 google
x-content-type-options
nosniff
server
Python/3.10 aiohttp/3.8.4
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8, application/javascript
access-control-allow-origin
https://www.oregonlive.com
warning
299 - "Deprecated API"
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
content-length
22
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=6034988&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1692335036218&ns_c=UTF-8&c3=&c4=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6034988&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1692335036218&ns_c=UTF-8&c3=&c4=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-i...
0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=6034988&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1692335036218&ns_c=UTF-8&c3=&c4=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&c7=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&c8=Computers%20still%20down%20in%20Oregon%20county%20hit%20by%20cyberattack%20-%20oregonlive.com&c9=
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Server
13.227.254.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-75.sin52.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:03:56 GMT
via
1.1 1a02409761988e5f5317a9c2166b3050.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
SIN52-C3
x-amz-cf-id
_xLJHoruCjGafQW7KcMYNxHf2UQS8IuqLxRlMquT3pakBxPRiwaJ5A==
x-cache
Miss from cloudfront

Redirect headers

date
Fri, 18 Aug 2023 05:03:56 GMT
via
1.1 1a02409761988e5f5317a9c2166b3050.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
SIN52-C3
x-cache
Miss from cloudfront
location
/b2?c1=2&c2=6034988&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1692335036218&ns_c=UTF-8&c3=&c4=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&c7=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&c8=Computers%20still%20down%20in%20Oregon%20county%20hit%20by%20cyberattack%20-%20oregonlive.com&c9=
content-length
0
x-amz-cf-id
ucs-IaSiKv51dU-D98RrElF3Z-MZ9S-sn6_n5T5OkGLwZg7yJ4QkRw==
publisher:getClientId
ampcid.google.com/v1/ 		78 B
445 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f102.1e100.net
Software
ESF /
Resource Hash
19c592819d340656421a0ca296e9564cbfbcb69228f56cef708c529fc16217ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Aug 2023 05:03:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.oregonlive.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
98
x-xss-protection
0
iframe.html
z.moatads.com/hd09824092/ Frame 1D20 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/hd09824092/iframe.html
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/advanceddigitalheader640552616592/moatheader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.241.170 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-241-170.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=385
content-length
1374
content-type
text/html
date
Fri, 18 Aug 2023 05:03:56 GMT
etag
"4a9cbc2e5bc164313dace42a58bef141"
last-modified
Tue, 26 Jan 2021 22:41:39 GMT
server
AmazonS3
unused62
8096267
x-amz-id-2
AW92nGU6bF0LbUIOluXNmPiqEKdvnJGAcXAfhAa2ALKEkNzp4ezBIlxRVobpNBqmmR8vH3vBHuo=
x-amz-request-id
6R6K0Z9K0SEV9T5J
swg-button.css
news.google.com/swg/js/v1/ 		21 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg-button.css
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f139.1e100.net
Software
sffe /
Resource Hash
2f46926d81be4472495e6dc6a8789d7fc9ffb6acb270b4f6462720e0332fe718
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 04:27:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2165
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6456
x-xss-protection
0
last-modified
Wed, 26 Apr 2023 21:11:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Fri, 18 Aug 2023 05:17:51 GMT
loader.svg
news.google.com/swg/js/v1/ 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/loader.svg
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f139.1e100.net
Software
sffe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:02:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
103
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1049
x-xss-protection
0
last-modified
Mon, 16 Mar 2020 18:14:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
image/svg+xml
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Fri, 18 Aug 2023 05:52:13 GMT
article
news.google.com/swg/_/api/v1/publication/oregonlive.com/ 		347 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/_/api/v1/publication/oregonlive.com/article
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f139.1e100.net
Software
ESF /
Resource Hash
9a36f13f90ae793f02dc53361f1ed74d0f650daf39db37077bcb5eadd9d1871a
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientHttp/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
text/plain, application/json
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:03:56 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientHttp/cspreport
content-encoding
gzip
content-disposition
attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-methods
GET, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.oregonlive.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
adsct
t.co/1/i/ 		43 B
379 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=b87c1082-0982-402d-9aa8-bcf08724e1c7&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=4542796f-98f3-446e-b3fa-9147b01ccb88&tw_document_href=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&tw_iframe_status=0&txn_id=o68v5&type=javascript&version=2.3.29
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.69 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_r /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-response-time
147
date
Fri, 18 Aug 2023 05:03:57 GMT
strict-transport-security
max-age=0
server
tsa_r
content-type
image/gif;charset=utf-8
x-transaction-id
9c585d3fe7e53d9e
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
831df69042e9e4f8dacf65041d8ff33ede22067d0ff79b2e2c9b36efa962e774
content-length
43
adsct
analytics.twitter.com/1/i/ 		43 B
726 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=b87c1082-0982-402d-9aa8-bcf08724e1c7&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=4542796f-98f3-446e-b3fa-9147b01ccb88&tw_document_href=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&tw_iframe_status=0&txn_id=o68v5&type=javascript&version=2.3.29
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.195 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_r /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-response-time
146
date
Fri, 18 Aug 2023 05:03:57 GMT
strict-transport-security
max-age=631138519
server
tsa_r
content-type
image/gif;charset=utf-8
x-transaction-id
8e100ac9f872648e
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
131bc86daf68f82f7fbfcaba70890bfc7f918d7acf73f4056796309467827dec
content-length
43
serviceiframe
news.google.com/swg/ui/v1/ Frame 22F7 		17 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/ui/v1/serviceiframe?_=1692335036643&sut=AVu%2FYL0ZZ0LuldqTCx77NVZRadtHUbYP3%2FR4%2FmAzPypkk5N16VIC9C04zrlGB1eOtVhDBFM9NXrq6cX07wNsbMmR62YTK59Mjhaga2cbD0wNEuQG&publicationId=oregonlive.com
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f139.1e100.net
Software
ESF /
Resource Hash
220f8e3e669171faa9238f7c50ade4aac8ab931226f2d5b9a8290dc4f4572b42
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-YlXlAq-gZ1XYBwe4RuNc-g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-YlXlAq-gZ1XYBwe4RuNc-g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
content-type
text/html; charset=utf-8
cross-origin-resource-policy
same-site
date
Fri, 18 Aug 2023 05:03:56 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-ua-compatible
IE=edge
x-xss-protection
0
rp.gif
alb.reddit.com/ 		42 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alb.reddit.com/rp.gif?ts=1692335036687&id=t2_19cd341q&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=e055f00a-46e6-40b3-903c-dabcdff0f676&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_f5bd31b2
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:03:58 GMT
via
1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server
Varnish
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
42
retry-after
0
rp.gif
alb.reddit.com/ 		42 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alb.reddit.com/rp.gif?ts=1692335036688&id=t2_19cd341q&event=ViewContent&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=e055f00a-46e6-40b3-903c-dabcdff0f676&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_f5bd31b2
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:03:58 GMT
via
1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server
Varnish
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
42
retry-after
0
iu3
s.amazon-adsystem.com/ Frame 3086
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5_an-db5
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5_an-db5&dcc=t
278 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5_an-db5&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
6dac963ce4b6ea77a29e061f58a5e72b6e16d651dba939be7c3db8761d1fc588
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
278
Content-Type
text/html;charset=ISO-8859-1
Date
Fri, 18 Aug 2023 05:03:58 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
9XZ92B59QM7XFSTXG9PK

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Fri, 18 Aug 2023 05:03:57 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5_an-db5&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
NJ1X367VNSTJQ1DFZ0F7
pmk-20220605.4.js
pm-widget.taboola.com/advance-network/ 		115 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pm-widget.taboola.com/advance-network/pmk-20220605.4.js
Requested by
Host: pm-widget.taboola.com
URL: https://pm-widget.taboola.com/advance-network/load.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f1b8adc02a4d09389f6e34a2bffe3d025063a96cacde18c17e5367053276ff53

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
ialWVQzAyQnqw7Gjdv4kHObVANgE2GOq
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Fri, 18 Aug 2023 05:03:57 GMT
x-amz-request-id
QJ9H48CATQBHZ8KA
age
9830275
x-cache
HIT, HIT
content-length
31823
x-amz-id-2
EEDokoS88YhjvmKD+rQoB3fy1I1detLi93JGJXtbVSCmQYv64+rPMQ4m4jItMYDxAbeJYHHKCiA=
x-served-by
cache-bur-kbur8200098-BUR, cache-bfi-krnt7300100-BFI
last-modified
Wed, 26 Apr 2023 10:25:59 GMT
server
AmazonS3
x-timer
S1692335038.662121,VS0,VE0
etag
"b2b8c8c940ad9c71d846912ab7ffac39"
vary
Accept-Encoding,,
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-cache-hits
26, 13670
77.js
cdn.keywee.co/config/ 		206 B
538 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.keywee.co/config/77.js
Requested by
Host: cdn.keywee.co
URL: https://cdn.keywee.co/dist/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-52.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1f552d1e06b3c5750ec6d77833864d18c63a360b482b5bb2b15712d37de2f9d7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:03:58 GMT
via
1.1 0b3572829f6f42309f3adfa694398770.cloudfront.net (CloudFront)
last-modified
Thu, 15 Nov 2018 09:08:29 GMT
server
AmazonS3
x-amz-cf-pop
SIN5-C1
etag
"307695c8eeb7478ce677eeb50a6d547b"
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=86400
content-length
206
x-amz-cf-id
4SEtJipIVtAMA5ipiDLgtZUCKtNcNpoDFrvVh4Xq2DmqoI_zikUkFQ==
simple
api.sail-personalize.com/v1/personalize/ 		288 B
494 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Requested by
Host: ak.sail-horizon.com
URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.154.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa7557bb34ea5624b.awsglobalaccelerator.com
Software
/
Resource Hash
a5878621832cf32209ecdacfda8d63767e4badffacc1903afc06f76a4d1141c5

Request headers

x-lib-version
v1.0.1
accept-language
en-AU,en;q=0.9
authorization
Bearer 472cc4c5b3684e572ca8b302c3cebb7a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
content-type
application/json
accept
application/json
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
x-referring-url
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 05:03:57 GMT
content-encoding
gzip
allowedorigins
*
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
allowedmethods
GET,OPTIONS
cache-control
no-store
access-control-allow-credentials
true
allowedheaders
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin
content-length
193
expires
-1
simple
api.sail-personalize.com/v1/personalize/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.154.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa7557bb34ea5624b.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-lib-version,x-referring-url
Access-Control-Request-Method
GET
Origin
https://www.oregonlive.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version,X-Referring-URL
access-control-allow-methods
OPTIONS,GET,POST,PUT,DELETE
access-control-allow-origin
https://www.oregonlive.com
access-control-max-age
1800
allow
HEAD,GET,OPTIONS
content-length
18
content-type
text/plain
date
Fri, 18 Aug 2023 05:03:57 GMT
cspreport
news.google.com/swg/_/SubscribewithgoogleClientUi/ Frame 22F7 		0
205 B 		Other
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/_/SubscribewithgoogleClientUi/cspreport
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f139.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport, script-src 'report-sample' 'nonce-Pr5n8793uhnJENi7Z_bRhA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/swg/ui/v1/serviceiframe?_=1692335036643&sut=AVu%2FYL0ZZ0LuldqTCx77NVZRadtHUbYP3%2FR4%2FmAzPypkk5N16VIC9C04zrlGB1eOtVhDBFM9NXrq6cX07wNsbMmR62YTK59Mjhaga2cbD0wNEuQG&publicationId=oregonlive.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Fri, 18 Aug 2023 05:03:56 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport, script-src 'report-sample' 'nonce-Pr5n8793uhnJENi7Z_bRhA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
m=serviceiframeview,_b,_tp,_r
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/ss/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.1zt8lTO7tLE.L.B1.O/am=AMBs/d=1/ed=1/rs=ABXTjI5lA1pG8SJfrqCkNfZ49fvsjp-nmQ/ Frame 22F7 		745 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/ss/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.1zt8lTO7tLE.L.B1.O/am=AMBs/d=1/ed=1/rs=ABXTjI5lA1pG8SJfrqCkNfZ49fvsjp-nmQ/m=serviceiframeview,_b,_tp,_r
Requested by
Host: news.google.com
URL: https://news.google.com/swg/ui/v1/serviceiframe?_=1692335036643&sut=AVu%2FYL0ZZ0LuldqTCx77NVZRadtHUbYP3%2FR4%2FmAzPypkk5N16VIC9C04zrlGB1eOtVhDBFM9NXrq6cX07wNsbMmR62YTK59Mjhaga2cbD0wNEuQG&publicationId=oregonlive.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f94.1e100.net
Software
sffe /
Resource Hash
e1132ef1a0e1e66eb253ec8a331ae9b3607499da22a7ed9e4f4a95d07835fd60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 09:01:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
72153
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
400
x-xss-protection
0
last-modified
Sat, 12 Aug 2023 00:56:04 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/css; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 16 Aug 2024 09:01:24 GMT
m=_b,_tp,_r
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.k9_XO8nUOPY.es5.O/am=AMBs/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs... Frame 22F7 		199 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.k9_XO8nUOPY.es5.O/am=AMBs/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI5DsgSGoSejK8CkHBPODqaADm3Z1Q/m=_b,_tp,_r
Requested by
Host: news.google.com
URL: https://news.google.com/swg/ui/v1/serviceiframe?_=1692335036643&sut=AVu%2FYL0ZZ0LuldqTCx77NVZRadtHUbYP3%2FR4%2FmAzPypkk5N16VIC9C04zrlGB1eOtVhDBFM9NXrq6cX07wNsbMmR62YTK59Mjhaga2cbD0wNEuQG&publicationId=oregonlive.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f94.1e100.net
Software
sffe /
Resource Hash
456929f1221605ea8ed04cd419a22b4aa55a2bfae080cdd05c7153edbf30dbe4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 23:48:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18904
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
71489
x-xss-protection
0
last-modified
Thu, 17 Aug 2023 02:53:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 16 Aug 2024 23:48:53 GMT
token
cdn.linkedin.oribi.io/partner/3252378/domain/oregonlive.com/ 		36 B
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.linkedin.oribi.io/partner/3252378/domain/oregonlive.com/token
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-44.sin5.r.cloudfront.net
Software
/
Resource Hash
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept
*
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 04:15:25 GMT
content-encoding
gzip
via
1.1 ae495479ab117e6473f411eb6dd0ba98.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN5-C1
age
2912
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=3600
x-amz-cf-id
0Bm-OB2ftP_R5c-d_eOybnALg0WaH9HtNZ78Pa0aQozw-86YO_DLuw==
collect
px.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1692335036900&url=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1692335036900&url=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html...
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3252378%26time%3D1692335036900%26url%3Dhttps%253A%252F%252Fwww.oregonlive.com%252...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1692335036900&url=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html...
0
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1692335036900&url=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&tm=gtmv2&cookiesTest=true&liSync=true
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:03:58 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 5EA16B0786184FEEB747D2D3339AA74A Ref B: SYD03EDGE1715 Ref C: 2023-08-18T05:03:59Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYDK3Ta+b9aWhinIuCdPw==

Redirect headers

strict-transport-security
max-age=31536000
content-security-policy
default-src 'none'; connect-src 'self' *.licdn.com *.linkedin.com cdn.linkedin.oribi.io dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ *.microsoft.com *.adnxs.com; script-src 'report-sample' 'sha256-SSoodjUD3LGm2FfFCVHGqEb8D4UM3OOigidT2UKDcYg=' 'sha256-cKTgdnmO6+hXd85a9wKg1effVfVzenUAtUCyOKY9bQE=' 'sha256-DwtT8+ZZKpxH9pqZNAmJ3GdbLAh5SsYaXR3omTXPCns=' 'sha256-sV9jZa797T0QWBzcU/CNd4tpBhTnh+TFdLnfjlitl28=' 'sha256-aa/Q8CRBDSqTQbCIyioPhZaz+G+dbPyu7BzsjInEmiU=' 'sha256-THuVhwbXPeTR0HszASqMOnIyxqEgvGyBwSPBKBF/iMc=' 'sha256-zTIusdVJJeXz9+iox2a+pdDglzbpRpFVRzEwvW4AONk=' 'sha256-iC8MPqNLw0FDnsBf4DlSkFLNTwhkI85aouiAEB819ic=' 'sha256-2EqrEvcPzl8c6/TSGVvaVMEe7lg700MAz/te4/3kTYY=' 'sha256-y5uW69VItKj51mcc7UD9qfptDVUqicZL+bItEpvVNDw=' 'sha256-DatsFGoJ8gFkzzxo47Ou76WZ+3QBPOQHtBu9p9b3DhA=' 'sha256-k95cyM8gFgPziZe5VQ2IvJvBUVyd5zFt2CokIUwqdHE=' 'sha256-PyCXNcEkzRWqbiNr087fizmiBBrq9O6GGD8eV3P09Ik=' 'sha256-2SQ55Erm3CPCb+k03EpNxU9bdV3XL9TnVTriDs7INZ4=' 'sha256-S/KSPe186K/1B0JEjbIXcCdpB97krdzX05S+dHnQjUs=' 'sha256-3RIGhhApBii1KY+aW1xk7kFyoQY8vSVE5DfT7E9SJUc=' 'sha256-9pXOIwF4N0gPltLd3AI69lkCjSC2H/Eb3sc5zdmUyYU=' 'sha256-jou6v/Nleyzoc+LXktAv1Fp8M807dVVxy7E/yzVljHc=' 'sha256-6E4e/3dSvj/8JZT2S2yR91mspqM6MyOpKl5lrhHsZa8=' 'sha256-3woF8BZ54TeXM+czaH3aXoaJsVpiamuAKFsXDykAR/Q=' 'sha256-vIfNcKb8ixJg1cfJIoNNYjWcm0lezj1/XpUNFiZyVsU=' 'sha256-cLsHUHFgT/VGX04cZrJ9xgm4HbzTR7ptutkxK+7BlMk=' 'sha256-BwU8jMnQYUhjOpsDVABpfddV/DlP1ZYrFcTumYw7x54=' 'sha256-wz6ika9i3WU3bpUPdhYDZeO/NrDQniDyiscN0LWnyaY=' 'sha256-wy4DvlEW9PHPIGvQJW6Wv4woBSa/0LJHs8LHsBVVXCs=' 'sha256-065A0cJTDQ+hyKvufSL/flW02hIbgLndOINLRWux6To=' 'sha256-Ga5SLB8hPdWUE8Wb6LgZ05D9Z5vrdLAaPbDBW2m3BI8=' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com snap.licdn.com; img-src data: blob: * android-webview-video-poster:; font-src data: *; style-src 'self' 'unsafe-inline' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; media-src 'self' *.licdn.com *.lynda.com; worker-src 'self' blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; frame-src 'self' www.youtube.com/embed/ www.youtube-nocookie.com/embed/ lnkd.demdex.net smartlock.google.com accounts.google.com player.vimeo.com *.linkedin.com www.slideshare.net *.megaphone.fm *.omny.fm *.sounder.fm msit.powerbi.com app.powerbi.com linkedin.github.io *.licdn.com *.adnxs.com acdn.adnxs-simple.com radar.cedexis.com; frame-ancestors 'self' *.www.linkedin.com:*; manifest-src 'self'; report-uri https://www.linkedin.com/security/csp?f=default
x-content-type-options
nosniff
date
Fri, 18 Aug 2023 05:03:58 GMT
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-length
0
x-li-uuid
AAYDK3TV84SEL2rXO1O+0w==
pragma
no-cache
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 7AABFB42F3AA404692E854C3E83AB602 Ref B: SYD03EDGE1715 Ref C: 2023-08-18T05:03:58Z
x-frame-options
sameorigin
x-li-fabric
prod-lva1
location
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1692335036900&url=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&tm=gtmv2&cookiesTest=true&liSync=true
cache-control
no-cache, no-store
x-li-proto
http/2
expires
Thu, 01 Jan 1970 00:00:00 GMT
120978121945017
connect.facebook.net/signals/config/ 		384 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/120978121945017?v=2.9.124&r=stable&domain=www.oregonlive.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
d38e29f69d23c1d50902b89f59c7b777384181f832b1540af2b6482dd79506d7
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 18 Aug 2023 05:03:57 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
111955
x-xss-protection
0
pragma
public
x-fb-debug
mZhujBxw/tD6q+z54aaySdaOhiOA+zAHFl4FgXjzYrGc5QNLJP4O/7kdx6LmOzjSLDGNBOyUD66Q2kJH5Fg6BA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/advance-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Origin
https://www.oregonlive.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding
gzip
via
1.1 varnish
date
Fri, 18 Aug 2023 05:03:57 GMT
x-amz-request-id
H94BPDMT0GC40804
age
3109
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1340
x-amz-id-2
MUayK/kuyynFztKIGTuxhlHWZcxelxmcGdfEGZnx1v3nNcWKE0jL+mrXZTfxBMXECRfXHrRogR0=
x-served-by
cache-bfi-kbfi7400050-BFI
last-modified
Wed, 12 Oct 2022 13:57:57 GMT
server
AmazonS3
x-timer
S1692335038.536860,VS0,VE0
etag
"383fa66d2a0a09f4a6e64a9593ad43bb"
vary
Accept-Encoding
content-type
application/javascript
abp
21
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
2302
fraud-detect.js
cdn.taboola.com/scripts/ 		121 B
574 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/fraud-detect.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/advance-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
392c32f20b9f867852a946a6ed1c5e21476df9619083548b6585d80a3b5f9bd4

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Origin
https://www.oregonlive.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
vOXBAr_FxKHpU348.XTQhP6DWnVyKple
content-encoding
gzip
via
1.1 varnish
date
Fri, 18 Aug 2023 05:03:57 GMT
x-amz-request-id
9D124TQA9YV10VW5
age
10938
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
125
x-amz-id-2
A357VfmFYTZRqXvVgPawFG252NqG8ripyWoHC+xfKR81j3ruYV3AssfLpXFOwBssqqA61G+5Y8g=
x-served-by
cache-bfi-kbfi7400050-BFI
last-modified
Thu, 15 Dec 2022 16:50:08 GMT
server
AmazonS3
x-timer
S1692335038.536901,VS0,VE0
etag
"f7a185d92ac2162dc0bc36c5d7ef7dfe"
vary
Accept-Encoding
content-type
application/javascript
abp
54
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
5530
eidf.es5.js
cdn.taboola.com/scripts/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/eidf.es5.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/advance-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Origin
https://www.oregonlive.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
3979WkHCSLO5cQCJAWoE4w7tW4Dv40AW
content-encoding
gzip
via
1.1 varnish
date
Fri, 18 Aug 2023 05:03:57 GMT
x-amz-request-id
7QVHJVW7E6E0DCW1
age
25849
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
6467
x-amz-id-2
p2frpG9oV4AoGr+oJkJV7aA3JRbCHyW0rMFyQoQYoKr8yZS+c8RvIjMb8grQkblAu7cV2flIVms=
x-served-by
cache-bfi-kbfi7400050-BFI
last-modified
Sun, 02 Apr 2023 13:49:08 GMT
server
AmazonS3
x-timer
S1692335038.536823,VS0,VE0
etag
"2fdf3e79d5e851201a0d52a886453d8b"
vary
Accept-Encoding
content-type
application/javascript
abp
19
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
22445
UnitInlineDesktop.min.js
vidstat.taboola.com/lite-unit/4.2.1/ 		123 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/4.2.1/UnitInlineDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230808-32-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
19321dec5dedc43260a72c8d0e06619c6ae9b0ddea7620d355f6f37663da3ed8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:03:57 GMT
via
1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
SEA73-P1
age
162739
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront, HIT
content-length
35038
x-served-by
cache-bfi-krnt7300100-BFI
last-modified
Wed, 16 Aug 2023 07:50:00 GMT
server
AmazonS3
x-timer
S1692335038.836734,VS0,VE0
etag
"cf72a3071679b39dce73fe89ff313787"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
E_IWDTjk5R-ptNP-kLoRFpwK9oNqn0E16eHZRLPGEBM0AZLfVqqRgw==
x-cache-hits
1301
userx.20230808-32-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20230808-32-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/advance-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bd2009edb077da99506f61f25109dfd7bfc6eb763059554fdbd90a8f37185a67

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
rUCn00ZgszLYARbHnLK2E62zg18l_lVC
content-encoding
gzip
via
1.1 varnish
date
Fri, 18 Aug 2023 05:03:57 GMT
x-amz-request-id
HET8NKX9W0V0XHRF
age
829317
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
5399
x-amz-id-2
V58hkeItjFY5oQeeef9uKMKuXVcyKKazlIndiq0ixwwxUCys+ZR58WMlhTDPxuBKwFDKmn176cA=
x-served-by
cache-bfi-krnt7300100-BFI
last-modified
Tue, 08 Aug 2023 13:58:31 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1692335037.104287,VS0,VE0
etag
"1a5486e7905fce646b29b62913c349a8"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
65
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
7
distance-from-article.20230808-32-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20230808-32-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/advance-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7affa24bb93ebbf4c5ede18554378aac1d3483793bf4820887e8b67a8564cac6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
jzPxDTMhjNuaoUwwIz2ObDyZrg5q6Jr4
content-encoding
gzip
via
1.1 varnish
date
Fri, 18 Aug 2023 05:03:57 GMT
x-amz-request-id
K8WWVMQGS00H1BQQ
age
829862
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1133
x-amz-id-2
8biris1cNeA0V45uTYFWBYjSkFSM2KS+9Je0cBVkCXWo8QlyCAMwjH/h954bEZ3YZh0fSc+aQyM=
x-served-by
cache-bfi-krnt7300100-BFI
last-modified
Tue, 08 Aug 2023 13:58:00 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1692335037.112508,VS0,VE0
etag
"6c4b6f398b95af11efddef54e37e0034"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
1
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
19
article-detection.20230808-32-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-detection.20230808-32-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/advance-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9398edfa28dac0c90cea66920419165ae96516c589301ef44a09bcf955daf10f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
tAsdCaZyYPd7XdaSv229zfd_PueL9aPg
content-encoding
gzip
via
1.1 varnish
date
Fri, 18 Aug 2023 05:03:57 GMT
x-amz-request-id
K8WQ2KTSQ5CRZSZK
age
829862
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1271
x-amz-id-2
m3xgPj4Pcnd+sTQ+FE0k58k+ADnYtWweSXUvYh+ufyKU2ff5S2A+UC3SM0Vnd+uriezs1l0SJWw=
x-served-by
cache-bfi-krnt7300100-BFI
last-modified
Tue, 08 Aug 2023 13:57:53 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1692335037.112866,VS0,VE0
etag
"51df83761064155dd4a418842bd363e5"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
22
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
20
abtests
ch-trc-events.taboola.com/advance-oregon/log/3/ 		0
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/advance-oregon/log/3/abtests?route=US:CH:V&tvi2=10685&lti=trecs-networks-panel_var&ri=786dc7c1a0f37004572a37dac107bd6d&sd=v2_e780921c3729fbeefa438098fd7f1e99_03c40802-bf26-4dca-babc-6267fa98b8c5-tuctbd8813c_1692335036_1692335036_CNawjgYQrf0-GImtnbigMSABKAEw4QE4kaQOQNWmD0jX7NwDUKsEWABgAGjxg5HW9JH9uAVwAQ&ui=03c40802-bf26-4dca-babc-6267fa98b8c5-tuctbd8813c&pi=/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html&wi=-2494229410174109427&pt=text&vi=1692335036041&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1692335036975%7D&tim=13%3A03%3A56.975&id=1910&llvl=2&cv=20230808-32-RELEASE&
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 18 Aug 2023 05:03:58 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
metrics
ch-trc-events.taboola.com/advance-oregon/log/3/ 		0
380 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ch-trc-events.taboola.com/advance-oregon/log/3/metrics?route=US%3ACH%3AV&lti=trecs-networks-panel_var
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/advance-network/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.oregonlive.com
pragma
no-cache
date
Fri, 18 Aug 2023 05:04:01 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
ch-trc-events.taboola.com/advance-oregon/log/3/ 		0
380 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ch-trc-events.taboola.com/advance-oregon/log/3/abtests?route=US%3ACH%3AV&lti=trecs-networks-panel_var&tvi2=10685&ri=786dc7c1a0f37004572a37dac107bd6d&sd=v2_e780921c3729fbeefa438098fd7f1e99_03c40802-bf26-4dca-babc-6267fa98b8c5-tuctbd8813c_1692335036_1692335036_CNawjgYQrf0-GImtnbigMSABKAEw4QE4kaQOQNWmD0jX7NwDUKsEWABgAGjxg5HW9JH9uAVwAQ&ui=03c40802-bf26-4dca-babc-6267fa98b8c5-tuctbd8813c&pi=%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&wi=-2494229410174109427&pt=text&vi=1692335036041&tim=13%3A03%3A56.957&id=2011&llvl=2&cv=20230808-32-RELEASE&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22brsd%22%2C%22type%22%3A%7B%22esv%22%3A%22ES2021%22%2C%22c%22%3Atrue%2C%22ss%22%3Atrue%2C%22ls%22%3Atrue%7D%2C%22eventTime%22%3A1692335036957%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/advance-network/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.oregonlive.com
pragma
no-cache
date
Fri, 18 Aug 2023 05:04:01 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
ch-trc-events.taboola.com/advance-oregon/log/2/ 		0
131 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ch-trc-events.taboola.com/advance-oregon/log/2/debug?type=warn&msg=TRC.mark%20-%20trying%20to%20stop%20measurement%20that%20was%20not%20started%20videoAjaxStop&lt=trecs-networks-panel_var&tvi2=10685&tim=13%3A03%3A56.986&id=36754&cv=20230808-32-RELEASE&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/advance-network/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.oregonlive.com
date
Fri, 18 Aug 2023 05:04:01 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
284806
debug
ch-trc-events.taboola.com/advance-oregon/log/2/ 		0
131 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ch-trc-events.taboola.com/advance-oregon/log/2/debug?type=warn&msg=TRC.mark%20-%20trying%20to%20stop%20measurement%20that%20was%20not%20started%20videoJsonpRequestStop&lt=trecs-networks-panel_var&tvi2=10685&tim=13%3A03%3A56.986&id=47801&cv=20230808-32-RELEASE&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/advance-network/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.oregonlive.com
date
Fri, 18 Aug 2023 05:04:01 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
284806
fb88455926ebb9711e1e5173c8f14b24.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fb88455926ebb9711e1e5173c8f14b24.jpg
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1cedd7a6a65f327bfa7dfa176c5d4c63a9f27605ea5de2985fde5cd5a6e5d5c8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms
6
date
Fri, 18 Aug 2023 05:03:57 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fb88455926ebb9711e1e5173c8f14b24.jpg
age
2400805
edge-cache-tag
520401869545694989262056257562455468968,323549823807620650528679431302742554985,29ecf9b93bbf306179626feeda1fab70
cache-tag
520401869545694989262056257562455468968,323549823807620650528679431302742554985,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
82
expiration
expiry-date="Mon, 31 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.oregonlive.com/news/2023/08/more-cougar-sightings-reported-on-oregon-coast-near-cannon-beach.html?e=a1e9f654304320c1a4994eb3023e1cf2&utm_source=Sailthru&utm_medium=email&utm_campaign=More%20cougar%20sightings%20reported%20on%20Oregon%20Coast%20near%20Cannon%20Beach&utm_term=Newsletter_breaking_news
content-length
3176
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kiad7000027-IAD, cache-iad-kiad7000026-IAD, cache-lga21951-LGA, cache-iad-kiad7000044-IAD, cache-bfi-krnt7300100-BFI
last-modified
Fri, 30 Jun 2023 15:19:39 GMT
server
nginx
x-timer
S1692335038.931112,VS0,VE6
etag
"c883c477c80c3c13a5f31cf0e78df402"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 4036, 1
5U2T2ROBTVDBXJBBQMMKUIEJKY.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.oregonlive.com/resizer/Gu_mJNTt9eS0HpkHXVabSOEo7bY%3D/1280x0/smart/cloudfront... 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.oregonlive.com/resizer/Gu_mJNTt9eS0HpkHXVabSOEo7bY%3D/1280x0/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/5U2T2ROBTVDBXJBBQMMKUIEJKY.jpg
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f2c0130a89d182d2b3f58e2a78f58b5af092f542dd884b3db3539ceba7f6c5b7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 18 Aug 2023 05:03:58 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.oregonlive.com/resizer/Gu_mJNTt9eS0HpkHXVabSOEo7bY%3D/1280x0/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/5U2T2ROBTVDBXJBBQMMKUIEJKY.jpg
age
183954
edge-cache-tag
475295391936333617624293921256212014019,323549823807620650528679431302742554985,29ecf9b93bbf306179626feeda1fab70
cache-tag
475295391936333617624293921256212014019,323549823807620650528679431302742554985,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
461
req-referer
https://www.oregonlive.com/beavers/2015/09/looking_back_at_tim_alexanders.html
content-length
4638
x-request-id
9627fcb73f6983bbef7ca5d6e85201b2
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kcgs7200137-IAD, cache-iad-kjyo7100035-IAD, cache-lga21978-LGA, cache-iad-kcgs7200045-IAD, cache-bfi-krnt7300100-BFI
last-modified
Wed, 16 Aug 2023 01:49:34 GMT
server
nginx
x-timer
S1692335038.023881,VS0,VE1
etag
"b51ed7658eb9d21391958a5c3f92a3fc"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 8, 1
2433debc5b196a874a33779bb6a975f4.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2433debc5b196a874a33779bb6a975f4.jpg
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6cc55bf38b57597421b687481531ca4ce960a990f0f2e238635917b0b6420ec1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Fri, 18 Aug 2023 05:03:58 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2433debc5b196a874a33779bb6a975f4.jpg
age
1005507
edge-cache-tag
492665799416077181863574011224497977727,323549823807620650528679431302742554985,29ecf9b93bbf306179626feeda1fab70
cache-tag
492665799416077181863574011224497977727,323549823807620650528679431302742554985,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
150
req-referer
https://www.3dpchip.com/
content-length
4070
x-request-id
c21775e41c8c75a90dbac9debe602757
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kjyo7100164-IAD, cache-iad-kjyo7100101-IAD, cache-sna10720-LGB, cache-iad-kiad7000150-IAD, cache-bfi-krnt7300100-BFI
last-modified
Mon, 31 Jul 2023 15:44:11 GMT
server
nginx
x-timer
S1692335038.192492,VS0,VE2
etag
"e94eaa2e7167cd7022f0a322ce432bfb"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 52, 1
UPAQBJFQNNCA3PP5EPWDFQUESM.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.oregonlive.com/resizer/mXlO590sfzh9h1eXpnxZXvOv_k0%3D/1280x0/smart/cloudfront... 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.oregonlive.com/resizer/mXlO590sfzh9h1eXpnxZXvOv_k0%3D/1280x0/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/UPAQBJFQNNCA3PP5EPWDFQUESM.jpg
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ef6386f36977a990405917efa18f589568421f4164e020942c79e3346f374b43

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 18 Aug 2023 05:03:58 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.oregonlive.com/resizer/mXlO590sfzh9h1eXpnxZXvOv_k0%3D/1280x0/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/UPAQBJFQNNCA3PP5EPWDFQUESM.jpg
age
186981
edge-cache-tag
326213641860146267441410045115592167137,323549823807620650528679431302742554985,29ecf9b93bbf306179626feeda1fab70
cache-tag
326213641860146267441410045115592167137,323549823807620650528679431302742554985,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
597
req-referer
https://www.oregonlive.com/advice/2023/08/ask-amy-high-school-grad-feels-ghosted-by-friends-european-trip-but-its-not-moms-problem-to-fix.html
content-length
3716
x-request-id
23b7407742ee761b20582767b100d55f
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kcgs7200056-IAD, cache-iad-kiad7000077-IAD, cache-sna10738-LGB, cache-iad-kiad7000065-IAD, cache-bfi-krnt7300100-BFI
last-modified
Wed, 16 Aug 2023 00:58:00 GMT
server
nginx
x-timer
S1692335038.272612,VS0,VE1
etag
"c532545463ad699595606cd6fdff8450"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 224, 1
rtb-h
sync.taboola.com/sg/supershiprtb-display-network/1/ Frame EFD4
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=taboola
  • https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZN77vsCo8YkAAOVljagAAAAA
0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZN77vsCo8YkAAOVljagAAAAA
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:03:59 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
184266

Redirect headers

X-SO-Cluster-ID
0
Date
Fri, 18 Aug 2023 05:03:58 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=taboola","cluster_id":0,"gdpr":false,"ipv4":"66.203.112.161","key":"ZN77vsCo8YkAAOVljagAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad403"}
X-SO-Key
ZN77vsCo8YkAAOVljagAAAAA
Server
nginx
X-SO-Upstream-ID
m-ad403
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZN77vsCo8YkAAOVljagAAAAA
Cache-Control
private
X-SO-HostName
m-ad403.dc4p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
3
Content-Length
0
X-SO-LB-Hostname
m-tgng37.dc4p.scaleout.jp
X-SO-IP
66.203.112.161
su
ih.adscale.de/ Frame EFD4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/su?gdpr=0&gdpr_consent=&tpid=22688&cburl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstroerrtbeur-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__STROEER_USER_ID__
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.65.41 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-65-41.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
sync
ssbsync.smartadserver.com/api/ Frame EFD4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=4
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.39 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
/
sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/ Frame EFD4
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=16698
  • https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LLG4L5CG-H-2N2O
0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LLG4L5CG-H-2N2O
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:03:59 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
184266

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LLG4L5CG-H-2N2O
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
beb52df1a5a4b2f2cb3f37642c514298
Expires
0
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame EFD4
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/03c40802-bf26-4dca-babc-6267fa98b8c5-tuctbd8813c?gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-wbRxwo5E2oSmVpnDy.5zNSRAUHa5vBfx.mZh.g--~A
0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-wbRxwo5E2oSmVpnDy.5zNSRAUHa5vBfx.mZh.g--~A
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:03:59 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
184266

Redirect headers

date
Fri, 18 Aug 2023 05:03:59 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-wbRxwo5E2oSmVpnDy.5zNSRAUHa5vBfx.mZh.g--~A
content-length
0
/
sync.taboola.com/sg/baidurtb-network/1/rtb-h/ Frame EFD4
Redirect Chain
  • https://trace.mediago.io/ju/cs/taboola
  • https://sync.taboola.com/sg/baidurtb-network/1/rtb-h/?taboola_hm=eeb3dec9450921e4872c6d86c6f2fe95
0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/baidurtb-network/1/rtb-h/?taboola_hm=eeb3dec9450921e4872c6d86c6f2fe95
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:03:59 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
184301

Redirect headers

location
https://sync.taboola.com/sg/baidurtb-network/1/rtb-h/?taboola_hm=eeb3dec9450921e4872c6d86c6f2fe95
date
Fri, 18 Aug 2023 05:03:59 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8
content-type
text/plain; charset=utf-8
/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame EFD4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESELd8cbQVOVxiSbHRMKBUEME&google_cver=1
0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESELd8cbQVOVxiSbHRMKBUEME&google_cver=1
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms
49
date
Fri, 18 Aug 2023 05:03:58 GMT
via
1.1 varnish
x-served-by
cache-bfi-krnt7300100-BFI
server
nginx
x-timer
S1692335039.642051,VS0,VE49
x-fastly-to-nlb-rtt
48129
x-cache
MISS
accept-ranges
bytes
content-length
0
x-service-version
v1
x-cache-hits
0

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 05:03:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESELd8cbQVOVxiSbHRMKBUEME&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
304
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame EFD4 		42 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=03c40802-bf26-4dca-babc-6267fa98b8c5-tuctbd8813c:$UID
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 18 Aug 2023 05:03:58 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pixel
cm.g.doubleclick.net/ Frame EFD4
Redirect Chain
  • https://sync.taboola.com/sg/google-network/1/rtb/?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=03c40802-bf26-4dca-babc-6267fa98b8c5-tuctbd8813c
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=03c40802-bf26-4dca-babc-6267fa98b8c5-tuctbd8813c
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H3
Server
74.125.130.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 05:03:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=03c40802-bf26-4dca-babc-6267fa98b8c5-tuctbd8813c
date
Fri, 18 Aug 2023 05:03:59 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
184266
/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame EFD4
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=03fe9b01-43dc-4fda-ad2d-91fffd659144
0
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=03fe9b01-43dc-4fda-ad2d-91fffd659144
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms
51
date
Fri, 18 Aug 2023 05:03:59 GMT
via
1.1 varnish
x-served-by
cache-bfi-krnt7300100-BFI
server
nginx
x-timer
S1692335039.152630,VS0,VE51
x-fastly-to-nlb-rtt
47796
x-cache
MISS
accept-ranges
bytes
content-length
0
x-service-version
v1
x-cache-hits
0

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 05:03:58 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=03fe9b01-43dc-4fda-ad2d-91fffd659144
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
239
merge
ce.lijit.com/ Frame EFD4
Redirect Chain
  • https://ce.lijit.com/merge?pid=42&3pid=03c40802-bf26-4dca-babc-6267fa98b8c5-tuctbd8813c&us_privacy=&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=42&3pid=03c40802-bf26-4dca-babc-6267fa98b8c5-tuctbd8813c&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
43 B
696 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=42&3pid=03c40802-bf26-4dca-babc-6267fa98b8c5-tuctbd8813c&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
HTTP/1.1
Server
209.191.163.208 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 05:03:59 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2sfo1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 05:03:59 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ce.lijit.com/merge?pid=42&3pid=03c40802-bf26-4dca-babc-6267fa98b8c5-tuctbd8813c&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2sfo1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame EFD4 		49 B
692 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=03c40802-bf26-4dca-babc-6267fa98b8c5-tuctbd8813c
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.214.196.131 Sunnyvale, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-AU
content-type
image/gif;charset=iso-8859-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-84886b676f-5mnc9
expires
-1
/
rtb-csync.smartadserver.com/redir/ Frame EFD4 		43 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=03c40802-bf26-4dca-babc-6267fa98b8c5-tuctbd8813c&gdpr=0&gdpr_consent=
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.165 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 18 Aug 2023 05:03:58 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame EFD4
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=00ba0101-218e-463a-b0f2-54fd1550533a
0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=00ba0101-218e-463a-b0f2-54fd1550533a
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:03:59 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
184508

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 05:03:58 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=00ba0101-218e-463a-b0f2-54fd1550533a
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1490768
content-length
0
expires
Fri, 18 Aug 2023 00:00:00 GMT
8.gif
id5-sync.com/c/464/10/0/ Frame EFD4
Redirect Chain
  • https://id5-sync.com/s/464/9.gif?puid=03c40802-bf26-4dca-babc-6267fa98b8c5-tuctbd8813c&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
  • https://id5-sync.com/c/464/464/7/1.gif?puid=03c40802-bf26-4dca-babc-6267fa98b8c5-tuctbd8813c&gdpr=0&gdpr_consent=&us_privacy=
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/464/2/6/2.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/464/2/6/2.gif?puid=7863576873242556398&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F5%2F3.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://uipapac.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F5%2F3.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://uipapac.semasio.net/id5/1/get2?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F5%2F3.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/464/112/5/3.gif?puid=934F23FD2378EBFB&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F10%2F4%2F4.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F10%2F4%2F4.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/464/10/4/4.gif?puid=1908309046779791046&gdpr=0&gdpr_consent=
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ac515wr6dudasH1VE53MPiPSY9HObRpr63_ilCgPMg&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F3%2F3%2F5.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26g...
  • https://id5-sync.com/c/464/3/3/5.gif?puid=37a564de-fbc3-4a00-9e7e-2bfe50407375&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=8b999cfa-351b-4b8b-9198-9c822931a478&ttl=%%TTL%%
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F1%2F7.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_con...
  • https://id5-sync.com/c/464/108/1/7.gif?puid=3642a27d-858e-4c26-b54a-6e8c703ac9d3&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F10%2F0%2F8.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/464/10/0/8.gif?puid=1908309046779791046&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/c/464/10/0/8.gif?puid=1908309046779791046&gdpr=0&gdpr_consent=
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
HTTP/1.1
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Fri, 18 Aug 2023 05:04:05 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 05:04:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://id5-sync.com/c/464/10/0/8.gif?puid=1908309046779791046&gdpr=0&gdpr_consent=
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame EFD4
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy=
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=0&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dtabo...
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=542863e733184c42bdcf045574989afa&ssp=taboola&bsw_param=9c6d1569-389b-4141-9965-a0c573d5deff&gdpr=0&consent=&gdpr_pd=&expires=7
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=85d455f1-a9cd-401c-b4a8-2f85f780b33b&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=85d455f1-a9cd-401c-b4a8-2f85f780b33b&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:04:01 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
191596

Redirect headers

Location
//sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=85d455f1-a9cd-401c-b4a8-2f85f780b33b&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Date
Fri, 18 Aug 2023 05:04:01 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame EFD4
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=taboola
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=b891cd1a-f4d0-4056-8fe1-6a338fe37346
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=b891cd1a-f4d0-4056-8fe1-6a338fe37346&tbid=03c40802-bf26-4dca-babc-6267fa98b8c5-tuctbd8813c&query=taboola_hm%3Db891cd1a-f4d0-...
0
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=b891cd1a-f4d0-4056-8fe1-6a338fe37346&tbid=03c40802-bf26-4dca-babc-6267fa98b8c5-tuctbd8813c&query=taboola_hm%3Db891cd1a-f4d0-4056-8fe1-6a338fe37346&isDirect=0
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-cache-hits
0
date
Fri, 18 Aug 2023 05:04:01 GMT
via
1.1 varnish
server
nginx
x-timer
S1692335041.447011,VS0,VE42
x-cache
MISS
accept-ranges
bytes
content-length
0
x-served-by
cache-bfi-krnt7300100-BFI

Redirect headers

location
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=b891cd1a-f4d0-4056-8fe1-6a338fe37346&tbid=03c40802-bf26-4dca-babc-6267fa98b8c5-tuctbd8813c&query=taboola_hm%3Db891cd1a-f4d0-4056-8fe1-6a338fe37346&isDirect=0
date
Fri, 18 Aug 2023 05:04:01 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
184591
sd
u.openx.net/w/1.0/ Frame EFD4 		43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/sd?id=543998486&val=03c40802-bf26-4dca-babc-6267fa98b8c5-tuctbd8813c&gdpr=0&gdpr_consent=
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 05:03:59 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
xuid
eb2.3lift.com/ Frame EFD4
Redirect Chain
  • https://eb2.3lift.com/xuid?mid=7772&xuid=03c40802-bf26-4dca-babc-6267fa98b8c5-tuctbd8813c&dongle=tbla&gdpr=0&gdpr_consent=&us_privacy=
  • https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=03c40802-bf26-4dca-babc-6267fa98b8c5-tuctbd8813c&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=
37 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=03c40802-bf26-4dca-babc-6267fa98b8c5-tuctbd8813c&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 18 Aug 2023 05:03:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
/xuid?ld=1&mid=7772&xuid=03c40802-bf26-4dca-babc-6267fa98b8c5-tuctbd8813c&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=
date
Fri, 18 Aug 2023 05:03:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
rtb-h
sync.taboola.com/sg/stackadaptrtb-network/1/ Frame EFD4
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=140
  • https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=T5JGdZOhWWx9qO_rLbwWkELLcKE
0
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=T5JGdZOhWWx9qO_rLbwWkELLcKE
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:04:00 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
184595

Redirect headers

Location
https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=T5JGdZOhWWx9qO_rLbwWkELLcKE
Date
Fri, 18 Aug 2023 05:04:00 GMT
Connection
keep-alive
Content-Length
119
Content-Type
text/html; charset=utf-8
sync
t.adx.opera.com/ Frame EFD4 		35 B
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.adx.opera.com/sync?vendor=60151&uid=03c40802-bf26-4dca-babc-6267fa98b8c5-tuctbd8813c
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS
n-sysadmin-jumpbox-03.feednews.opera.technology
Software
Tengine /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 05:04:00 GMT
server
Tengine
access-control-allow-methods
POST, GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/ Frame EFD4
Redirect Chain
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&ph=295bf259-a378-4089-aae8-a2a995ba8627&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Fr...
  • https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=82b92d3a-18f1-4b13-a1fb-769fac7dc1ab
0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=82b92d3a-18f1-4b13-a1fb-769fac7dc1ab
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:03:59 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
184508

Redirect headers

date
Fri, 18 Aug 2023 05:03:59 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=82b92d3a-18f1-4b13-a1fb-769fac7dc1ab
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
sync.taboola.com/sg/centrortb-network/1/rtb-h/ Frame EFD4
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=121&0&&us_privacy=&redir=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=121&0&&us_privacy=&redir=
  • https://sync.taboola.com/sg/centrortb-network/1/rtb-h/?taboola_hm=e4314d07-0d11-48d6-99a3-aa5b810dead3-64defbc0-5553
0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/centrortb-network/1/rtb-h/?taboola_hm=e4314d07-0d11-48d6-99a3-aa5b810dead3-64defbc0-5553
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:04:01 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
184591

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 05:04:00 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://sync.taboola.com/sg/centrortb-network/1/rtb-h/?taboola_hm=e4314d07-0d11-48d6-99a3-aa5b810dead3-64defbc0-5553
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
cfaf1e17810c0412a45160d8fd82b599.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cfaf1e17810c0412a45160d8fd82b599.png
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f257334231a3307b249e7320fac08e8986be227e22333212e7da5933bcf0bb4e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms
3
date
Fri, 18 Aug 2023 05:03:59 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cfaf1e17810c0412a45160d8fd82b599.png
age
1626318
edge-cache-tag
420242149459271037965324042331049190017,323549823807620650528679431302742554985,29ecf9b93bbf306179626feeda1fab70
cache-tag
420242149459271037965324042331049190017,323549823807620650528679431302742554985,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
149
expiration
expiry-date="Fri, 18 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.al.com/news/2023/08/target-shoplifter-in-atlanta-stole-tv-returned-it-to-steal-another-only-to-be-chased-down-by-cops.html
content-length
6136
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kcgs7200070-IAD, cache-iad-kcgs7200103-IAD, cache-sna10746-LGB, cache-iad-kcgs7200030-IAD, cache-bfi-krnt7300100-BFI
last-modified
Tue, 18 Jul 2023 23:58:59 GMT
server
nginx
x-timer
S1692335040.880680,VS0,VE3
etag
"96c4c1ecdc164b0773280d5f05f6c2af"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 21, 1
MEQWF7GHSNBRVKKJDMAQSVEVHQ.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.oregonlive.com/resizer/XHMFH2_M7NpVeYS0gOVswk6lsJM%3D/1280x0/smart/cloudfront... 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.oregonlive.com/resizer/XHMFH2_M7NpVeYS0gOVswk6lsJM%3D/1280x0/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/MEQWF7GHSNBRVKKJDMAQSVEVHQ.jpg
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
df8bf825164bb07b91944cb7cc43bed270db91137b1124dd10d4a348ff7a493f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms
17
date
Fri, 18 Aug 2023 05:03:59 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.oregonlive.com/resizer/XHMFH2_M7NpVeYS0gOVswk6lsJM%3D/1280x0/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/MEQWF7GHSNBRVKKJDMAQSVEVHQ.jpg
age
107992
edge-cache-tag
409363350297833778760043452596100365423,323549823807620650528679431302742554985,29ecf9b93bbf306179626feeda1fab70
cache-tag
409363350297833778760043452596100365423,323549823807620650528679431302742554985,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
1024
req-referer
https://www.oregonlive.com/ducks/2023/08/oregon-ducks-practice-observations-multiple-starters-absent.html
content-length
6700
x-request-id
45c824f18aef9228c42406260b2e7061
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kiad7000171-IAD, cache-iad-kcgs7200072-IAD, cache-chi-klot8100082-CHI, cache-iad-kiad7000079-IAD, cache-bfi-krnt7300100-BFI
last-modified
Wed, 16 Aug 2023 23:04:09 GMT
server
nginx
x-timer
S1692335040.923933,VS0,VE17
etag
"042121996a7a2b07ec8aaa508735e096"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 1
ads
securepubads.g.doubleclick.net/gampad/ 		262 KB
52 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=398669120220532&correlator=2020680854370950&output=ldjh&gdfp_req=1&vrg=202308100101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=344101295%2COR%2Cwww.oregonlive.com%2Cnews&enc_prev_ius=0%2F1%2F2%2F3%2C0%2F1%2F2%2F3%2C0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x250%7C970x90%2C320x50%7C300x250%7C300x600%7C300x1050%2C320x50%7C300x250%7C300x600&fluid=0%2Cheight%2Cheight&ifi=2&didk=2280104400~1768830019~1759113640&sfv=1-0-40&fsbs=1%2C1%2C1&eri=1&sc=1&cookie=ID%3Dfabd93a9ae838625%3AT%3D1692335036%3ART%3D1692335036%3AS%3DALNI_Mbp2_jo7kH0WASVH9oxJJVNA8yqxg&gpic=UID%3D00000c2e31194702%3AT%3D1692335036%3ART%3D1692335036%3AS%3DALNI_MbJqFZN7yREljxQspT74V5V5s_kow&abxe=1&dt=1692335037068&lmt=1692306232&adxs=436%2C975%2C975&adys=109%2C511%2C1972&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1&ucis=2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&frm=20&vis=1&psz=1600x154%7C300x600%7C300x3021&msz=728x24%7C300x274%7C300x274&fws=0%2C512%2C512&ohw=0%2C0%2C0&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=858605516.1692335035&ga_sid=1692335036&ga_hid=1442454486&ga_fc=true&a3p=EhsKDDMzYWNyb3NzLmNvbRi1rJ24oDFIAFICCGQSGQoKdWlkYXBpLmNvbRi1rJ24oDFIAFICCGQSWgoNY3J3ZGNudHJsLm5ldBJAMDgxYzAwYTE1ZDAxODBlZDk0ZTI0ODg4OGU0OTE2ZDUzOTM4ZTk3MTY2OTliNTAyMzRlOTM2ZmE5MjNmYWUyYRibrp24oDFIABIUCgVvcGVueBi1rJ24oDFIAFICCGQSNAoKcHViY2lkLm9yZxIkZDI1YmJkZTYtOWNkMC00ZDYwLWJhNmUtZWI2MzI5MmUxZGEwWAE.&dlt=1692335032993&idt=2902&prev_scp=rg_adslot%3DTopRail_Below_Flex%26rg_atf%3Dtrue%26rg_iab%3Dtrue%26rg_counter%3D1%26rg_pr-pl-as%3Dcal%257Cdesktop%257CTopRail_Below_Flex%26rg_pr-pl%3Dcal%257Cdesktop%26rg_gpid%3Ddesktop-TopRail_Below_Flex%26rg_a9%3DAdvance_OR_ATF_DESKTOP%26rg_pagetype%3Dcal%26rg_product%3Dcal%26rg_subex%3Dfalse%26amznbid%3D2%26amznp%3D2%26rg_a9b%3DAdvance_OR_ATF_DESKTOP_2%26rg_gpid-tam%3Ddesktop-TopRail_Below_Flex-2%7Crg_adslot%3DRightRail_Top%26rg_atf%3Dtrue%26rg_iab%3Dtrue%26rg_counter%3D1%26rg_pr-pl-as%3Dcal%257Cdesktop%257CRightRail_Top%26rg_pr-pl%3Dcal%257Cdesktop%26rg_gpid%3Ddesktop-RightRail_Top%26rg_refresh-counter%3D0%26rg_pr-pl-as-rc%3Dcal%257Cdesktop%257CRightRail_Top%257C0%26rg_a9%3DAdvance_OR_ATF_DESKTOP%26rg_pagetype%3Dcal%26rg_product%3Dcal%26rg_subex%3Dfalse%26amznbid%3D2%26amznp%3D2%26rg_a9b%3DAdvance_OR_ATF_DESKTOP_2%26rg_gpid-tam%3Ddesktop-RightRail_Top-2%7Crg_adslot%3DRightRail_Bottom%26rg_atf%3Dfalse%26rg_iab%3Dtrue%26rg_counter%3D1%26rg_pr-pl-as%3Dcal%257Cdesktop%257CRightRail_Bottom%26rg_pr-pl%3Dcal%257Cdesktop%26rg_gpid%3Ddesktop-RightRail_Bottom%26rg_refresh-counter%3D0%26rg_pr-pl-as-rc%3Dcal%257Cdesktop%257CRightRail_Bottom%257C0%26rg_a9%3DAdvance_OR_BTF_DESKTOP%26rg_pagetype%3Dcal%26rg_product%3Dcal%26rg_subex%3Dfalse%26amznbid%3D2%26amznp%3D2%26rg_a9b%3DAdvance_OR_BTF_DESKTOP_2%26rg_gpid-tam%3Ddesktop-RightRail_Bottom-2&cust_params=ccaud%3Dc3688%252Cc3035%252Cc0333%252Cc3649%252Cc3699%252Cc3698%252Call%252Cc3695%252C9002%26rg_auth%3Dfalse%26rg_sub%3Dfalse%26rg_idl%3Dfalse%26tag%3Dhp-top-stories%26entryid%3DCINFM3HB25GGDPLVS5QIEHJCOQ%26author%3Dbamaap%26rg_product%3Dcal%26rg_aux%3D0%26rg_topic%3Dvn%26rg_pagetype%3Dcal%26rg_fbwv%3Dfalse%26rg_pv%3D1%26rg_cv%3D1%26rg_usp%3Dfalse%26rg_platform%3Ddesktop&adks=866199041%2C3930182481%2C969368303
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
cafe /
Resource Hash
344e8bfea508c8509165fc8c6db29afcdd520eb7923da25ea779ea8eca13a144
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18337494240101138432/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18337494240101138432/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKy_8KW35YADFYyFrAIdoi8Hjw&gqi=&layout=/sadbundle/%24csp%253Der3%24/18337494240101138432/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18337494240101138432/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18337494240101138432/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKy_8KW35YADFYyFrAIdoi8Hjw&gqi=&layout=/sadbundle/%24csp%253Der3%24/18337494240101138432/index.html
date
Fri, 18 Aug 2023 05:03:57 GMT
x-content-type-options
nosniff
content-encoding
br
observe-browsing-topics
?1
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52108
x-xss-protection
0
google-lineitem-id
-1,1720211575,1720211575
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,138411207715,138411207445
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.oregonlive.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
t
jadserve.postrelease.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&ntv_mvi&us_privacy=1---
Requested by
Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.149.208.24 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-208-24.us-west-2.compute.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
48c6ea174abc24e9f56e4e0045b195f5613da652d7f07f9ff4cee808195407ff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 05:03:57 GMT
content-encoding
gzip
server
nginx/1.12.2
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
910
expires
Mon, 1 Jan 1990 12:00:00 GMT
publisher:getClientId
ampcid.google.com.au/v1/ 		3 B
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com.au/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f102.1e100.net
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Aug 2023 05:03:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.oregonlive.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pv&page=Computers%20still%20down%20in%20Oregon%20county%20hit%20by%20cyberattack%20-%20oregonlive.com&sec=News&prem=0&ptype=article&cms=arc%2Fprod&auth=bamaap&artupt=1580342854&artpubt=1580342854&artid=CINFM3HB25GGDPLVS5QIEHJCOQ&tv=js-3.0.129&tna=Mather&aid=v1&p=web&tz=Australia%2FPerth&tzoff=-480&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=15&tvcfg=all&tid=dcd0425c-33b7-46a5-bd45-4ec2c396a183&pid=2b7b519d-69c5-45d2-8bdf-46edd53e7601&dtm=1692335037180&qnm=_matherq&visible=1&tabid=fd0d1b87-55d2-4e6c-b769-4d65b98d23b8&url=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&vp=1600x1200&ds=1600x5041&tofa=1692335037&vid=1&lvidt=1692335037&duid=b6882e90c4294ffd&fp=757936674&cid=ma63527&mrk=484602609&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTY5MjMzNTAzMDI3NCIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIyNC41bWIiLCJoZWFwVCI6IjI5LjRtYiIsImZzdFBhaW50IjoiMzQyMiIsImZldGNoUyI6IjEiLCJkb21haW5TIjoiMiIsImRvbWFpbkUiOiI1NjgiLCJjb25uUyI6IjU2OCIsImNvbm5FIjoiMTMxMSIsInNzbFMiOiI5MzkiLCJyZXF1UyI6IjEzMTEiLCJyZXNwUyI6IjI3MTUiLCJyZXNwRSI6IjI3NTQiLCJkb21Mb2FkIjoiMjcxOSIsImRvbUludGVyIjoiMzQxMiIsImRvbUxvYWRTIjoiMzk4NSIsImRvbUxvYWRFIjoiMzk5MCJ9LCJpZGVudGl0aWVzIjpbeyJ0eXBlIjoiZ2EiLCJpZCI6Ijg1ODYwNTUxNiIsInJlZlRpbWUiOiIxNjkyMzM1MDM3MTgwIn1dLCJjYXRlZ29yeSI6eyJjYXRlZ29yaWVzIjpbWyJocC10b3Atc3RvcmllcyJdXX0sInVzZXJEYXRhIjp7ImlzTG9jYWwiOiIwIn19
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.184.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-184-108.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Fri, 18 Aug 2023 05:04:01 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
envelope
lexicon.33across.com/v1/ 		0
0
sp-2.9.1.js
cdn.keywee.co/dist/ 		75 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.keywee.co/dist/sp-2.9.1.js
Requested by
Host: cdn.keywee.co
URL: https://cdn.keywee.co/dist/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-52.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8ae5b95f24ba3bf0fa5b9b21ffca4ef8a683558ae0a4985abf835f7b71ad0579

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 09 Jul 2023 00:59:45 GMT
content-encoding
gzip
via
1.1 0b3572829f6f42309f3adfa694398770.cloudfront.net (CloudFront)
last-modified
Sun, 14 Oct 2018 12:37:03 GMT
server
AmazonS3
x-amz-cf-pop
SIN5-C1
age
3470653
etag
W/"e0e6c30dc2f18c8cee12448a4cbb07eb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=315360000
x-amz-cf-id
6owv-qC2IkictcGmuIhOaBUNvGGzOx-UhttzHvMagoiOHZrGUHWBzg==
envelope
lexicon.33across.com/v1/ 		0
0
230565551383943
connect.facebook.net/signals/config/ 		307 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/230565551383943?v=2.9.124&r=stable&domain=www.oregonlive.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
2dee998e7045ad38a6895ce9f809d4dbbc5b8eb144e12af9f63db2d1cb4be43d
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 18 Aug 2023 05:03:57 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
qWta5hQuH9eincl2ZjeyT8LV+okliItZlmXG4uJGmZBHZ+C0crKtcEHdtSMLSBJxc2ErE+AMOzLwZvquF2wVlQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_at=394&ntv_usid=3608894&ntv_pl=1095377
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.149.208.24 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-208-24.us-west-2.compute.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 05:03:57 GMT
server
nginx/1.12.2
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=05ae093d-253b-4c96-aeff-6fa83f03c1ab&ntv_fl=Q__uDWin6WozI3l6hTMVG3fotYuM-ty432hSDhtsxjsr5vM3Smbcr4QdVM980H8c1kjtj0e9gZ39-se70IIuvNpNJLs2EbAfsxZ3Wjkwm6ndBUZM49-YT35jVzin_YJngVmVYJpCpi_c8iHObIcGhH8S15oyaoBzwbxbn7fs218_40eyJfivZV2nzWpq1KW3ayi79BHINhhX9Lr-SO6szYGO_JnWxvT4UW_uLuTlrOaMz-6Th0xXnkm56lKQgPQgYWmUbINULOpmr_nujkWzqY1ikotByd591ZD5wRAglshW0L2WyAp-R371dTnNUPuetlwYs3DKHWpFu4wDjsr5eA==&ntv_ht=vfveZAA&ntv_at=303,302&ntv_a=AAAAAAAAAA0bYQA&ord=1692335037412&ntv_it
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.149.208.24 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-208-24.us-west-2.compute.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 05:03:57 GMT
server
nginx/1.12.2
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&rid=esp&cc=1
85 B
203 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&rid=esp&cc=1
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Server
34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
53.135.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
3bec1012d3091b091867c9f622919256f69bcab4fb67256768fb8d9788796fe5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:03:58 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-6rECS7YKAHysudIwwhag97RVBFE"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.oregonlive.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Fri, 18 Aug 2023 05:03:57 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://www.oregonlive.com
location
/esp?url=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
405 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
66028c1458cf7bcb617906fe419b0d01681c847f1db3161974e1ff5f0564bb46
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.oregonlive.com
date
Fri, 18 Aug 2023 05:03:58 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
i
pixel.keywee.co/ 		43 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.keywee.co/i?stm=1692335037547&e=pv&url=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&page=Computers%20still%20down%20in%20Oregon%20county%20hit%20by%20cyberattack%20-%20oregonlive.com&tv=js-2.9.1&tna=cf&aid=77&p=web&tz=Australia%2FPerth&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&cookie=1&f_passive=1&f_wheel=wheel&eid=da0fde4e-3330-49d5-a98f-abd4a18e6e38&dtm=1692335037545&vp=1600x1200&ds=1600x5041&vid=1&sid=45cb4b4a-9427-4dde-8e1a-740180713e93&duid=41e64ae9-ddd0-43d4-8518-606a3c601131&fp=757936674
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.206.250.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-250-88.compute-1.amazonaws.com
Software
nginx/1.21.3 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

status
200 OK
date
Fri, 18 Aug 2023 05:04:00 GMT
x-content-type-options
nosniff
content-type
image/gif
server
nginx/1.21.3
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
andoncord
assoc-na.associates-amazon.com/onetag/ 		16 B
414 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://assoc-na.associates-amazon.com/onetag/andoncord
Requested by
Host: z-na.associates-amazon.com
URL: https://z-na.associates-amazon.com/onetag/v2?MarketPlace=US&instanceId=b15b987f-f5f5-4eb9-b883-884f1f3a7702
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.215.116.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-215-116-28.compute-1.amazonaws.com
Software
Server /
Resource Hash
c462d460eab61de19f36cc384c99666e5bf65eaeba0c12b8f594c5410c01f220
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 05:03:59 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
8DNV22DHP5XA2F9GN7S5
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
application/json
Access-Control-Allow-Origin
https://www.oregonlive.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
16
/
pips.taboola.com/ 		4 B
177 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-served-by
cache-bfi-kbfi7400050-BFI
date
Fri, 18 Aug 2023 05:03:57 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://www.oregonlive.com
cache-control
no-store
accept-ranges
bytes
content-length
4
retry-after
0
x-cache-hits
0
baker
ead.oregonlive.com/ 		19 B
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ead.oregonlive.com/baker?dtstmp=1692335037678
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.76.217.151 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-76-217-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2d199b9d8dc7886837cbfd12c9e8ddae7e28f5c375d564b31bf732a320921435

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Expires
Fri, 18 Aug 2023 05:04:01 GMT
Pragma
no-cache
Date
Fri, 18 Aug 2023 05:04:01 GMT
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
19
Content-Type
image/gif
encrypt
esp.rtbhouse.com/ 		285 B
559 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://esp.rtbhouse.com/encrypt
Requested by
Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
86f4b6a06dff4c2a7c1b01df3818d7aad96bfdbe119f51b154b17b429fd9e0c9

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Aug 2023 05:03:58 GMT
via
1.1 google, 1.1 google
server
Google Frontend
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
*
x-cloud-trace-context
eef2587ef035038359ffc8b3c7f3932c
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With
content-length
285
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
1071
a051.oregonlive.com/DG/DEFAULT/rest/rpc/ 		163 KB
35 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a051.oregonlive.com/DG/DEFAULT/rest/rpc/1071?referer=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&bcsessionid=&bctempid=&overruleReferrer=&time=2023-08-18T13%3A03%3A57%2B08%3A00&ts=1692335037773
Requested by
Host: a051.oregonlive.com
URL: https://a051.oregonlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-112.sin5.r.cloudfront.net
Software
- /
Resource Hash
0d998f38ddcf4b8763fabd1d755e9411f4bf19e90efbb2ab2ebb316ea3a40a2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Aug 2023 05:03:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 c38127ef40e972ba03fa4e269bbdb780.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
SIN5-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
34176
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.oregonlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
kvxmiTfUEoQxF8XoKWXZ174G4ypJHhJo-dZdOwtbd-x4P4g4ElfIQQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
social
ch-trc-events.taboola.com/advance-oregon/log/3/ 		0
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/advance-oregon/log/3/social?route=US:CH:V&tvi2=10685&lti=trecs-networks-panel_var&ri=786dc7c1a0f37004572a37dac107bd6d&sd=v2_e780921c3729fbeefa438098fd7f1e99_03c40802-bf26-4dca-babc-6267fa98b8c5-tuctbd8813c_1692335036_1692335036_CNawjgYQrf0-GImtnbigMSABKAEw4QE4kaQOQNWmD0jX7NwDUKsEWABgAGjxg5HW9JH9uAVwAQ&ui=03c40802-bf26-4dca-babc-6267fa98b8c5-tuctbd8813c&pi=/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html&wi=-2494229410174109427&pt=text&vi=1692335036041&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22%22%2C%22hdl%22%3A%22Computers%20still%20down%20in%20Oregon%20county%20hit%20by%20cyberattack%22%2C%22sec%22%3A%22Oregon%20News%22%2C%22aut%22%3A%5B%22The%20Associated%20Press%22%5D%2C%22img%22%3A%22https%3A%2F%2Fwww.oregonlive.com%2Fresizer%2FqDsGtB8spc8z7dtgXioLxTgiO-0%3D%2F1280x0%2Fsmart%2Farc-anglerfish-arc2-prod-advancelocal.s3.amazonaws.com%2Fpublic%2FSPI7P5TEK5HPNGQEJDQZY3BDJU.JPG%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=13%3A03%3A57.832&id=932&llvl=2&cv=20230808-32-RELEASE&
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 18 Aug 2023 05:04:00 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
/
cds.taboola.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=03c40802-bf26-4dca-babc-6267fa98b8c5-tuctbd8813c&mbl=ZmFsc2U=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 18 Aug 2023 05:03:58 GMT
cache-control
no-store
server
nginx
container.html
234794022749f960a58f52c6b5002407.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B324 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://234794022749f960a58f52c6b5002407.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 18 Aug 2023 05:03:58 GMT
expires
Sat, 17 Aug 2024 05:03:58 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
moatad.js
z.moatads.com/advancedigitaldfp80721595993/ Frame 1D66 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/advancedigitaldfp80721595993/moatad.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.241.170 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-241-170.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
d7a16f294e5c32a2cdeaf6f0964f9029492356bebff4765f5fec6d03781b06a0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:03:58 GMT
content-encoding
gzip
last-modified
Thu, 17 Aug 2023 18:06:48 GMT
server
AmazonS3
x-amz-request-id
5HBKKN1SZXFH809A
etag
"17ecdede45212d74d9b4a0f74d70fc91"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=25373
accept-ranges
bytes
content-length
3893
x-amz-id-2
wcSq5hvaGagb7EXOeSp23rJtgzQMsU3/3MeHNAKhBOIoTCAmq7NKvzWQfoAfEab2EB8AZ2i8Lxw=
15405676982247968343
tpc.googlesyndication.com/simgad/ Frame 1D66 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15405676982247968343
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
f313f3a98f38bc782dd5236c21ec84304979077d76b1ff13a4fd87af20199ce5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:03:58 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35582
x-xss-protection
0
last-modified
Tue, 01 Nov 2022 18:26:06 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 17 Aug 2024 05:03:58 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame 1D66 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:33:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
52219
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 31 Aug 2023 14:33:41 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1D66 		180 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
sffe /
Resource Hash
78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:03:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57620
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692185840427238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 18 Aug 2023 05:03:58 GMT
moatad.js
z.moatads.com/advancedigitaldfp80721595993/ Frame 5A28 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/advancedigitaldfp80721595993/moatad.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.241.170 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-241-170.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
d7a16f294e5c32a2cdeaf6f0964f9029492356bebff4765f5fec6d03781b06a0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:03:58 GMT
content-encoding
gzip
last-modified
Thu, 17 Aug 2023 18:06:48 GMT
server
AmazonS3
x-amz-request-id
5HBKKN1SZXFH809A
etag
"17ecdede45212d74d9b4a0f74d70fc91"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=25373
accept-ranges
bytes
content-length
3893
x-amz-id-2
wcSq5hvaGagb7EXOeSp23rJtgzQMsU3/3MeHNAKhBOIoTCAmq7NKvzWQfoAfEab2EB8AZ2i8Lxw=
10945350616414006256
tpc.googlesyndication.com/simgad/ Frame 5A28 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/10945350616414006256
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
11af697c6177a3d3d7eb75bd52ce0d16b72abd39a3120414f03ec6aa480818dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:03:58 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35147
x-xss-protection
0
last-modified
Tue, 01 Nov 2022 18:26:06 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 17 Aug 2024 05:03:58 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame 5A28 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:33:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
52219
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 31 Aug 2023 14:33:41 GMT
l
www.google.com/ads/measurement/ Frame 5A28 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQc_t5styexge4hkZa8ieK2ptz60GFTE3k2Y22D7bGMof3tx7swqGfixsgIL7cJ4_-jG-u0C_qg1NLibeSypxOhvYWvUQ
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f99.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5A28 		180 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
sffe /
Resource Hash
78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:03:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57620
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692185840427238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 18 Aug 2023 05:03:58 GMT
/
p1.parsely.com/plogger/ 		43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.parsely.com/plogger/?rand=1692335038012&plid=65417848&idsite=oregonlive.com&url=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&sref=&sts=1692335038008&slts=0&title=Computers+still+down+in+Oregon+county+hit+by+cyberattack+-+oregonlive.com&date=Fri+Aug+18+2023+13%3A03%3A58+GMT%2B0800+(Australian+Western+Standard+Time)&action=pageview&js=1&pvid=36941613&u=pid%3Dd8065c50c6270700dcc030dc64edf27a
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.81.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-81-234.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 05:04:01 GMT
Cache-Control
no-cache
Last-Modified
Friday, 18-Aug-2023 05:04:01 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
m=byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,ws9Tlc,fKUV3e,aurFic,U0aPgd,LEikZe,NwH0H,OmgaI,gychg,EEDORb,Mlhmy,mUDFmf,ZfAoz,kWgXee,ovKuLd,yDVVkb,KG2eXe,W93Wdc
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.k9_XO8nUOPY.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.1zt8lTO7tLE.L... Frame 22F7 		126 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.k9_XO8nUOPY.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.1zt8lTO7tLE.L.B1.O/am=AMBs/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/ujg=1/rs=ABXTjI5Cp-_VP4Ioiale9eSLCYY7ZZFgrg/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,ws9Tlc,fKUV3e,aurFic,U0aPgd,LEikZe,NwH0H,OmgaI,gychg,EEDORb,Mlhmy,mUDFmf,ZfAoz,kWgXee,ovKuLd,yDVVkb,KG2eXe,W93Wdc
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.k9_XO8nUOPY.es5.O/am=AMBs/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI5DsgSGoSejK8CkHBPODqaADm3Z1Q/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f94.1e100.net
Software
sffe /
Resource Hash
17511c84143c0badb282351d6c240238f1963a73821c468f13bec5eba1711d3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 01:43:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12034
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43782
x-xss-protection
0
last-modified
Sat, 12 Aug 2023 00:56:04 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Sat, 17 Aug 2024 01:43:24 GMT
m=Wt6vjf,hhhU8,FCpbqb,WhJNk
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.k9_XO8nUOPY.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.1zt8lTO7tLE.L... Frame 22F7 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.k9_XO8nUOPY.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.1zt8lTO7tLE.L.B1.O/am=AMBs/d=1/exm=COQbmf,EEDORb,KG2eXe,LEikZe,Mlhmy,NwH0H,OTA3Ae,OmgaI,U0aPgd,W93Wdc,ZfAoz,_b,_r,_tp,aurFic,byfTOb,fKUV3e,gychg,kWgXee,lsjVmc,mUDFmf,ovKuLd,ws9Tlc,xUdipf,yDVVkb/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/ujg=1/rs=ABXTjI5Cp-_VP4Ioiale9eSLCYY7ZZFgrg/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.k9_XO8nUOPY.es5.O/am=AMBs/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI5DsgSGoSejK8CkHBPODqaADm3Z1Q/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f94.1e100.net
Software
sffe /
Resource Hash
7a7ef17f65809541b5bad510a5e5c9f420db4e0c85c6a7a5a71e12548cd613e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 23:52:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18685
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1816
x-xss-protection
0
last-modified
Sat, 12 Aug 2023 00:56:04 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 16 Aug 2024 23:52:33 GMT
bulk
trc.taboola.com/advance-oregon/log/3/ 		0
457 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/advance-oregon/log/3/bulk?tvi2=10685&route=US%3ACH%3AV&lti=trecs-networks-panel_var&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230808-32-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
49
date
Fri, 18 Aug 2023 05:03:58 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
47672
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-bfi-krnt7300100-BFI
pragma
no-cache
server
nginx
x-timer
S1692335038.143811,VS0,VE49
content-type
image/gif
access-control-allow-origin
https://www.oregonlive.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
972419992817808
connect.facebook.net/signals/config/ 		307 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/972419992817808?v=2.9.124&r=stable&domain=www.oregonlive.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
d715b43b2045948f59205ca65b3b6db3e7932a81e88ce0888ec932a5acdae88b
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 18 Aug 2023 05:03:58 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
voBIbicG78CiOWXdcH4rf95LvJzcR3vmCCqcKvIi3FaJQf5AAn3NLdV/W7JxAQuLiitxHmoc/kVj829Yr0OFpA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=120978121945017&ev=PageView&dl=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&rl=&if=false&ts=1692335038032&sw=1600&sh=1200&v=2.9.124&r=stable&ec=0&o=30&fbp=fb.1.1692335038030.1551754179&cs_est=true&it=1692335036920&coo=false&rqm=GET
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.35 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-04-sin6.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 18 Aug 2023 05:04:00 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=230565551383943&ev=PageView&dl=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&rl=&if=false&ts=1692335038033&sw=1600&sh=1200&v=2.9.124&r=stable&ec=0&o=30&fbp=fb.1.1692335038030.1551754179&it=1692335036920&coo=false&rqm=GET
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.35 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-04-sin6.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 18 Aug 2023 05:04:00 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=120978121945017&ev=ViewContent&dl=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&rl=&if=false&ts=1692335038034&cd[article_content_tier]=metered&cd[is_subscriber]=false&cd[is_registered]=false&cd[content_id]=CINFM3HB25GGDPLVS5QIEHJCOQ&cd[content_type]=cal&cd[content_category]=News&cd[content_name]=computers%20still%20down%20in%20oregon%20county%20hit%20by%20cyberattack&sw=1600&sh=1200&v=2.9.124&r=stable&ec=1&o=30&fbp=fb.1.1692335038030.1551754179&it=1692335036920&coo=false&tm=1&rqm=GET
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.35 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-04-sin6.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 18 Aug 2023 05:04:00 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=230565551383943&ev=ViewContent&dl=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&rl=&if=false&ts=1692335038035&cd[article_content_tier]=metered&cd[is_subscriber]=false&cd[is_registered]=false&cd[content_id]=CINFM3HB25GGDPLVS5QIEHJCOQ&cd[content_type]=cal&cd[content_category]=News&cd[content_name]=computers%20still%20down%20in%20oregon%20county%20hit%20by%20cyberattack&sw=1600&sh=1200&v=2.9.124&r=stable&ec=1&o=30&fbp=fb.1.1692335038030.1551754179&it=1692335036920&coo=false&tm=1&rqm=GET
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.35 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-04-sin6.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 18 Aug 2023 05:04:00 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
collect
www.google-analytics.com/j/ 		4 B
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1442454486&t=pageview&_s=1&dl=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&dp=%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&ul=en-us&de=UTF-8&dt=Computers%20still%20down%20in%20Oregon%20county%20hit%20by%20cyberattack%20-%20oregonlive.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAEABAAQCACgFK~&jid=1926859501&gjid=2049091232&cid=858605516.1692335035&tid=UA-16643585-5&_gid=1376214605.1692335038&_r=1&_slc=1&gtm=45He38g0n81PJ8XJM8&cd1=undefined&cd2=undefined&cd3=computers%20still%20down%20in%20oregon%20county%20hit%20by%20cyberattack&cd6=undefined&cd11=undefined&cd16=undefined&cd18=undefined&cd19=undefined&cd20=false&cd21=%40hp-top-stories&cd23=CINFM3HB25GGDPLVS5QIEHJCOQ&cd28=bamaap&cd29=undefined&cd30=cal&cd31=undefined&cd33=undefined&cd34=1&cd35=undefined&cd36=Defense%20and%20Cybersecurity&cd37=news&cd46=cal&cd47=desktop&cd50=GA%20pageview%20-%20template%20-%20All%20Pages&cd52=undefined&cd54=News&cd55=2020-01-30T00%3A07%3A33.935Z&cd56=2020-01-30T00%3A07%3A33.935Z&cd57=location%7Cperson%7Clocation&cd58=City%20Hall%7CGordon%20McCraw%7CTillamook%20County&cd60=undefined&cd62=undefined&cd63=undefined&cd65=undefined&cd66=undefined&cd67=undefined&cd68=undefined&cd69=undefined&cd70=undefined&cd71=undefined&cd72=undefined&cd73=undefined&cd74=undefined&cd87=sub-group-c&cd102=undefined&cd103=undefined&cd61=858605516.1692335035&z=255510097
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f101.1e100.net
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 05:03:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.oregonlive.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
132 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1442454486&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&dp=%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&ul=en-us&de=UTF-8&dt=Computers%20still%20down%20in%20Oregon%20county%20hit%20by%20cyberattack%20-%20oregonlive.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=ad&ea=opportunity&el=taboola_rightrail&ev=0&_u=aDDAAEABAAQCACgFKAC~&jid=&gjid=&cid=858605516.1692335035&tid=UA-16643585-5&_gid=1376214605.1692335038&gtm=45He38g0n81PJ8XJM8&cd1=undefined&cd2=1---&cd3=computers%20still%20down%20in%20oregon%20county%20hit%20by%20cyberattack&cd6=undefined&cd11=undefined&cd16=undefined&cd18=undefined&cd19=undefined&cd20=false&cd21=%40hp-top-stories&cd23=CINFM3HB25GGDPLVS5QIEHJCOQ&cd28=bamaap&cd29=undefined&cd30=cal&cd31=undefined&cd33=undefined&cd34=1&cd35=undefined&cd36=Defense%20and%20Cybersecurity&cd37=news&cd46=cal&cd47=desktop&cd50=GA%20-%20event%20call&cd52=undefined&cd54=News&cd55=2020-01-30T00%3A07%3A33.935Z&cd56=2020-01-30T00%3A07%3A33.935Z&cd57=location%7Cperson%7Clocation&cd58=City%20Hall%7CGordon%20McCraw%7CTillamook%20County&cd60=undefined&cd62=undefined&cd63=undefined&cd64=undefined&cd65=undefined&cd66=undefined&cd67=undefined&cd68=undefined&cd69=undefined&cd70=undefined&cd71=undefined&cd72=undefined&cd73=undefined&cd74=undefined&cd87=sub-group-c&cd99=undefined&cd100=4d9a01da34958f70238a20be8a904041&cd101=081c00a15d0180ed94e248888e4916d53938e9716699b50234e936fa923fae2a&cd102=undefined&cd103=undefined&cd61=858605516.1692335035&cd98=undefined&z=553581996
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f101.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 15:32:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
48708
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18337494240101138432/ Frame A841 		62 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18337494240101138432/index.html
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
526a1267222b3951287feaa4c98724477d2e76fa55ddef05605e8a58b2348f0c
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://234794022749f960a58f52c6b5002407.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
37251
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
17043
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Thu, 17 Aug 2023 18:43:07 GMT
expires
Fri, 16 Aug 2024 18:43:07 GMT
last-modified
Fri, 30 Jun 2023 13:58:31 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/ Frame B324 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/abg_lite_fy2021.js
Requested by
Host: 234794022749f960a58f52c6b5002407.safeframe.googlesyndication.com
URL: https://234794022749f960a58f52c6b5002407.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
821da8af52f9abd6ed4c5148caee6e2cf2188c9ca01a0008a5a1ce789ce7d99b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://234794022749f960a58f52c6b5002407.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 16:21:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
45742
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9092
x-xss-protection
0
server
cafe
etag
9312205082594545078
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 31 Aug 2023 16:21:36 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 5183 		143 B
383 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 234794022749f960a58f52c6b5002407.safeframe.googlesyndication.com
URL: https://234794022749f960a58f52c6b5002407.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://234794022749f960a58f52c6b5002407.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
2857
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 18 Aug 2023 04:16:21 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame B324 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/window_focus_fy2021.js
Requested by
Host: 234794022749f960a58f52c6b5002407.safeframe.googlesyndication.com
URL: https://234794022749f960a58f52c6b5002407.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://234794022749f960a58f52c6b5002407.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:33:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
52217
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 31 Aug 2023 14:33:41 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame B324 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 234794022749f960a58f52c6b5002407.safeframe.googlesyndication.com
URL: https://234794022749f960a58f52c6b5002407.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://234794022749f960a58f52c6b5002407.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 18:52:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
36684
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
16365778639179992903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 31 Aug 2023 18:52:34 GMT
pixel.gif
px.moatads.com/ 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=ADVANCEDDIGITAL_DFP1&hp=1&wf=1&ra=6&pxm=1&sgs=3&vb=4&pl=0&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1692335036306&de=403739846066&rx=818617337947&m=0&ar=2e6b325d-clean&iw=1138ff4&q=1&cb=0&cu=1692335036306&ll=2&lm=0&ln=0&em=0&en=0&d=1485972055%3A558359335%3A1720211575%3A138411207715&bo=343101415&bp=388286695&bd=undefined&zMoatAU=%2F344101295%2FOR%2Fwww.oregonlive.com%2Fnews&zMoatProduct=cal&zMoatPS=-&zMoatSlot=RightRail_Top&zMoatPlatform=desktop&zMoatVersion=-&zMoatATF=true&zMoatCounter=1&zMoatOrigSlicer1=343101415&zMoatOrigSlicer2=388286695&zMoatJS=-&zMoatAdUnit1=-&zMoatAdUnit2=-&zMoatSM=-&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&id=1&ii=4&dfp=0%2C1&la=388286695&gw=advanceddigitalheader640552616592&fd=1&it=500&ti=0&ih=2&pe=1%3A3422%3A3422%3A0%3A3412&fs=42&na=706890575&cs=0
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.241.170 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-241-170.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 05:04:00 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 18 Aug 2023 05:04:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 1D66 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst4gs6PYzSIhh1KQ5Ana4BPwGbXY8TNPFem6_8Bsgz74HFcP9Bm_Xy6t2e-diCi9_T7Hi9Gjaup2ucKf8RQiNjOHHxylsan09ZsIgCLD0P4J1-fnmPaauPaG3e0a_33jewRJWP769VVrkM47gErQ92F8EwG6Z2QfS7WTpWs7Wrkklg75lyx4X19d-dIdodwJBVrqokBuVbTLMzHd8vb8ZQdS0jYplt9zUYFfnpOco-E1jZgwS8RQi4C5nTk7UIbj1DDUNZalxczuinq-9fsRIUjh-M02vMSw1UpY3PaZ5vOFJbLYNzFi0ophtrmlXf5w1a_nWDPFL7O2ZX215yKDbA6LxZsZQ&sai=AMfl-YSrUOIh-ytnpa7fTovsgewdsOn2Ypz06vzvWMTC8V30CuqiF97s3UxJGuuo6ezDv_RU-3AILLKO77aaBmRc7wWwDQNpdblz-4on5ipM0QQWXtNtJqHSTP9Z0JM-jag&sig=Cg0ArKJSzIt5C3wPJG3wEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:03:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
truncated
/ Frame 1D66 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ae4e52f4c497bbc27536b4231a0536cec084aa99d8416184978a8ed6e009d04d

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 5A28 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv7vbWpn4ASISD-tNgmGoqLwt1gKFzU2oXrd9IEAWlBd8CeJEKyBspAFQZYmHAjQAMBZV_fGm9jyL9dDZIABs9O0xIqUSs8UQ-lbkxthGjx2O4kaTNT7QFgx5WE5xVWyDMjnhrsE22MOAhRKUu6DxcHOnkh3ct5srj2mGvMtuFLRJ4VeLoEM3yXL-__Kr3yQBUMOtG8yOD40Fv8dp56tMmRZgeI7JpFcqU9NKpmLZpGA6f7sP-6GsDT7wcqBsUDMckSVM28QwT117VYwC9j2RFNZedVI7YtNdq4jn5pXwGyLjVLGRS5vV8FJZl6pjTrOVjUZYJQ3WYoAf7q96R1S-gfxLeiww&sai=AMfl-YSvLiQt2WdbwBdOSu9oP3mVxJlJSJpJin-AlzXDQCJJE0ISUat9ySm6fkjW0i_gXoWIGku-QACK3bQ52qxrEX7zoC2BbAU0h4wsQZt4H6E5ftY3ywb3xyemyLMbxBk&sig=Cg0ArKJSzLgR83easJg6EAE&uach_m=[UACH]&adurl=
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:03:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
truncated
/ Frame 5A28 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c1c2bd2ed95c1ebd589622dbefa12e70745c9cf41e360af9a1549b852b9af297

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/png
collect
stats.g.doubleclick.net/j/ 		1 B
348 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-16643585-5&cid=858605516.1692335035&jid=1926859501&gjid=2049091232&_gid=1376214605.1692335038&_u=aADAAEAAAAQCACgFK~&z=531342638
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 18 Aug 2023 05:03:59 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.oregonlive.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
pd
google-bidout-d.openx.net/w/1.0/ Frame 6388 		484 B
736 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
52ca34fc9c273f71d2fcc93c8adda31b925f19d6cb87f64ab722d933ffdd5ccf

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
309
content-type
text/html
date
Fri, 18 Aug 2023 05:03:58 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
765 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Fri, 18 Aug 2023 05:03:58 GMT
via
1.1 varnish
x-amz-request-id
YNWQD92FPY0EHGDK
age
12773
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
WsaloPBOV1RezW6P+wPtptx/yuFLzF8xRYzqZjAu1/8Q3Mo51sZ/ktK8UUMBM74T1ZRWD6ubnRE=
x-served-by
cache-bfi-krnt7300100-BFI
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1692335038.372721,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
84
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
936
pr
s.amazon-adsystem.com/v3/ Frame B8EF 		707 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=an-db5_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5_an-db5&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
6628b3a60520f7ec8056077154ef2054a337a4e041870018fbfbb2db315c3643
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5_an-db5&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
707
Content-Type
text/html;charset=ISO-8859-1
Date
Fri, 18 Aug 2023 05:03:58 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
GPK56ZQZZ3XGTMDMEXME
m=bm51tf
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.k9_XO8nUOPY.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.1zt8lTO7tLE.L... Frame 22F7 		1 KB
783 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.k9_XO8nUOPY.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.1zt8lTO7tLE.L.B1.O/am=AMBs/d=1/exm=COQbmf,EEDORb,FCpbqb,KG2eXe,LEikZe,Mlhmy,NwH0H,OTA3Ae,OmgaI,U0aPgd,W93Wdc,WhJNk,Wt6vjf,ZfAoz,_b,_r,_tp,aurFic,byfTOb,fKUV3e,gychg,hhhU8,kWgXee,lsjVmc,mUDFmf,ovKuLd,ws9Tlc,xUdipf,yDVVkb/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/ujg=1/rs=ABXTjI5Cp-_VP4Ioiale9eSLCYY7ZZFgrg/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=bm51tf
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.k9_XO8nUOPY.es5.O/am=AMBs/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI5DsgSGoSejK8CkHBPODqaADm3Z1Q/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f94.1e100.net
Software
sffe /
Resource Hash
a108a097da0f3e4c055bc99083a70eed104a8eebad12f65f0464c08c314a5f78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 23:52:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18685
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
718
x-xss-protection
0
last-modified
Sat, 12 Aug 2023 00:56:04 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 16 Aug 2024 23:52:33 GMT
m=RqjULd
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.k9_XO8nUOPY.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.1zt8lTO7tLE.L... Frame 22F7 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.k9_XO8nUOPY.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.1zt8lTO7tLE.L.B1.O/am=AMBs/d=1/exm=COQbmf,EEDORb,FCpbqb,KG2eXe,LEikZe,Mlhmy,NwH0H,OTA3Ae,OmgaI,U0aPgd,W93Wdc,WhJNk,Wt6vjf,ZfAoz,_b,_r,_tp,aurFic,bm51tf,byfTOb,fKUV3e,gychg,hhhU8,kWgXee,lsjVmc,mUDFmf,ovKuLd,ws9Tlc,xUdipf,yDVVkb/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/ujg=1/rs=ABXTjI5Cp-_VP4Ioiale9eSLCYY7ZZFgrg/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=RqjULd
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.k9_XO8nUOPY.es5.O/am=AMBs/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI5DsgSGoSejK8CkHBPODqaADm3Z1Q/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f94.1e100.net
Software
sffe /
Resource Hash
552132f88cda8929d4deb1a1ed94c5c6925bf0ed4ec4d415be468a9b0fa17d29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 23:52:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18685
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6414
x-xss-protection
0
last-modified
Sat, 12 Aug 2023 00:56:04 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 16 Aug 2024 23:52:33 GMT
batchexecute
news.google.com/swg/_/SubscribewithgoogleClientUi/data/ Frame 22F7 		160 B
299 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/_/SubscribewithgoogleClientUi/data/batchexecute?rpcids=SlvRf&source-path=%2Fswg%2Fui%2Fv1%2Fserviceiframe&f.sid=-6983955298067578988&bl=boq_subscribewithgoogleclientserver_20230816.08_p0&hl=en-US&soc-app=673&soc-platform=1&soc-device=1&_reqid=47039&rt=c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.k9_XO8nUOPY.es5.O/am=AMBs/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI5DsgSGoSejK8CkHBPODqaADm3Z1Q/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f139.1e100.net
Software
ESF /
Resource Hash
0ddd6223a4ba17c8fdae3468fd6ca65c9efc2a7967c8dc38b4af2323266cf94f
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-Same-Domain
1
Referer
https://news.google.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Fri, 18 Aug 2023 05:03:58 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
content-encoding
gzip
cross-origin-resource-policy
same-site
content-disposition
attachment; filename="response.bin"; filename*=UTF-8''response.bin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
st
imprchmp.taboola.com/ Frame 2E82 		439 B
366 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprchmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8kLgCLAbU6DeRE8HlnBKo0W8iJ4LLOS0AAABgYOD4AImsPDbfcmNzC1aziVs0mq3WCt_ItxYZJw7DcLeczSwLIyCRlcfmW25sbsFqNnGLRrPVWuEb-dYi48RhGO6Ws5llYQUk0vQZTQdJw2k2CJ0Xy9NkEBVdb4vd4TR7DmqBrGly-d2gDE2nw-e61-t-v7ve8vL57Wan7WXX-N1-ucv3-UsGk8FesNhr_G7D6_SyfN6a09Nsdov8vrtbaXfrLS-f3-7W-F130_MtdJreEudb47y4LA_T6eHx2oWmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rABjfIODMcli4l-d0UPvtlr_LHwAAAABAAAAAAJAAEEhvKgHwoTp24v________8_xgB95o2M_____xsLPQAefAA8CAEAALgYsjb57chY1jlO5ACjCCMAAAAAQstwoUcm6QQViyr____9VgCuAAAEKB4cXNVk0R2UeAsDAABAMGaBHha_3-ywa_xul_n_________N_N_5h-NUIsHbhphTBR7Nb-AAABrfgEBANhoG3IDAPBGAE7QIWjFYLA6BDQbzWYHAAAA4M7___-_HpDyDQfLyWLj2U2WM4vLZXOYNsPBcjgz-WaOlXO5PUhRhWKjtePbfUik6TOaDpKG02wQOi-Wp8kgKrreFrvDafYc1AJZ0-Ty28-ELUaryWSzHM6Wi8lgOBqORvszEIvZAE3EYLmcTBaT3Wq0Gm2Gu9FssEACMZggihYNJqvRaLKYDFejyWq2XOx2G0TRqtVstBkMV7PJbLdbDQfD5WiEJmwxWk0mm-VwtlxMBsPRcDQaIhjYbEyD4WCyltgss7Vo5HG4JQ6Lxy2bzHYzh3M4MW5ca9HrY7qYjMPFZuNFggFae5E8LdKJbjgbeXwbx8Iw8-wGg9FqN1l4diOHxzHYTUy2kUUs0Zws0onssm_5hoPlZLHx7CbLmcXlsjlMm-FgOZyZfDPHyrncFzYb02A4mKwlNstsLRp5HG6Jw-Jxyyaz3czhHE6MG9da9PqYLibjcLHZ-Buz5WSzWQ02s31jtpxsNqvBZrbv0Bm-q8_ZqNwMax2TbbpbnD43p0HhMli806JF2jocfUad1zYRpsbenHdidTkvXoPCc_Coxp9ryGtOiczVg9Z7MCpiieAinShMtofd43LrLS-f324RS5Smi3Sil7t8n79kMBnsBYu9xu82vE4vy-etOT3NZrfI77u7lXa33vLy-e1ujd91Nz3fQqfpLXG-Nc6Ly_IwnR4er11oepstYongdJFORC_j6aL-IwebzSWDzVyxmMwVs8UqAQAAAAAAAABYgkmmmwAAAAA4GcRysFvu1ulABrvVZLNaLoAH31ZdP-e80L8rliu7usVuIwV68hqKNfaYQ5hsD7vH5dZbXj6_3coAHiYhmG32GUGs1WpZAwAAEMAGAAAQwE033gScWXH_____4wAAAATIoQcAAHC8D8gqbL3QA1eKX0FMBpPV_gGoEGu1Wt1urNVqBSyoxW41m0AAAIEV!&cmcv=&pix=undefined&cb=1692335038326&uv=3321&tms=1692335038326&abt=166721b_vA!206725b_vA!nonrv_vA!t45!testmsn_vB&ft=0&su=4&unm=INLINE_INSTREAM&aure=false&agl=1&cirid=2ecf79cf-056b-4465-a7d7-d8ba08796f2a&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.1/UnitInlineDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
bc5e1ee4f91ea77550405f603f1031ee4d94d7b37507716478c45275be2696ca

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Fri, 18 Aug 2023 05:03:58 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-bfi-krnt7300100-BFI
x-timer
S1692335038.454873,VS0,VE51
sync
ch-match.taboola.com/ Frame 0022 		577 B
671 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ch-match.taboola.com/sync?dast=V8kLgCLAbU6DeRE8HlnBKo0W8iJ4LLOS0AAABgYOD4AImsPDbfcmNzC1aziVs0mq3WCt_ItxYZJw7DcLeczSwLIyCRlcfmW25sbsFqNnGLRrPVWuEb-dYi48RhGO6Ws5llYQUk0vQZTQdJw2k2CJ0Xy9NkEBVdb4vd4TR7DmqBrGly-d2gDE2nw-e61-t-v7ve8vL57Wan7WXX-N1-ucv3-UsGk8FesNhr_G7D6_SyfN6a09Nsdov8vrtbaXfrLS-f3-7W-F130_MtdJreEudb47y4LA_T6eHx2oWmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rABjfIODMcli4l-d0UPvtlr_LHwAAAABAAAAAAJAAEEhvKgHwoTp24v________8_xgB95o2M_____xsLPQAefAA8CAEAALgYsjb57chY1jlO5ACjCCMAAAAAQstwoUcm6QQViyr____9VgCuAAAEKB4cXNVk0R2UeAsDAABAMGaBHha_3-ywa_xul_n_________N_N_5h-NUIsHbhphTBR7Nb-AAABrfgEBANhoG3IDAPBGAE7QIWjFYLA6BDQbzWYHAAAA4M7___-_HpDyDQfLyWLj2U2WM4vLZXOYNsPBcjgz-WaOlXO5PUhRhWKjtePbfUik6TOaDpKG02wQOi-Wp8kgKrreFrvDafYc1AJZ0-Ty28-ELUaryWSzHM6Wi8lgOBqORvszEIvZAE3EYLmcTBaT3Wq0Gm2Gu9FssEACMZggihYNJqvRaLKYDFejyWq2XOx2G0TRqtVstBkMV7PJbLdbDQfD5WiEJmwxWk0mm-VwtlxMBsPRcDQaIhjYbEyD4WCyltgss7Vo5HG4JQ6Lxy2bzHYzh3M4MW5ca9HrY7qYjMPFZuNFggFae5E8LdKJbjgbeXwbx8Iw8-wGg9FqN1l4diOHxzHYTUy2kUUs0Zws0onssm_5hoPlZLHx7CbLmcXlsjlMm-FgOZyZfDPHyrncFzYb02A4mKwlNstsLRp5HG6Jw-Jxyyaz3czhHE6MG9da9PqYLibjcLHZ-Buz5WSzWQ02s31jtpxsNqvBZrbv0Bm-q8_ZqNwMax2TbbpbnD43p0HhMli806JF2jocfUad1zYRpsbenHdidTkvXoPCc_Coxp9ryGtOiczVg9Z7MCpiieAinShMtofd43LrLS-f324RS5Smi3Sil7t8n79kMBnsBYu9xu82vE4vy-etOT3NZrfI77u7lXa33vLy-e1ujd91Nz3fQqfpLXG-Nc6Ly_IwnR4er11oepstYongdJFORC_j6aL-IwebzSWDzVyxmMwVs8UqAQAAAAAAAABYgkmmmwAAAAA4GcRysFvu1ulABrvVZLNaLoAH31ZdP-e80L8rliu7usVuIwV68hqKNfaYQ5hsD7vH5dZbXj6_3coAHiYhmG32GUGs1WpZAwAAEMAGAAAQwE033gScWXH_____4wAAAATIoQcAAHC8D8gqbL3QA1eKX0FMBpPV_gGoEGu1Wt1urNVqBSyoxW41m0AAAIEV!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.1/UnitInlineDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
98036df49f6a65b8ef0e50a001670d30ded9001cb6065ce39597dfd9bc9719f8

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Fri, 18 Aug 2023 05:03:58 GMT
machineid
3805
server
nginx
VideoBidRequestHandlerServlet
wf.taboola.com/ 		9 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=300&height=168&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1692335038334&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1541&pt=-2135443746&tz=480&viewable=true&ddast=V8kLgCLAbU6DeRE8HlnBKo0W8iJ4LLOS0AAABgYOD4AImsPDbfcmNzC1aziVs0mq3WCt_ItxYZJw7DcLeczSwLIyCRlcfmW25sbsFqNnGLRrPVWuEb-dYi48RhGO6Ws5llYQUk0vQZTQdJw2k2CJ0Xy9NkEBVdb4vd4TR7DmqBrGly-d2gDE2nw-e61-t-v7ve8vL57Wan7WXX-N1-ucv3-UsGk8FesNhr_G7D6_SyfN6a09Nsdov8vrtbaXfrLS-f3-7W-F130_MtdJreEudb47y4LA_T6eHx2oWmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rABjfIODMcli4l-d0UPvtlr_LHwAAAABAAAAAAJAAEEhvKgHwoTp24v________8_xgB95o2M_____xsLPQAefAA8CAEAALgYsjb57chY1jlO5ACjCCMAAAAAQstwoUcm6QQViyr____9VgCuAAAEKB4cXNVk0R2UeAsDAABAMGaBHha_3-ywa_xul_n_________N_N_5h-NUIsHbhphTBR7Nb-AAABrfgEBANhoG3IDAPBGAE7QIWjFYLA6BDQbzWYHAAAA4M7___-_HpDyDQfLyWLj2U2WM4vLZXOYNsPBcjgz-WaOlXO5PUhRhWKjtePbfUik6TOaDpKG02wQOi-Wp8kgKrreFrvDafYc1AJZ0-Ty28-ELUaryWSzHM6Wi8lgOBqORvszEIvZAE3EYLmcTBaT3Wq0Gm2Gu9FssEACMZggihYNJqvRaLKYDFejyWq2XOx2G0TRqtVstBkMV7PJbLdbDQfD5WiEJmwxWk0mm-VwtlxMBsPRcDQaIhjYbEyD4WCyltgss7Vo5HG4JQ6Lxy2bzHYzh3M4MW5ca9HrY7qYjMPFZuNFggFae5E8LdKJbjgbeXwbx8Iw8-wGg9FqN1l4diOHxzHYTUy2kUUs0Zws0onssm_5hoPlZLHx7CbLmcXlsjlMm-FgOZyZfDPHyrncFzYb02A4mKwlNstsLRp5HG6Jw-Jxyyaz3czhHE6MG9da9PqYLibjcLHZ-Buz5WSzWQ02s31jtpxsNqvBZrbv0Bm-q8_ZqNwMax2TbbpbnD43p0HhMli806JF2jocfUad1zYRpsbenHdidTkvXoPCc_Coxp9ryGtOiczVg9Z7MCpiieAinShMtofd43LrLS-f324RS5Smi3Sil7t8n79kMBnsBYu9xu82vE4vy-etOT3NZrfI77u7lXa33vLy-e1ujd91Nz3fQqfpLXG-Nc6Ly_IwnR4er11oepstYongdJFORC_j6aL-IwebzSWDzVyxmMwVs8UqAQAAAAAAAABYgkmmmwAAAAA4GcRysFvu1ulABrvVZLNaLoAH31ZdP-e80L8rliu7usVuIwV68hqKNfaYQ5hsD7vH5dZbXj6_3coAHiYhmG32GUGs1WpZAwAAEMAGAAAQwE033gScWXH_____4wAAAATIoQcAAHC8D8gqbL3QA1eKX0FMBpPV_gGoEGu1Wt1urNVqBSyoxW41m0AAAIEV!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2075235&dpubid=190797&abtst=166721b_vA!206725b_vA!nonrv_vA!t45!testmsn_vB&mPre=0.033&cirf=https%3A%2F%2Fwww.oregonlive.com&en=1&subu=4&panid=081c00a15d0180ed94e248888e4916d53938e9716699b50234e936fa923fae2a
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.1/UnitInlineDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
98c69a3ac88cafb2ca315cfd4e63d9469304247d1c685471f0ad8d8c93004dd4

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Fri, 18 Aug 2023 05:03:58 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1829
x-cache
MISS
x-served-by
cache-bfi-krnt7300100-BFI
pragma
no-cache
server
nginx
x-timer
S1692335038.454866,VS0,VE111
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.oregonlive.com
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
link
<https://video-ads.rubiconproject.com>; rel=preconnect,<https://ads.stickyadstv.com>; rel=preconnect
expires
Sat, 26 Jul 1997 05:00:00 GMT
st
ch-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8kLgCLAbU6DeRE8HlnBKo0W8iJ4LLOS0AAABgYOD4AImsPDbfcmNzC1aziVs0mq3WCt_ItxYZJw7DcLeczSwLIyCRlcfmW25sbsFqNnGLRrPVWuEb-dYi48RhGO6Ws5llYQUk0vQZTQdJw2k2CJ0Xy9NkEBVdb4vd4TR7DmqBrGly-d2gDE2nw-e61-t-v7ve8vL57Wan7WXX-N1-ucv3-UsGk8FesNhr_G7D6_SyfN6a09Nsdov8vrtbaXfrLS-f3-7W-F130_MtdJreEudb47y4LA_T6eHx2oWmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rABjfIODMcli4l-d0UPvtlr_LHwAAAABAAAAAAJAAEEhvKgHwoTp24v________8_xgB95o2M_____xsLPQAefAA8CAEAALgYsjb57chY1jlO5ACjCCMAAAAAQstwoUcm6QQViyr____9VgCuAAAEKB4cXNVk0R2UeAsDAABAMGaBHha_3-ywa_xul_n_________N_N_5h-NUIsHbhphTBR7Nb-AAABrfgEBANhoG3IDAPBGAE7QIWjFYLA6BDQbzWYHAAAA4M7___-_HpDyDQfLyWLj2U2WM4vLZXOYNsPBcjgz-WaOlXO5PUhRhWKjtePbfUik6TOaDpKG02wQOi-Wp8kgKrreFrvDafYc1AJZ0-Ty28-ELUaryWSzHM6Wi8lgOBqORvszEIvZAE3EYLmcTBaT3Wq0Gm2Gu9FssEACMZggihYNJqvRaLKYDFejyWq2XOx2G0TRqtVstBkMV7PJbLdbDQfD5WiEJmwxWk0mm-VwtlxMBsPRcDQaIhjYbEyD4WCyltgss7Vo5HG4JQ6Lxy2bzHYzh3M4MW5ca9HrY7qYjMPFZuNFggFae5E8LdKJbjgbeXwbx8Iw8-wGg9FqN1l4diOHxzHYTUy2kUUs0Zws0onssm_5hoPlZLHx7CbLmcXlsjlMm-FgOZyZfDPHyrncFzYb02A4mKwlNstsLRp5HG6Jw-Jxyyaz3czhHE6MG9da9PqYLibjcLHZ-Buz5WSzWQ02s31jtpxsNqvBZrbv0Bm-q8_ZqNwMax2TbbpbnD43p0HhMli806JF2jocfUad1zYRpsbenHdidTkvXoPCc_Coxp9ryGtOiczVg9Z7MCpiieAinShMtofd43LrLS-f324RS5Smi3Sil7t8n79kMBnsBYu9xu82vE4vy-etOT3NZrfI77u7lXa33vLy-e1ujd91Nz3fQqfpLXG-Nc6Ly_IwnR4er11oepstYongdJFORC_j6aL-IwebzSWDzVyxmMwVs8UqAQAAAAAAAABYgkmmmwAAAAA4GcRysFvu1ulABrvVZLNaLoAH31ZdP-e80L8rliu7usVuIwV68hqKNfaYQ5hsD7vH5dZbXj6_3coAHiYhmG32GUGs1WpZAwAAEMAGAAAQwE033gScWXH_____4wAAAATIoQcAAHC8D8gqbL3QA1eKX0FMBpPV_gGoEGu1Wt1urNVqBSyoxW41m0AAAIEV!&cmcv=&pix=31589837&cb=1692335038326&uv=3321&tms=1692335038326&abt=166721b_vA!206725b_vA!nonrv_vA!t45!testmsn_vB&ft=0&su=4&unm=INLINE_INSTREAM&debug=pn:!sqg:!torgn:1692335030274.8!ts:1692335038325&mntl=1
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:04:00 GMT
content-length
0
server
nginx
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.64.50.102 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-64-50-102.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.oregonlive.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Fri, 18 Aug 2023 05:03:59 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
event
prebid-a.rubiconproject.com/ 		0
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.64.50.102 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-64-50-102.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Fri, 18 Aug 2023 05:03:59 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
m=n73qwf,GkRiKb,e5qFLc,IZT63,UUJqVe,O1Gjze,O6y8ed,PrPYRd,MpJwZc,XVMNvd,L1AAkb,KUM7Z,s39S4,SdcwHb,aW3pY,pw70Gc,wmnU7d,xQtZb,QIhFr,hc6Ubd,SpsfSb,Z5uLle,MdUzUe,zbML3c
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.k9_XO8nUOPY.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.1zt8lTO7tLE.L... Frame 22F7 		107 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.k9_XO8nUOPY.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.1zt8lTO7tLE.L.B1.O/am=AMBs/d=1/exm=COQbmf,EEDORb,FCpbqb,KG2eXe,LEikZe,Mlhmy,NwH0H,OTA3Ae,OmgaI,RqjULd,U0aPgd,W93Wdc,WhJNk,Wt6vjf,ZfAoz,_b,_r,_tp,aurFic,bm51tf,byfTOb,fKUV3e,gychg,hhhU8,kWgXee,lsjVmc,mUDFmf,ovKuLd,ws9Tlc,xUdipf,yDVVkb/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/ujg=1/rs=ABXTjI5Cp-_VP4Ioiale9eSLCYY7ZZFgrg/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=n73qwf,GkRiKb,e5qFLc,IZT63,UUJqVe,O1Gjze,O6y8ed,PrPYRd,MpJwZc,XVMNvd,L1AAkb,KUM7Z,s39S4,SdcwHb,aW3pY,pw70Gc,wmnU7d,xQtZb,QIhFr,hc6Ubd,SpsfSb,Z5uLle,MdUzUe,zbML3c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.k9_XO8nUOPY.es5.O/am=AMBs/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI5DsgSGoSejK8CkHBPODqaADm3Z1Q/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f94.1e100.net
Software
sffe /
Resource Hash
71677a8f1b88554661c2f0a5c7ab260c86e846af1b29c2556d54306f56502c23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 23:52:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18684
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36393
x-xss-protection
0
last-modified
Sat, 12 Aug 2023 00:56:04 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 16 Aug 2024 23:52:34 GMT
log
play.google.com/ Frame 22F7 		131 B
724 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.k9_XO8nUOPY.es5.O/am=AMBs/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI5DsgSGoSejK8CkHBPODqaADm3Z1Q/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f139.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
X-Goog-AuthUser
0
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Fri, 18 Aug 2023 05:04:00 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 18 Aug 2023 05:04:00 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f139.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 18 Aug 2023 05:03:59 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f139.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 18 Aug 2023 05:03:59 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 22F7 		131 B
418 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.k9_XO8nUOPY.es5.O/am=AMBs/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI5DsgSGoSejK8CkHBPODqaADm3Z1Q/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f139.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
X-Goog-AuthUser
0
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Fri, 18 Aug 2023 05:04:00 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 18 Aug 2023 05:04:00 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f139.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 18 Aug 2023 05:03:59 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 22F7 		131 B
418 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.k9_XO8nUOPY.es5.O/am=AMBs/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI5DsgSGoSejK8CkHBPODqaADm3Z1Q/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f139.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
X-Goog-AuthUser
0
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Fri, 18 Aug 2023 05:04:00 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 18 Aug 2023 05:04:00 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f139.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 18 Aug 2023 05:03:59 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 22F7 		131 B
419 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.k9_XO8nUOPY.es5.O/am=AMBs/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI5DsgSGoSejK8CkHBPODqaADm3Z1Q/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f139.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
X-Goog-AuthUser
0
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Fri, 18 Aug 2023 05:04:00 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 18 Aug 2023 05:04:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 50C9
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com
  • https://s.amazon-adsystem.com/ecm3?id=7863576873242556398&ex=appnexus.com
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=7863576873242556398&ex=appnexus.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=an-db5_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 18 Aug 2023 05:03:59 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
H5BP1J1DKM43YHFYP7V2

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
0bd00933-6743-40bc-b70d-f40bb8847d16
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Fri, 18 Aug 2023 05:03:59 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://s.amazon-adsystem.com/ecm3?id=7863576873242556398&ex=appnexus.com
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
66.203.112.161; 66.203.112.161; 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E1DA 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=an-db5_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.240.213 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-240-213.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=27228
content-encoding
gzip
content-length
5606
content-type
text/html
date
Fri, 18 Aug 2023 05:03:59 GMT
expires
Fri, 18 Aug 2023 12:37:47 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
392.json
id5-sync.com/g/v2/ 		635 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/392.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
6ad04d031b0adba5cdcdc39cfef05f9354e5338fc5f11bfc9e5d1fa1cca41165
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Aug 2023 05:03:58 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.oregonlive.com
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=972419992817808&ev=KWCEPV&dl=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&rl=&if=false&ts=1692335038623&cd[noad30]=1&cd[noadcm]=1&cd[nokart]=0&cd[pvps]=1&cd[slensec]=0&cd[ar30d]=1&cd[arcm]=1&cd[kar30d]=0&cd[karcm]=0&cd[ts30d]=0&cd[tscm]=0&cd[kru]=0&sw=1600&sh=1200&v=2.9.124&r=stable&ec=0&o=30&fbp=fb.1.1692335038030.1551754179&it=1692335036920&coo=false&dpo=LDU&dpoco=0&dpost=0&tm=2&rqm=GET
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.35 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-04-sin6.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 18 Aug 2023 05:04:00 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=972419992817808&ev=PageView&dl=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&rl=&if=false&ts=1692335038624&sw=1600&sh=1200&v=2.9.124&r=stable&ec=1&o=30&fbp=fb.1.1692335038030.1551754179&it=1692335036920&coo=false&dpo=LDU&dpoco=0&dpost=0&tm=1&rqm=GET
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.35 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-04-sin6.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 18 Aug 2023 05:04:00 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 2E82
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=03fe9b01-43dc-4fda-ad2d-91fffd659144
0
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=03fe9b01-43dc-4fda-ad2d-91fffd659144
Requested by
Host: imprchmp.taboola.com
URL: https://imprchmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8kLgCLAbU6DeRE8HlnBKo0W8iJ4LLOS0AAABgYOD4AImsPDbfcmNzC1aziVs0mq3WCt_ItxYZJw7DcLeczSwLIyCRlcfmW25sbsFqNnGLRrPVWuEb-dYi48RhGO6Ws5llYQUk0vQZTQdJw2k2CJ0Xy9NkEBVdb4vd4TR7DmqBrGly-d2gDE2nw-e61-t-v7ve8vL57Wan7WXX-N1-ucv3-UsGk8FesNhr_G7D6_SyfN6a09Nsdov8vrtbaXfrLS-f3-7W-F130_MtdJreEudb47y4LA_T6eHx2oWmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rABjfIODMcli4l-d0UPvtlr_LHwAAAABAAAAAAJAAEEhvKgHwoTp24v________8_xgB95o2M_____xsLPQAefAA8CAEAALgYsjb57chY1jlO5ACjCCMAAAAAQstwoUcm6QQViyr____9VgCuAAAEKB4cXNVk0R2UeAsDAABAMGaBHha_3-ywa_xul_n_________N_N_5h-NUIsHbhphTBR7Nb-AAABrfgEBANhoG3IDAPBGAE7QIWjFYLA6BDQbzWYHAAAA4M7___-_HpDyDQfLyWLj2U2WM4vLZXOYNsPBcjgz-WaOlXO5PUhRhWKjtePbfUik6TOaDpKG02wQOi-Wp8kgKrreFrvDafYc1AJZ0-Ty28-ELUaryWSzHM6Wi8lgOBqORvszEIvZAE3EYLmcTBaT3Wq0Gm2Gu9FssEACMZggihYNJqvRaLKYDFejyWq2XOx2G0TRqtVstBkMV7PJbLdbDQfD5WiEJmwxWk0mm-VwtlxMBsPRcDQaIhjYbEyD4WCyltgss7Vo5HG4JQ6Lxy2bzHYzh3M4MW5ca9HrY7qYjMPFZuNFggFae5E8LdKJbjgbeXwbx8Iw8-wGg9FqN1l4diOHxzHYTUy2kUUs0Zws0onssm_5hoPlZLHx7CbLmcXlsjlMm-FgOZyZfDPHyrncFzYb02A4mKwlNstsLRp5HG6Jw-Jxyyaz3czhHE6MG9da9PqYLibjcLHZ-Buz5WSzWQ02s31jtpxsNqvBZrbv0Bm-q8_ZqNwMax2TbbpbnD43p0HhMli806JF2jocfUad1zYRpsbenHdidTkvXoPCc_Coxp9ryGtOiczVg9Z7MCpiieAinShMtofd43LrLS-f324RS5Smi3Sil7t8n79kMBnsBYu9xu82vE4vy-etOT3NZrfI77u7lXa33vLy-e1ujd91Nz3fQqfpLXG-Nc6Ly_IwnR4er11oepstYongdJFORC_j6aL-IwebzSWDzVyxmMwVs8UqAQAAAAAAAABYgkmmmwAAAAA4GcRysFvu1ulABrvVZLNaLoAH31ZdP-e80L8rliu7usVuIwV68hqKNfaYQ5hsD7vH5dZbXj6_3coAHiYhmG32GUGs1WpZAwAAEMAGAAAQwE033gScWXH_____4wAAAATIoQcAAHC8D8gqbL3QA1eKX0FMBpPV_gGoEGu1Wt1urNVqBSyoxW41m0AAAIEV!&cmcv=&pix=undefined&cb=1692335038326&uv=3321&tms=1692335038326&abt=166721b_vA!206725b_vA!nonrv_vA!t45!testmsn_vB&ft=0&su=4&unm=INLINE_INSTREAM&aure=false&agl=1&cirid=2ecf79cf-056b-4465-a7d7-d8ba08796f2a&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://imprchmp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms
66
date
Fri, 18 Aug 2023 05:03:59 GMT
via
1.1 varnish
x-served-by
cache-bfi-krnt7300100-BFI
server
nginx
x-timer
S1692335039.152831,VS0,VE66
x-fastly-to-nlb-rtt
67929
x-cache
MISS
accept-ranges
bytes
content-length
0
x-service-version
v1
x-cache-hits
0

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 05:03:58 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=03fe9b01-43dc-4fda-ad2d-91fffd659144
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
239
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame 2E82
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/03c40802-bf26-4dca-babc-6267fa98b8c5-tuctbd8813c?gdpr=0&us_privacy=1---
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-C121MzVE2oTt.3G2DpSjw5xFHjJbO7oaTdmlJw--~A
0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-C121MzVE2oTt.3G2DpSjw5xFHjJbO7oaTdmlJw--~A
Requested by
Host: imprchmp.taboola.com
URL: https://imprchmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8kLgCLAbU6DeRE8HlnBKo0W8iJ4LLOS0AAABgYOD4AImsPDbfcmNzC1aziVs0mq3WCt_ItxYZJw7DcLeczSwLIyCRlcfmW25sbsFqNnGLRrPVWuEb-dYi48RhGO6Ws5llYQUk0vQZTQdJw2k2CJ0Xy9NkEBVdb4vd4TR7DmqBrGly-d2gDE2nw-e61-t-v7ve8vL57Wan7WXX-N1-ucv3-UsGk8FesNhr_G7D6_SyfN6a09Nsdov8vrtbaXfrLS-f3-7W-F130_MtdJreEudb47y4LA_T6eHx2oWmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rABjfIODMcli4l-d0UPvtlr_LHwAAAABAAAAAAJAAEEhvKgHwoTp24v________8_xgB95o2M_____xsLPQAefAA8CAEAALgYsjb57chY1jlO5ACjCCMAAAAAQstwoUcm6QQViyr____9VgCuAAAEKB4cXNVk0R2UeAsDAABAMGaBHha_3-ywa_xul_n_________N_N_5h-NUIsHbhphTBR7Nb-AAABrfgEBANhoG3IDAPBGAE7QIWjFYLA6BDQbzWYHAAAA4M7___-_HpDyDQfLyWLj2U2WM4vLZXOYNsPBcjgz-WaOlXO5PUhRhWKjtePbfUik6TOaDpKG02wQOi-Wp8kgKrreFrvDafYc1AJZ0-Ty28-ELUaryWSzHM6Wi8lgOBqORvszEIvZAE3EYLmcTBaT3Wq0Gm2Gu9FssEACMZggihYNJqvRaLKYDFejyWq2XOx2G0TRqtVstBkMV7PJbLdbDQfD5WiEJmwxWk0mm-VwtlxMBsPRcDQaIhjYbEyD4WCyltgss7Vo5HG4JQ6Lxy2bzHYzh3M4MW5ca9HrY7qYjMPFZuNFggFae5E8LdKJbjgbeXwbx8Iw8-wGg9FqN1l4diOHxzHYTUy2kUUs0Zws0onssm_5hoPlZLHx7CbLmcXlsjlMm-FgOZyZfDPHyrncFzYb02A4mKwlNstsLRp5HG6Jw-Jxyyaz3czhHE6MG9da9PqYLibjcLHZ-Buz5WSzWQ02s31jtpxsNqvBZrbv0Bm-q8_ZqNwMax2TbbpbnD43p0HhMli806JF2jocfUad1zYRpsbenHdidTkvXoPCc_Coxp9ryGtOiczVg9Z7MCpiieAinShMtofd43LrLS-f324RS5Smi3Sil7t8n79kMBnsBYu9xu82vE4vy-etOT3NZrfI77u7lXa33vLy-e1ujd91Nz3fQqfpLXG-Nc6Ly_IwnR4er11oepstYongdJFORC_j6aL-IwebzSWDzVyxmMwVs8UqAQAAAAAAAABYgkmmmwAAAAA4GcRysFvu1ulABrvVZLNaLoAH31ZdP-e80L8rliu7usVuIwV68hqKNfaYQ5hsD7vH5dZbXj6_3coAHiYhmG32GUGs1WpZAwAAEMAGAAAQwE033gScWXH_____4wAAAATIoQcAAHC8D8gqbL3QA1eKX0FMBpPV_gGoEGu1Wt1urNVqBSyoxW41m0AAAIEV!&cmcv=&pix=undefined&cb=1692335038326&uv=3321&tms=1692335038326&abt=166721b_vA!206725b_vA!nonrv_vA!t45!testmsn_vB&ft=0&su=4&unm=INLINE_INSTREAM&aure=false&agl=1&cirid=2ecf79cf-056b-4465-a7d7-d8ba08796f2a&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://imprchmp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:03:59 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
184266

Redirect headers

date
Fri, 18 Aug 2023 05:03:59 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-C121MzVE2oTt.3G2DpSjw5xFHjJbO7oaTdmlJw--~A
content-length
0
/
sync.taboola.com/sg/yahoosspus-network/1/rtb-h/ Frame 2E82
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=0&us_privacy=1---
  • https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=0&us_privacy=1---&verify=true
  • https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-a7IooBNE2uG9uTacXETc27lu1XVN7cu6~A&gdpr_in_effect=0
0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-a7IooBNE2uG9uTacXETc27lu1XVN7cu6~A&gdpr_in_effect=0
Requested by
Host: imprchmp.taboola.com
URL: https://imprchmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8kLgCLAbU6DeRE8HlnBKo0W8iJ4LLOS0AAABgYOD4AImsPDbfcmNzC1aziVs0mq3WCt_ItxYZJw7DcLeczSwLIyCRlcfmW25sbsFqNnGLRrPVWuEb-dYi48RhGO6Ws5llYQUk0vQZTQdJw2k2CJ0Xy9NkEBVdb4vd4TR7DmqBrGly-d2gDE2nw-e61-t-v7ve8vL57Wan7WXX-N1-ucv3-UsGk8FesNhr_G7D6_SyfN6a09Nsdov8vrtbaXfrLS-f3-7W-F130_MtdJreEudb47y4LA_T6eHx2oWmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rABjfIODMcli4l-d0UPvtlr_LHwAAAABAAAAAAJAAEEhvKgHwoTp24v________8_xgB95o2M_____xsLPQAefAA8CAEAALgYsjb57chY1jlO5ACjCCMAAAAAQstwoUcm6QQViyr____9VgCuAAAEKB4cXNVk0R2UeAsDAABAMGaBHha_3-ywa_xul_n_________N_N_5h-NUIsHbhphTBR7Nb-AAABrfgEBANhoG3IDAPBGAE7QIWjFYLA6BDQbzWYHAAAA4M7___-_HpDyDQfLyWLj2U2WM4vLZXOYNsPBcjgz-WaOlXO5PUhRhWKjtePbfUik6TOaDpKG02wQOi-Wp8kgKrreFrvDafYc1AJZ0-Ty28-ELUaryWSzHM6Wi8lgOBqORvszEIvZAE3EYLmcTBaT3Wq0Gm2Gu9FssEACMZggihYNJqvRaLKYDFejyWq2XOx2G0TRqtVstBkMV7PJbLdbDQfD5WiEJmwxWk0mm-VwtlxMBsPRcDQaIhjYbEyD4WCyltgss7Vo5HG4JQ6Lxy2bzHYzh3M4MW5ca9HrY7qYjMPFZuNFggFae5E8LdKJbjgbeXwbx8Iw8-wGg9FqN1l4diOHxzHYTUy2kUUs0Zws0onssm_5hoPlZLHx7CbLmcXlsjlMm-FgOZyZfDPHyrncFzYb02A4mKwlNstsLRp5HG6Jw-Jxyyaz3czhHE6MG9da9PqYLibjcLHZ-Buz5WSzWQ02s31jtpxsNqvBZrbv0Bm-q8_ZqNwMax2TbbpbnD43p0HhMli806JF2jocfUad1zYRpsbenHdidTkvXoPCc_Coxp9ryGtOiczVg9Z7MCpiieAinShMtofd43LrLS-f324RS5Smi3Sil7t8n79kMBnsBYu9xu82vE4vy-etOT3NZrfI77u7lXa33vLy-e1ujd91Nz3fQqfpLXG-Nc6Ly_IwnR4er11oepstYongdJFORC_j6aL-IwebzSWDzVyxmMwVs8UqAQAAAAAAAABYgkmmmwAAAAA4GcRysFvu1ulABrvVZLNaLoAH31ZdP-e80L8rliu7usVuIwV68hqKNfaYQ5hsD7vH5dZbXj6_3coAHiYhmG32GUGs1WpZAwAAEMAGAAAQwE033gScWXH_____4wAAAATIoQcAAHC8D8gqbL3QA1eKX0FMBpPV_gGoEGu1Wt1urNVqBSyoxW41m0AAAIEV!&cmcv=&pix=undefined&cb=1692335038326&uv=3321&tms=1692335038326&abt=166721b_vA!206725b_vA!nonrv_vA!t45!testmsn_vB&ft=0&su=4&unm=INLINE_INSTREAM&aure=false&agl=1&cirid=2ecf79cf-056b-4465-a7d7-d8ba08796f2a&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://imprchmp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:03:59 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
184426

Redirect headers

location
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-a7IooBNE2uG9uTacXETc27lu1XVN7cu6~A&gdpr_in_effect=0
date
Fri, 18 Aug 2023 05:03:59 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
www.facebook.com/tr/ Frame ADE2 		0
205 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.35 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-04-sin6.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.oregonlive.com
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.oregonlive.com
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Fri, 18 Aug 2023 05:03:59 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
/
www.facebook.com/tr/ Frame 34CF 		0
31 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.35 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-04-sin6.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.oregonlive.com
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.oregonlive.com
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Fri, 18 Aug 2023 05:03:59 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
sd
us-u.openx.net/w/1.0/ Frame 6388
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=0583ce19-f2f0-7a44-d355-77190d00651f&gdpr=0
  • https://match.adsrvr.org/track/cmb/openx?oxid=0583ce19-f2f0-7a44-d355-77190d00651f&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=03fe9b01-43dc-4fda-ad2d-91fffd659144&ttd_puid=0583ce19-f2f0-7a44-d355-77190d00651f&gdpr=0&gdpr_consent=
43 B
249 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=03fe9b01-43dc-4fda-ad2d-91fffd659144&ttd_puid=0583ce19-f2f0-7a44-d355-77190d00651f&gdpr=0&gdpr_consent=
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 05:03:59 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 05:03:58 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=03fe9b01-43dc-4fda-ad2d-91fffd659144&ttd_puid=0583ce19-f2f0-7a44-d355-77190d00651f&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
335
sd
jp-u.openx.net/w/1.0/ Frame 6388
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=openx
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZN77v8Co8YkAAOVljeMAAAAA
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZN77v8Co8YkAAOVljeMAAAAA
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 05:03:59 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID
0
Date
Fri, 18 Aug 2023 05:03:59 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":0,"gdpr":false,"ipv4":"66.203.112.161","key":"ZN77v8Co8YkAAOVljeMAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40037"}
X-SO-Key
ZN77v8Co8YkAAOVljeMAAAAA
Server
nginx
X-SO-Upstream-ID
a-ad40037
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZN77v8Co8YkAAOVljeMAAAAA
Cache-Control
private
X-SO-HostName
a-ad40037.dc2p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
2
Content-Length
0
X-SO-LB-Hostname
m-tgng37.dc4p.scaleout.jp
X-SO-IP
66.203.112.161
sd
jp-u.openx.net/w/1.0/ Frame 6388
Redirect Chain
  • https://cr-p3.ladsp.com/cookiesender/3
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AaFKKtbFoNeVks8AD7Il_4IwPs8AAAGKBwdj-w
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AaFKKtbFoNeVks8AD7Il_4IwPs8AAAGKBwdj-w
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 05:03:59 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 05:03:59 GMT
via
1.1 fbb0eee872ada24336cf35814e95a30c.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AaFKKtbFoNeVks8AD7Il_4IwPs8AAAGKBwdj-w
cache-control
no-cache
content-length
0
x-amz-cf-id
P2PMrjt5d1mw_zJGfNYGnmXRGgrSzFIHEO6KqBIT5JlM6aOrGYET7g==
expires
-1
pixel
cm.g.doubleclick.net/ Frame 6388 		170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MjllYzFkZDMtM2I4Ny0yNGUwLWM2YjUtMmRhMGM3ZTJhYjdm
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 05:03:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 6388
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOGoBctB7X3Nupz9teDnpnk&google_cver=1
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOGoBctB7X3Nupz9teDnpnk&google_cver=1
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 05:03:58 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 05:03:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOGoBctB7X3Nupz9teDnpnk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cmTagINLINE_INSTREAM.js
vidstat.taboola.com/vpaid/units/33_2_1/infra/ 		798 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/33_2_1/infra/cmTagINLINE_INSTREAM.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.1/UnitInlineDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
b3aa13b4625e73e1443b06c7c203c44c6481d4b663e599f61f2e7edcaab4e178

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Origin
https://www.oregonlive.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-meta-mtime
1692189126
date
Fri, 18 Aug 2023 05:04:00 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
EVKQ1BYHZR5RGR7F
age
145771
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1692189127
x-amz-meta-mode
33188
content-length
136425
x-amz-id-2
31SvKwATkKdqOvckPUmsz0BEBwMGXo4rG348atNA2tY6Xk3eNj2UsBODYGl3qT9MsFYJXIwortE=
x-served-by
cache-bfi-kbfi7400050-BFI
last-modified
Wed, 16 Aug 2023 12:32:08 GMT
server
AmazonS3-br
x-timer
S1692335041.957490,VS0,VE0
etag
"6e46a997d040b5ff25e0b158cf377685"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
4
cmOsUnit.css
vidstat.taboola.com/vpaid/units/33_2_1/assets/css/ 		60 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/33_2_1/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.1/UnitInlineDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-meta-mtime
1692189153
date
Fri, 18 Aug 2023 05:03:58 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
GDZ4DNGXJEQB1B1A
age
145776
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1692189153
x-amz-meta-mode
33188
content-length
7924
x-amz-id-2
UzQaUjmDO6jduRe6G/Stq6fQiZ8iTBmy0Jq/ngOT+xva+2AR1RZdPk5+DPLs7N1ED8ioYyWOJqw=
x-served-by
cache-bfi-krnt7300100-BFI
last-modified
Wed, 16 Aug 2023 12:32:34 GMT
server
AmazonS3-br
x-timer
S1692335039.822248,VS0,VE0
etag
"a6067988de416f653559cce5285c7c1b"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
20949
16a4d4e758b25fe907f9822eaf892137
a051.oregonlive.com/plugin/plugin/ 		89 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a051.oregonlive.com/plugin/plugin/16a4d4e758b25fe907f9822eaf892137
Requested by
Host: a051.oregonlive.com
URL: https://a051.oregonlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-112.sin5.r.cloudfront.net
Software
- /
Resource Hash
eed05ab2b5a792fc8baf2c20ba0430528960cad9a7e9750f90d128b6a34b791c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:04:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 c38127ef40e972ba03fa4e269bbdb780.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
SIN5-C1
age
770393
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
21605
x-xss-protection
1; mode=block
last-modified
Tue, 08 Aug 2023 07:04:05 GMT
server
-
etag
16a4d4e758b25fe907f9822eaf892137
content-type
text/javascript; charset=utf-8
cache-control
public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag
noindex, nofollow
x-amz-cf-id
paUupvPyxymhzuS0Hf-lQgO3uMTHCtGGn-_G64R_dyaR2wKLK-FnYg==
expires
Thu, 08 Aug 2024 07:04:05 GMT
LB-Zone-1
a051.oregonlive.com/DG/DEFAULT/rest/rpc/1071/ 		359 B
1021 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a051.oregonlive.com/DG/DEFAULT/rest/rpc/1071/LB-Zone-1?referer=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&bcsessionid=&bctempid=fd19278e-918a-4958-b72b-880844952999&overruleReferrer=&time=2023-08-18T13%3A03%3A58%2B08%3A00&ts=1692335038868
Requested by
Host: a051.oregonlive.com
URL: https://a051.oregonlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-112.sin5.r.cloudfront.net
Software
- /
Resource Hash
b9af43d6ace43da63cb76a61b1a0f1c3c00c779fd5b0c98d64e974a45d7d9ef5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Aug 2023 05:03:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 c38127ef40e972ba03fa4e269bbdb780.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
SIN5-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
235
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.oregonlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
8cx9Fs12EIlak-STlGKKzDBlSs7qlvjU0PlVPbl4JW9uJjVrVoYaFA==
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 0022
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=8b999cfa-351b-4b8b-9198-9c822931a478
0
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=8b999cfa-351b-4b8b-9198-9c822931a478
Requested by
Host: ch-match.taboola.com
URL: https://ch-match.taboola.com/sync?dast=V8kLgCLAbU6DeRE8HlnBKo0W8iJ4LLOS0AAABgYOD4AImsPDbfcmNzC1aziVs0mq3WCt_ItxYZJw7DcLeczSwLIyCRlcfmW25sbsFqNnGLRrPVWuEb-dYi48RhGO6Ws5llYQUk0vQZTQdJw2k2CJ0Xy9NkEBVdb4vd4TR7DmqBrGly-d2gDE2nw-e61-t-v7ve8vL57Wan7WXX-N1-ucv3-UsGk8FesNhr_G7D6_SyfN6a09Nsdov8vrtbaXfrLS-f3-7W-F130_MtdJreEudb47y4LA_T6eHx2oWmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rABjfIODMcli4l-d0UPvtlr_LHwAAAABAAAAAAJAAEEhvKgHwoTp24v________8_xgB95o2M_____xsLPQAefAA8CAEAALgYsjb57chY1jlO5ACjCCMAAAAAQstwoUcm6QQViyr____9VgCuAAAEKB4cXNVk0R2UeAsDAABAMGaBHha_3-ywa_xul_n_________N_N_5h-NUIsHbhphTBR7Nb-AAABrfgEBANhoG3IDAPBGAE7QIWjFYLA6BDQbzWYHAAAA4M7___-_HpDyDQfLyWLj2U2WM4vLZXOYNsPBcjgz-WaOlXO5PUhRhWKjtePbfUik6TOaDpKG02wQOi-Wp8kgKrreFrvDafYc1AJZ0-Ty28-ELUaryWSzHM6Wi8lgOBqORvszEIvZAE3EYLmcTBaT3Wq0Gm2Gu9FssEACMZggihYNJqvRaLKYDFejyWq2XOx2G0TRqtVstBkMV7PJbLdbDQfD5WiEJmwxWk0mm-VwtlxMBsPRcDQaIhjYbEyD4WCyltgss7Vo5HG4JQ6Lxy2bzHYzh3M4MW5ca9HrY7qYjMPFZuNFggFae5E8LdKJbjgbeXwbx8Iw8-wGg9FqN1l4diOHxzHYTUy2kUUs0Zws0onssm_5hoPlZLHx7CbLmcXlsjlMm-FgOZyZfDPHyrncFzYb02A4mKwlNstsLRp5HG6Jw-Jxyyaz3czhHE6MG9da9PqYLibjcLHZ-Buz5WSzWQ02s31jtpxsNqvBZrbv0Bm-q8_ZqNwMax2TbbpbnD43p0HhMli806JF2jocfUad1zYRpsbenHdidTkvXoPCc_Coxp9ryGtOiczVg9Z7MCpiieAinShMtofd43LrLS-f324RS5Smi3Sil7t8n79kMBnsBYu9xu82vE4vy-etOT3NZrfI77u7lXa33vLy-e1ujd91Nz3fQqfpLXG-Nc6Ly_IwnR4er11oepstYongdJFORC_j6aL-IwebzSWDzVyxmMwVs8UqAQAAAAAAAABYgkmmmwAAAAA4GcRysFvu1ulABrvVZLNaLoAH31ZdP-e80L8rliu7usVuIwV68hqKNfaYQ5hsD7vH5dZbXj6_3coAHiYhmG32GUGs1WpZAwAAEMAGAAAQwE033gScWXH_____4wAAAATIoQcAAHC8D8gqbL3QA1eKX0FMBpPV_gGoEGu1Wt1urNVqBSyoxW41m0AAAIEV!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ch-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms
43
date
Fri, 18 Aug 2023 05:03:59 GMT
via
1.1 varnish
x-served-by
cache-bfi-krnt7300100-BFI
server
nginx
x-timer
S1692335039.186066,VS0,VE43
x-fastly-to-nlb-rtt
40657
x-cache
MISS
accept-ranges
bytes
content-length
0
x-service-version
v1
x-cache-hits
0

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 05:03:59 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=8b999cfa-351b-4b8b-9198-9c822931a478
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
239
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame 0022
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/03c40802-bf26-4dca-babc-6267fa98b8c5-tuctbd8813c?gdpr=0&us_privacy=1---
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-cwgGRtBE2oQ5EwSxpDfGe8rIWrJuvKGrgbzuhg--~A
0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-cwgGRtBE2oQ5EwSxpDfGe8rIWrJuvKGrgbzuhg--~A
Requested by
Host: ch-match.taboola.com
URL: https://ch-match.taboola.com/sync?dast=V8kLgCLAbU6DeRE8HlnBKo0W8iJ4LLOS0AAABgYOD4AImsPDbfcmNzC1aziVs0mq3WCt_ItxYZJw7DcLeczSwLIyCRlcfmW25sbsFqNnGLRrPVWuEb-dYi48RhGO6Ws5llYQUk0vQZTQdJw2k2CJ0Xy9NkEBVdb4vd4TR7DmqBrGly-d2gDE2nw-e61-t-v7ve8vL57Wan7WXX-N1-ucv3-UsGk8FesNhr_G7D6_SyfN6a09Nsdov8vrtbaXfrLS-f3-7W-F130_MtdJreEudb47y4LA_T6eHx2oWmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rABjfIODMcli4l-d0UPvtlr_LHwAAAABAAAAAAJAAEEhvKgHwoTp24v________8_xgB95o2M_____xsLPQAefAA8CAEAALgYsjb57chY1jlO5ACjCCMAAAAAQstwoUcm6QQViyr____9VgCuAAAEKB4cXNVk0R2UeAsDAABAMGaBHha_3-ywa_xul_n_________N_N_5h-NUIsHbhphTBR7Nb-AAABrfgEBANhoG3IDAPBGAE7QIWjFYLA6BDQbzWYHAAAA4M7___-_HpDyDQfLyWLj2U2WM4vLZXOYNsPBcjgz-WaOlXO5PUhRhWKjtePbfUik6TOaDpKG02wQOi-Wp8kgKrreFrvDafYc1AJZ0-Ty28-ELUaryWSzHM6Wi8lgOBqORvszEIvZAE3EYLmcTBaT3Wq0Gm2Gu9FssEACMZggihYNJqvRaLKYDFejyWq2XOx2G0TRqtVstBkMV7PJbLdbDQfD5WiEJmwxWk0mm-VwtlxMBsPRcDQaIhjYbEyD4WCyltgss7Vo5HG4JQ6Lxy2bzHYzh3M4MW5ca9HrY7qYjMPFZuNFggFae5E8LdKJbjgbeXwbx8Iw8-wGg9FqN1l4diOHxzHYTUy2kUUs0Zws0onssm_5hoPlZLHx7CbLmcXlsjlMm-FgOZyZfDPHyrncFzYb02A4mKwlNstsLRp5HG6Jw-Jxyyaz3czhHE6MG9da9PqYLibjcLHZ-Buz5WSzWQ02s31jtpxsNqvBZrbv0Bm-q8_ZqNwMax2TbbpbnD43p0HhMli806JF2jocfUad1zYRpsbenHdidTkvXoPCc_Coxp9ryGtOiczVg9Z7MCpiieAinShMtofd43LrLS-f324RS5Smi3Sil7t8n79kMBnsBYu9xu82vE4vy-etOT3NZrfI77u7lXa33vLy-e1ujd91Nz3fQqfpLXG-Nc6Ly_IwnR4er11oepstYongdJFORC_j6aL-IwebzSWDzVyxmMwVs8UqAQAAAAAAAABYgkmmmwAAAAA4GcRysFvu1ulABrvVZLNaLoAH31ZdP-e80L8rliu7usVuIwV68hqKNfaYQ5hsD7vH5dZbXj6_3coAHiYhmG32GUGs1WpZAwAAEMAGAAAQwE033gScWXH_____4wAAAATIoQcAAHC8D8gqbL3QA1eKX0FMBpPV_gGoEGu1Wt1urNVqBSyoxW41m0AAAIEV!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ch-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:03:59 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
184266

Redirect headers

date
Fri, 18 Aug 2023 05:03:59 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-cwgGRtBE2oQ5EwSxpDfGe8rIWrJuvKGrgbzuhg--~A
content-length
0
usync.html
eus.rubiconproject.com/ Frame 3473 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Requested by
Host: ch-match.taboola.com
URL: https://ch-match.taboola.com/sync?dast=V8kLgCLAbU6DeRE8HlnBKo0W8iJ4LLOS0AAABgYOD4AImsPDbfcmNzC1aziVs0mq3WCt_ItxYZJw7DcLeczSwLIyCRlcfmW25sbsFqNnGLRrPVWuEb-dYi48RhGO6Ws5llYQUk0vQZTQdJw2k2CJ0Xy9NkEBVdb4vd4TR7DmqBrGly-d2gDE2nw-e61-t-v7ve8vL57Wan7WXX-N1-ucv3-UsGk8FesNhr_G7D6_SyfN6a09Nsdov8vrtbaXfrLS-f3-7W-F130_MtdJreEudb47y4LA_T6eHx2oWmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rABjfIODMcli4l-d0UPvtlr_LHwAAAABAAAAAAJAAEEhvKgHwoTp24v________8_xgB95o2M_____xsLPQAefAA8CAEAALgYsjb57chY1jlO5ACjCCMAAAAAQstwoUcm6QQViyr____9VgCuAAAEKB4cXNVk0R2UeAsDAABAMGaBHha_3-ywa_xul_n_________N_N_5h-NUIsHbhphTBR7Nb-AAABrfgEBANhoG3IDAPBGAE7QIWjFYLA6BDQbzWYHAAAA4M7___-_HpDyDQfLyWLj2U2WM4vLZXOYNsPBcjgz-WaOlXO5PUhRhWKjtePbfUik6TOaDpKG02wQOi-Wp8kgKrreFrvDafYc1AJZ0-Ty28-ELUaryWSzHM6Wi8lgOBqORvszEIvZAE3EYLmcTBaT3Wq0Gm2Gu9FssEACMZggihYNJqvRaLKYDFejyWq2XOx2G0TRqtVstBkMV7PJbLdbDQfD5WiEJmwxWk0mm-VwtlxMBsPRcDQaIhjYbEyD4WCyltgss7Vo5HG4JQ6Lxy2bzHYzh3M4MW5ca9HrY7qYjMPFZuNFggFae5E8LdKJbjgbeXwbx8Iw8-wGg9FqN1l4diOHxzHYTUy2kUUs0Zws0onssm_5hoPlZLHx7CbLmcXlsjlMm-FgOZyZfDPHyrncFzYb02A4mKwlNstsLRp5HG6Jw-Jxyyaz3czhHE6MG9da9PqYLibjcLHZ-Buz5WSzWQ02s31jtpxsNqvBZrbv0Bm-q8_ZqNwMax2TbbpbnD43p0HhMli806JF2jocfUad1zYRpsbenHdidTkvXoPCc_Coxp9ryGtOiczVg9Z7MCpiieAinShMtofd43LrLS-f324RS5Smi3Sil7t8n79kMBnsBYu9xu82vE4vy-etOT3NZrfI77u7lXa33vLy-e1ujd91Nz3fQqfpLXG-Nc6Ly_IwnR4er11oepstYongdJFORC_j6aL-IwebzSWDzVyxmMwVs8UqAQAAAAAAAABYgkmmmwAAAAA4GcRysFvu1ulABrvVZLNaLoAH31ZdP-e80L8rliu7usVuIwV68hqKNfaYQ5hsD7vH5dZbXj6_3coAHiYhmG32GUGs1WpZAwAAEMAGAAAQwE033gScWXH_____4wAAAATIoQcAAHC8D8gqbL3QA1eKX0FMBpPV_gGoEGu1Wt1urNVqBSyoxW41m0AAAIEV!&excid=22&docw=0&cijs=1&nlb=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.51.138.68 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-138-68.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ch-match.taboola.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 18 Aug 2023 05:03:59 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
si
googleads.g.doubleclick.net/pagead/drt/ Frame 5183
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 234794022749f960a58f52c6b5002407.safeframe.googlesyndication.com
URL: https://234794022749f960a58f52c6b5002407.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 18 Aug 2023 05:03:59 GMT
expires
Fri, 18 Aug 2023 05:03:59 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 18 Aug 2023 05:03:59 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
l
www.google.com/ads/measurement/ Frame B324 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSbSM2HzUwkqtZeR-1mCkj0y1BMQf6qELKXzlnrsDZRTwCJzwfANVCQgDwXqltYMbPbkdK1ZI486QCe-HwrYleXGH4TuQ
Requested by
Host: 234794022749f960a58f52c6b5002407.safeframe.googlesyndication.com
URL: https://234794022749f960a58f52c6b5002407.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f99.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://234794022749f960a58f52c6b5002407.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B324 		180 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 234794022749f960a58f52c6b5002407.safeframe.googlesyndication.com
URL: https://234794022749f960a58f52c6b5002407.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
sffe /
Resource Hash
78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://234794022749f960a58f52c6b5002407.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:04:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57620
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692185840427238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 18 Aug 2023 05:04:00 GMT
truncated
/ Frame B324 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
62c7189df0974cf0f7bf3d4d02c2d6524639299a7e6a09af250b23004b8f7eef

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/png
Enabler.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame A841 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18337494240101138432/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 17:11:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
42762
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5660
x-xss-protection
0
server
cafe
etag
544157900006238945
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 18 Aug 2023 17:11:17 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame A841 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18337494240101138432/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 18:08:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
39330
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 18 Aug 2023 18:08:29 GMT
e229007216e32a7bf3320cdc0417e7d1
a051.oregonlive.com/plugin/library/ 		381 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a051.oregonlive.com/plugin/library/e229007216e32a7bf3320cdc0417e7d1
Requested by
Host: a051.oregonlive.com
URL: https://a051.oregonlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-112.sin5.r.cloudfront.net
Software
- /
Resource Hash
01f15425e65ab41c7510bc5108cdd9c76928488fe6463e24e8b3f25e26f3dba3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:04:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 c38127ef40e972ba03fa4e269bbdb780.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
SIN5-C1
age
770393
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
124950
x-xss-protection
1; mode=block
last-modified
Tue, 08 Aug 2023 07:04:06 GMT
server
-
etag
e229007216e32a7bf3320cdc0417e7d1
content-type
text/javascript; charset=utf-8
cache-control
public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag
noindex, nofollow
x-amz-cf-id
NsdWE5pdeUMzITh5bHL3pKkPMCECFWHqdpxxtVm9R316Rcld4YTbPQ==
expires
Thu, 08 Aug 2024 07:04:06 GMT
LB-Zone-1
a051.oregonlive.com/DG/DEFAULT/rest/rpc/1071/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a051.oregonlive.com/DG/DEFAULT/rest/rpc/1071/LB-Zone-1?referer=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&bcsessionid=&bctempid=fd19278e-918a-4958-b72b-880844952999&overruleReferrer=&time=2023-08-18T13%3A03%3A59%2B08%3A00&ts=1692335039095
Requested by
Host: a051.oregonlive.com
URL: https://a051.oregonlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-112.sin5.r.cloudfront.net
Software
- /
Resource Hash
1a35cf5e4b5ff09bf9fd0740b270d9ce23b8dfb79af554c7ae2e476d190ad8ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Aug 2023 05:03:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 c38127ef40e972ba03fa4e269bbdb780.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
SIN5-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
1375
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.oregonlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
uXpV4IvRaj5npKAVpUR5vaJd83FlDBVXZyr3WeRODLfPk7U3tBKA2w==
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
www.facebook.com/tr/ Frame 567B 		0
31 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.35 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-04-sin6.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.oregonlive.com
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.oregonlive.com
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Fri, 18 Aug 2023 05:03:59 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
115
check.analytics.rlcdn.com/check/ 		25 B
386 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://check.analytics.rlcdn.com/check/115
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-80.sin52.r.cloudfront.net
Software
/
Resource Hash
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Aug 2023 05:03:59 GMT
via
1.1 423016d18a128e118b016383665b6de8.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN52-C3
x-amzn-trace-id
Root=1-64defbbf-2731983524300a6d6ca6256b
x-amzn-requestid
82400229-79ac-4f35-8b9b-4779871deec3
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amz-apigw-id
J1xGAGv8joEFfnA=
content-length
25
x-amz-cf-id
X93ZPW1kcTa73MokrPZQpOcrWrosZkj6_HNMlumgi-TLuJpvKqELFQ==
onetag
assoc-na.associates-amazon.com/ 		64 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://assoc-na.associates-amazon.com/onetag?src=330&pj=%7B%22tracking_id%22%3A%22advanceoregon-20%22%2C%22assocPayloadId%22%3Anull%2C%22refUrl%22%3A%22https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html%22%7D&u=https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Requested by
Host: z-na.associates-amazon.com
URL: https://z-na.associates-amazon.com/onetag/v2?MarketPlace=US&instanceId=b15b987f-f5f5-4eb9-b883-884f1f3a7702
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.215.116.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-215-116-28.compute-1.amazonaws.com
Software
Server /
Resource Hash
c364549868409832a77c42223b49a727ec7e8076ff64089043dc1fed0d5ade1d
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 05:03:59 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
8X5XGBNPRASYEDD085RW
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
application/json
Access-Control-Allow-Origin
https://www.oregonlive.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
64
PugMaster
image6.pubmatic.com/AdServer/ Frame E1DA 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=72830707&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.81 , Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
9dc153af8e590cd9335969119d0584ff72d6a7536a6ca4966589c37314dc2d54

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Fri, 18 Aug 2023 05:02:40 GMT
content-length
1515
content-type
text/html; charset=UTF-8
view
securepubads.g.doubleclick.net/pcs/ Frame 1D66 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstSYjEFyC56JcyN9Zf5tAUQPGU-03rF7yHSxJtTSaddTTNctzTc1pWcgVVwOlqwUT6FisBcsgyPC8K_2kMRNS6QDX6JnLkSQ4E4Nzz1Sgz9_w1OpYK1pRS8cgjJtxXBxJtfVWU9hPeP7-jHoOaUTXk99yd8ho_QFiHZ9Dw-yHNsmtHoCKYUXgRm_H4LILUgZjq8i2kLHU6oK-iQf9L1BMdrPi_mt2XOsyr89ar5Z8K1l_JywUnRx4JIl6-xkr1V8Kh01YglJ7Mjd4hl-tSSQD9IsbIONWvgDolVUkS90BTRvkgZx77cbzNqPYlgyUXeRJyHGFdK9TTV7BbYIK5utbnibOEX62kn&sai=AMfl-YR4otbX5BmqB5hpx4CpUdSj1nCCZhYNdx0Ql47Ft3PGImobYYuSq_zAeRyBfm70Ooydln3nFbwVhVjxNulKq0t9HQ870fxRsutx1velp2oasbH9fS6-qY3Y98XGSuI&sig=Cg0ArKJSzBAlPsaFVTBsEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:04:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 18 Aug 2023 05:04:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 5A28 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssJb3OouL65BQvNNyMXClQO2QKtbv5DgkbMLtBIuN6M_Ejl8RI8-HGxKaTBdjL4iNwk_gRne0rw0EYfMWhKPWddqMihxSdVOfjCgKP2baIKPsclz_u62-Nm3dTdAm-F-VKRfAweqmoHMQWau1_qx55kwtcPxEhCIgwl1FoB7DOMHB7kZ9dCwk3D0e1QJkFZ9prmovIMzV30Bzj3vEUz3KTipi1_Dx7VwFi4cS0p1xAXt12BoyvePi-VkyAwb21EVshnCDnoHsJXWXG5lI1V4yPPsn4f8SJglPb_d6hPWMP2zlAgzvIKmWuRTzuAQYWJl5iS3U4feJazqaeBJWGApwb89r4IIMWt&sai=AMfl-YRxhej65QWEQ5SGEGyC2U3Th5bLC6mMDpq0Iwwp37j0RKmx12GDYg8BMvqVmJytfA0ttdfKRCHsJ-dB6auni8zhf581eOe_s3AYB0AtFyY3_4UM_HwcsJq_6Vglj4Q&sig=Cg0ArKJSzCCihSGLYkWuEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:04:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 18 Aug 2023 05:04:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 39D0 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID551EE106-756F-4E51-B29D-5D3D95B38A23
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 18 Aug 2023 05:03:59 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
NBSM7DMPXBYKHVA8XRR4
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E1DA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=VR7hBnVvTlGynV09lbOKIw%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=an-db5_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
184.51.240.213 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-240-213.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:03:59 GMT
content-encoding
gzip
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=27228
accept-ranges
bytes
content-length
5606
expires
Fri, 18 Aug 2023 12:37:47 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 05:03:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame E1DA
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=551EE106-756F-4E51-B29D-5D3D95B38A23
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=551EE106-756F-4E51-B29D-5D3D95B38A23
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=3642a27d-858e-4c26-b54a-6e8c703ac9d3%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=8b999cfa-351b-4b8b-9198-9c822931a478&ttd_puid=3642a27d-858e-4c26-b54a-6e8c703ac9d3%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=8b999cfa-351b-4b8b-9198-9c822931a478&ttd_puid=3642a27d-858e-4c26-b54a-6e8c703ac9d3%2C%2C
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=an-db5_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:04:00 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 05:04:00 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=8b999cfa-351b-4b8b-9198-9c822931a478&ttd_puid=3642a27d-858e-4c26-b54a-6e8c703ac9d3%2C%2C
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
359
qmap
sync.crwdcntrl.net/ Frame E1DA 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=551EE106-756F-4E51-B29D-5D3D95B38A23&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=an-db5_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.169.66.86 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-169-66-86.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 05:03:59 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.15.243
content-length
49
expires
0
info2
uipapac.semasio.net/pubmatic/1/ Frame E1DA
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=551EE106-756F-4E51-B29D-5D3D95B38A23&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipapac.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=551EE106-756F-4E51-B29D-5D3D95B38A23&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipapac.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=551EE106-756F-4E51-B29D-5D3D95B38A23&sInitiator=external&gdpr=0&gdpr_consent=
42 B
569 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipapac.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=551EE106-756F-4E51-B29D-5D3D95B38A23&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=an-db5_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
119.9.108.191 , Hong Kong, ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 05:03:33 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
42
routing-server-id
1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 05:03:33 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=551EE106-756F-4E51-B29D-5D3D95B38A23&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame E1DA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTUxRUUxMDYtNzU2Ri00RTUxLUIyOUQtNUQzRDk1QjM4QTIz&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=an-db5_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 18 Aug 2023 02:43:21 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 05:03:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame E1DA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJ-16_erUMgiz3hKaz0y4_k&google_cver=1
42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJ-16_erUMgiz3hKaz0y4_k&google_cver=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=an-db5_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 18 Aug 2023 05:04:00 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 05:03:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJ-16_erUMgiz3hKaz0y4_k&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame E1DA
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:F0A81E0D1BBC488EBBC038DE7AB08D2B
42 B
249 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:F0A81E0D1BBC488EBBC038DE7AB08D2B
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=an-db5_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 18 Aug 2023 05:04:00 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Fri, 18 Aug 2023 05:04:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:F0A81E0D1BBC488EBBC038DE7AB08D2B
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 17 Aug 2023 05:04:00 GMT
551EE106-756F-4E51-B29D-5D3D95B38A23
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame E1DA 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/551EE106-756F-4E51-B29D-5D3D95B38A23?gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=an-db5_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.250.69.77 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-69-77.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:03:59 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame E1DA
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=8b999cfa-351b-4b8b-9198-9c822931a478&gdpr=0&gdpr_consent=
42 B
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=8b999cfa-351b-4b8b-9198-9c822931a478&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=an-db5_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 18 Aug 2023 05:03:59 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 05:03:59 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=8b999cfa-351b-4b8b-9198-9c822931a478&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
355
Pug
simage2.pubmatic.com/AdServer/ Frame E1DA
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=85d455f1-a9cd-401c-b4a8-2f85f780b33b&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=7edfd391-d5a6-42c6-90bb-c48894b916f4&expires=1&user_group=5&ssp=pubmatic&bsw_param=85d455f1-a9cd-401c-b4a8-2f85f780b33b&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=85d455f1-a9cd-401c-b4a8-2f85f780b33b&gdpr=0&gdpr_consent=&gdpr_pd=
1 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=85d455f1-a9cd-401c-b4a8-2f85f780b33b&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=an-db5_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Fri, 18 Aug 2023 05:04:01 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=85d455f1-a9cd-401c-b4a8-2f85f780b33b&gdpr=0&gdpr_consent=&gdpr_pd=
Date
Fri, 18 Aug 2023 05:04:01 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
MB_17187_17187_MA_EN_chr_CRE_Gif_Res_970x250_m_ftn_wrk_ani_bme_sen.gif
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18337494240101138432/ Frame A841 		122 KB
122 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18337494240101138432/MB_17187_17187_MA_EN_chr_CRE_Gif_Res_970x250_m_ftn_wrk_ani_bme_sen.gif
Requested by
Host: 234794022749f960a58f52c6b5002407.safeframe.googlesyndication.com
URL: https://234794022749f960a58f52c6b5002407.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
99cb275d093bb93c11e635851806ba83ef96f076ab4845fb0355dd475b05d2c1
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 17 Aug 2023 18:43:10 GMT
x-content-type-options
nosniff
age
37249
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
125221
x-xss-protection
0
last-modified
Fri, 30 Jun 2023 13:58:31 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 16 Aug 2024 18:43:10 GMT
MB_17187_17187_MA_EN_chr_CRE_Gif_Res_728_90_m_ftn_wrk_ani_bme_sen.gif
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18337494240101138432/ Frame A841 		80 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18337494240101138432/MB_17187_17187_MA_EN_chr_CRE_Gif_Res_728_90_m_ftn_wrk_ani_bme_sen.gif
Requested by
Host: 234794022749f960a58f52c6b5002407.safeframe.googlesyndication.com
URL: https://234794022749f960a58f52c6b5002407.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
e5e976e53158e2882bfa3426551172686fa8766efbf520a8a77e8ddcc0b5545c
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 17 Aug 2023 18:43:10 GMT
x-content-type-options
nosniff
age
37249
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
82167
x-xss-protection
0
last-modified
Fri, 30 Jun 2023 13:58:31 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 16 Aug 2024 18:43:10 GMT
MB_17187_17187_MA_EN_chr_CRE_Gif_Res_300_600_m_ftn_wrk_ani_bme_sen.gif
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18337494240101138432/ Frame A841 		103 KB
103 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18337494240101138432/MB_17187_17187_MA_EN_chr_CRE_Gif_Res_300_600_m_ftn_wrk_ani_bme_sen.gif
Requested by
Host: 234794022749f960a58f52c6b5002407.safeframe.googlesyndication.com
URL: https://234794022749f960a58f52c6b5002407.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
71383f87532f79ffe7e588d036b02b521f8a6aabcfd55112bbd9e57a817ec48e
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 17 Aug 2023 18:43:10 GMT
x-content-type-options
nosniff
age
37249
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
105539
x-xss-protection
0
last-modified
Fri, 30 Jun 2023 13:58:31 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 16 Aug 2024 18:43:10 GMT
MB_17187_17187_MA_EN_chr_CRE_Gif_Res_160_600_m_ftn_wrk_ani_bme_sen.gif
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18337494240101138432/ Frame A841 		111 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18337494240101138432/MB_17187_17187_MA_EN_chr_CRE_Gif_Res_160_600_m_ftn_wrk_ani_bme_sen.gif
Requested by
Host: 234794022749f960a58f52c6b5002407.safeframe.googlesyndication.com
URL: https://234794022749f960a58f52c6b5002407.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
a0c439ee8ceda8ae40446e35eacce09e18f1acf2a09c6252bf93963ddae99253
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 17 Aug 2023 18:43:10 GMT
x-content-type-options
nosniff
age
37249
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113490
x-xss-protection
0
last-modified
Fri, 30 Jun 2023 13:58:31 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 16 Aug 2024 18:43:10 GMT
MB_17187_17187_MA_EN_chr_CRE_Gif_Adt_300_250_m_ftn_wrk_ani_bme_sen.gif
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18337494240101138432/ Frame A841 		105 KB
105 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18337494240101138432/MB_17187_17187_MA_EN_chr_CRE_Gif_Adt_300_250_m_ftn_wrk_ani_bme_sen.gif
Requested by
Host: 234794022749f960a58f52c6b5002407.safeframe.googlesyndication.com
URL: https://234794022749f960a58f52c6b5002407.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
3bde72d856094eb6cdb54bd6cbf29d59beb9db4fdbdb71aa5aa117ac191c3729
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 17 Aug 2023 18:43:10 GMT
x-content-type-options
nosniff
age
37249
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
107065
x-xss-protection
0
last-modified
Fri, 30 Jun 2023 13:58:31 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 16 Aug 2024 18:43:10 GMT
usync.js
eus.rubiconproject.com/ Frame 3473 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.51.138.68 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-138-68.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f4dc6984751d8119c3e1f269a2e135838c9b4a56f3fd77bb9e8a6805ab0bf817

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 05:03:59 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Aug 2023 23:27:17 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=66164
Connection
keep-alive
Content-Length
10115
Expires
Fri, 18 Aug 2023 23:26:43 GMT
822.gif
id5-sync.com/k/
Redirect Chain
  • https://id5-sync.com/i/392/8.gif?id5id=ID5*JYGQuMpCN7hk9xHQJYdc9NpAYJPR5uUPEB26wadcDtFcDv-W3AAfX7AqJtgLoFzLXA8rsj3IG0F-VGI3S8vmog&o=api&gdpr_consent=undefined&gdpr=false
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F392%2F112%2F7%2F2.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://uipapac.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F392%2F112%2F7%2F2.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/392/112/7/2.gif?puid=8A4747CF8C22792&gdpr=0&gdpr_consent=
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ac515wr6dudasH1VE53MPiPSY9HObRpr63_ilCgPMg&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F392%2F3%2F6%2F3.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26g...
  • https://id5-sync.com/c/392/3/6/3.gif?puid=37a564de-fbc3-4a00-9e7e-2bfe50407375&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F392%2F108%2F5%2F4.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_con...
  • https://id5-sync.com/c/392/108/5/4.gif?puid=3642a27d-858e-4c26-b54a-6e8c703ac9d3&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/392/2/4/5.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/392/2/4/5.gif?puid=7863576873242556398&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=8b999cfa-351b-4b8b-9198-9c822931a478&ttl=%%TTL%%
  • https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F392%2F10%2F2%2F7.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/392/10/2/7.gif?puid=1908309046779791046&gdpr=0&gdpr_consent=
  • https://token.rubiconproject.com/token?pid=49266&puid={ID5UID}&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/285.gif?puid=LLG4L5CG-H-2N2O&gdpr=0
  • https://inmobi-match.dotomi.com/match/bounce/current?networkId=98193&version=1&gdpr=0&gdpr_consent=
  • https://inmobi-match.dotomi.com/match/bounce/current?DotomiTest=2141ce61f1162281&is_secure=true&networkId=98193&version=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/822.gif?puid=AAAMQiMznviFNgMPlTAHAAAAAAA&expiration=1692421446&is_secure=true&gdpr_consent=&gdpr=0
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/k/822.gif?puid=AAAMQiMznviFNgMPlTAHAAAAAAA&expiration=1692421446&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
HTTP/1.1
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Fri, 18 Aug 2023 05:04:06 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 05:04:06 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://id5-sync.com/k/822.gif?puid=AAAMQiMznviFNgMPlTAHAAAAAAA&expiration=1692421446&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
cs
advancelocal.blueconic.net/DG/DEFAULT/ 		67 B
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://advancelocal.blueconic.net/DG/DEFAULT/cs?bcsessionid=fd19278e-918a-4958-b72b-880844952999&&callback=bc_json1073
Requested by
Host: a051.oregonlive.com
URL: https://a051.oregonlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.88.250.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-88-250-216.compute-1.amazonaws.com
Software
- /
Resource Hash
822f125136158e6ef24c9a40e7f1fadeba25134851f886e64cd3b6b1abb5dcdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 05:03:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-permitted-cross-domain-policies
master-only
content-type
text/javascript; charset=utf-8
p3p
policyref="", CP="DSP"
cache-control
no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag
noindex, nofollow
content-length
85
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/ Frame 3473
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=16698&gdpr=0&us_privacy=1---&gdpr=0&us_privacy=1---&khaos=LLG4L5CG-H-2N2O
  • https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LLG4L5CG-H-2N2O&gdpr=0&us_privacy=1---
0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LLG4L5CG-H-2N2O&gdpr=0&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:04:01 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
184594

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LLG4L5CG-H-2N2O&gdpr=0&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
10af108baa8103fb427a2cc0433d74a0
Expires
0
pixel
cm.g.doubleclick.net/ Frame 3473
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODRjMmQxNGMzY2I5Yjg4YmI4ZmIwMjYyZjhmODRiNTY0OTJlOTAyZQ&gdpr=0&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODRjMmQxNGMzY2I5Yjg4YmI4ZmIwMjYyZjhmODRiNTY0OTJlOTAyZQ&gdpr=0&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Protocol
H3
Server
74.125.130.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 05:04:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODRjMmQxNGMzY2I5Yjg4YmI4ZmIwMjYyZjhmODRiNTY0OTJlOTAyZQ&gdpr=0&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
550b0c1400f70e56269f7c1848fb3166
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 3473
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEP8Od1vImlrzLbb8D84UmfE&google_cver=1
42 B
722 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEP8Od1vImlrzLbb8D84UmfE&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
dedf7fc216a5bbc739a54325e875a79f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 05:03:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEP8Od1vImlrzLbb8D84UmfE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
337
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 3473
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0&us_privacy=1---
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/x8z3Z6UU5BECyIRZm84PgQ?csrc=&gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-nTp9sNJE2oJZYo40DnDNJLhZRAd3DTcH_fnE1A--~A
42 B
722 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-nTp9sNJE2oJZYo40DnDNJLhZRAd3DTcH_fnE1A--~A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
6690dc791bf02dde8c4051a04cfd7bb8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Fri, 18 Aug 2023 05:04:00 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-nTp9sNJE2oJZYo40DnDNJLhZRAd3DTcH_fnE1A--~A
content-length
0
tap.php
pixel.rubiconproject.com/ Frame 3473
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=8b999cfa-351b-4b8b-9198-9c822931a478&gdpr=0&gdpr_consent=&expires=30
42 B
722 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=8b999cfa-351b-4b8b-9198-9c822931a478&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
dedf7fc216a5bbc739a54325e875a79f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 05:03:59 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=8b999cfa-351b-4b8b-9198-9c822931a478&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
dcm
aax-eu.amazon-adsystem.com/s/ Frame 3473 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.115.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 05:04:01 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
2FK72TFHX6MDP0K441Y8
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3473
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TExHNEw1Q0ctSC0yTjJP&gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEDs_I_cFeszPWGswqeJyLmA&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExHNEw1Q0ctSC0yTjJP&google_push=&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExHNEw1Q0ctSC0yTjJP&google_push=&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Protocol
H3
Server
74.125.130.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 05:04:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExHNEw1Q0ctSC0yTjJP&google_push=&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f60a7260b0ebb7a40a81234af4a9e826
Expires
0
setuid
px.ads.linkedin.com/ Frame 3473
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0&us_privacy=1---
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLG4L5CG-H-2N2O&gdpr=0&us_privacy=1---
0
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLG4L5CG-H-2N2O&gdpr=0&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:03:59 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 69D3DD4E1D364A99A6C67236BE6CFDD1 Ref B: SYD03EDGE1715 Ref C: 2023-08-18T05:04:00Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYDK3Tym59/MUvUwC1Tpg==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLG4L5CG-H-2N2O&gdpr=0&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
808ed95536e7f55d8adbcb9fc76d309d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 3473
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=kBTidpe4RWS6hjmxVpt9sQ&rk=usync-na&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=kBTidpe4RWS6hjmxVpt9sQ&gdpr=0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=kBTidpe4RWS6hjmxVpt9sQ&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 05:04:00 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
04NQKV7QWYKENCVKPS02
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=kBTidpe4RWS6hjmxVpt9sQ&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
94869a3d6d62a785bc2a9351b08a70bb
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
1071
a051.oregonlive.com/DG/DEFAULT/rest/rpc/ 		10 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a051.oregonlive.com/DG/DEFAULT/rest/rpc/1071?referer=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&bcsessionid=fd19278e-918a-4958-b72b-880844952999&bctempid=&overruleReferrer=&time=2023-08-18T13%3A03%3A59%2B08%3A00&ts=1692335039999
Requested by
Host: a051.oregonlive.com
URL: https://a051.oregonlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-112.sin5.r.cloudfront.net
Software
- /
Resource Hash
ce535d31146840e941ece690cc900e63d75ab73c199cfde4702c413b73f0528c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Aug 2023 05:04:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 c38127ef40e972ba03fa4e269bbdb780.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
SIN5-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
4482
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.oregonlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
3dNU5CrQUWPn-lf9vMafGyuLOxjrNBbFWmu1blqzcVnnWdVbeDX9Sw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
predict
a051.oregonlive.com/rest/v2/custom/frontend/listener_realtime_model/ 		2 B
884 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a051.oregonlive.com/rest/v2/custom/frontend/listener_realtime_model/predict?itemId=93193c90-1299-460a-add2-602384af02fc&profileId=fd19278e-918a-4958-b72b-880844952999
Requested by
Host: a051.oregonlive.com
URL: https://a051.oregonlive.com/plugin/plugin/16a4d4e758b25fe907f9822eaf892137
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-112.sin5.r.cloudfront.net
Software
- /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:04:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 c38127ef40e972ba03fa4e269bbdb780.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
SIN5-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
22
x-xss-protection
1; mode=block
pragma
no-cache
server
-
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.oregonlive.com
cache-control
no-cache="Set-Cookie"
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
Myx4YxcedZEK7Lo8_8DwWuWm0_yd_ZbZCza1Jxh7eDOcvedTcWNNdw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
1071
a051.oregonlive.com/DG/DEFAULT/rest/rpc/ 		562 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a051.oregonlive.com/DG/DEFAULT/rest/rpc/1071?referer=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&bcsessionid=fd19278e-918a-4958-b72b-880844952999&bctempid=&overruleReferrer=&time=2023-08-18T13%3A04%3A00%2B08%3A00&ts=1692335040026
Requested by
Host: a051.oregonlive.com
URL: https://a051.oregonlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-112.sin5.r.cloudfront.net
Software
- /
Resource Hash
1688c3ca6b072079c18c4247337add064da97faee17a23ec3425bbe1efba5de4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Aug 2023 05:04:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 c38127ef40e972ba03fa4e269bbdb780.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
SIN5-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
180
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.oregonlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
oJiHTEMp76p-4ufLreycnTb6jimoBVPYbVbBuM-JEkU7gOofUFoVTw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
1071
a051.oregonlive.com/DG/DEFAULT/rest/rpc/ 		188 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a051.oregonlive.com/DG/DEFAULT/rest/rpc/1071?referer=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&bcsessionid=fd19278e-918a-4958-b72b-880844952999&bctempid=&overruleReferrer=&time=2023-08-18T13%3A04%3A00%2B08%3A00&ts=1692335040027
Requested by
Host: a051.oregonlive.com
URL: https://a051.oregonlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-112.sin5.r.cloudfront.net
Software
- /
Resource Hash
c93f5ea04ed8fed4aaccc962902a3b6b17b68aa591b65c590cc69c6ca48a8a30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Aug 2023 05:04:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 c38127ef40e972ba03fa4e269bbdb780.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
SIN5-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
167
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.oregonlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
ZNi7quyxpsOIppi9e7ACLGDev14IhSTKzJYfr3FHRENt0LCA_d5ybQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
1071
a051.oregonlive.com/DG/DEFAULT/rest/rpc/ 		188 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a051.oregonlive.com/DG/DEFAULT/rest/rpc/1071?referer=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&bcsessionid=fd19278e-918a-4958-b72b-880844952999&bctempid=&overruleReferrer=&time=2023-08-18T13%3A04%3A00%2B08%3A00&ts=1692335040052
Requested by
Host: a051.oregonlive.com
URL: https://a051.oregonlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-112.sin5.r.cloudfront.net
Software
- /
Resource Hash
ef990e970b20d0ee4d4b4496db200868a93c9f03470805ce14fd159a1385aec1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Aug 2023 05:04:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 c38127ef40e972ba03fa4e269bbdb780.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
SIN5-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
168
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.oregonlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
OwnFRJxIm-NzYTaaXwumeQC0OawHX33DtNGIGcQ5decb2T4O1u7Q0A==
expires
Thu, 01 Jan 1970 00:00:00 GMT
1071
a051.oregonlive.com/DG/DEFAULT/rest/rpc/ 		188 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a051.oregonlive.com/DG/DEFAULT/rest/rpc/1071?referer=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&bcsessionid=fd19278e-918a-4958-b72b-880844952999&bctempid=&overruleReferrer=&time=2023-08-18T13%3A04%3A00%2B08%3A00&ts=1692335040055
Requested by
Host: a051.oregonlive.com
URL: https://a051.oregonlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-112.sin5.r.cloudfront.net
Software
- /
Resource Hash
d33a0d6891aa41d5f9a32d71c5a6ced8a0b817a87ebcfc2c6a37223943bbe2b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Aug 2023 05:04:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 c38127ef40e972ba03fa4e269bbdb780.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
SIN5-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
168
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.oregonlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
0pDS6-twTjMz6Ur-zs18Yr83KwoIj1YpVT9h2YwmH5cXkjp0ucVTRg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
1071
a051.oregonlive.com/DG/DEFAULT/rest/rpc/ 		20 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a051.oregonlive.com/DG/DEFAULT/rest/rpc/1071?referer=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&bcsessionid=fd19278e-918a-4958-b72b-880844952999&bctempid=&overruleReferrer=&time=2023-08-18T13%3A04%3A00%2B08%3A00&ts=1692335040056
Requested by
Host: a051.oregonlive.com
URL: https://a051.oregonlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-112.sin5.r.cloudfront.net
Software
- /
Resource Hash
b4893d8c39500f7135b6a34250844d957452ff63d7cf6fbbd6f3afa858b6454e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Aug 2023 05:04:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 c38127ef40e972ba03fa4e269bbdb780.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
SIN5-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
4564
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.oregonlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
lNWfjYvRmXttdQf87lcA4ZZTLIsCNu3-PN8UV0abqsfavzbT7RL5rA==
expires
Thu, 01 Jan 1970 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1442454486&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&dp=%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&ul=en-us&de=UTF-8&dt=Computers%20still%20down%20in%20Oregon%20county%20hit%20by%20cyberattack%20-%20oregonlive.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Blueconic&ea=segments&_u=aDDAAEABAAQCACgFKAC~&jid=&gjid=&cid=858605516.1692335035&tid=UA-16643585-5&_gid=1376214605.1692335038&gtm=45He38g0n81PJ8XJM8&cd1=undefined&cd2=1---&cd3=computers%20still%20down%20in%20oregon%20county%20hit%20by%20cyberattack&cd6=undefined&cd11=undefined&cd16=undefined&cd18=undefined&cd19=undefined&cd20=false&cd21=%40hp-top-stories&cd23=CINFM3HB25GGDPLVS5QIEHJCOQ&cd28=bamaap&cd29=undefined&cd30=cal&cd31=undefined&cd33=undefined&cd34=1&cd35=undefined&cd36=Defense%20and%20Cybersecurity&cd37=news&cd46=cal&cd47=desktop&cd50=Blueconic%20-%20event%20call&cd52=undefined&cd54=News&cd55=2020-01-30T00%3A07%3A33.935Z&cd56=2020-01-30T00%3A07%3A33.935Z&cd57=location%7Cperson%7Clocation&cd58=City%20Hall%7CGordon%20McCraw%7CTillamook%20County&cd60=undefined&cd62=undefined&cd63=undefined&cd64=undefined&cd65=undefined&cd66=undefined&cd67=undefined&cd68=undefined&cd69=undefined&cd70=undefined&cd71=undefined&cd72=undefined&cd73=undefined&cd74=undefined&cd87=sub-group-c&cd99=undefined&cd100=4d9a01da34958f70238a20be8a904041&cd101=081c00a15d0180ed94e248888e4916d53938e9716699b50234e936fa923fae2a&cd102=undefined&cd103=undefined&cd61=858605516.1692335035&cd76=a0002&cd77=undefined&cd78=undefined&cd79=undefined&cd80=undefined&cd85=undefined&cd89=undefined&cd96=1&cm1=undefined&cm2=undefined&cm3=undefined&cm4=undefined&z=40058029
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f101.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 15:32:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
48710
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
1071
a051.oregonlive.com/DG/DEFAULT/rest/rpc/ 		188 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a051.oregonlive.com/DG/DEFAULT/rest/rpc/1071?referer=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&bcsessionid=fd19278e-918a-4958-b72b-880844952999&bctempid=&overruleReferrer=&time=2023-08-18T13%3A04%3A00%2B08%3A00&ts=1692335040067
Requested by
Host: a051.oregonlive.com
URL: https://a051.oregonlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-112.sin5.r.cloudfront.net
Software
- /
Resource Hash
b5ce50f9a3f94ce9b73fa9a01dc76f2ec8a2ac9c5d4dbaa50db0bcf6fdf21311
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Aug 2023 05:04:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 c38127ef40e972ba03fa4e269bbdb780.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
SIN5-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
167
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.oregonlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
XboGClureZBt3Odh7DSAilJvKe2Tu5K_RjLf0AJ_la978q5IGFJdRw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
1071
a051.oregonlive.com/DG/DEFAULT/rest/rpc/ 		188 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a051.oregonlive.com/DG/DEFAULT/rest/rpc/1071?referer=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&bcsessionid=fd19278e-918a-4958-b72b-880844952999&bctempid=&overruleReferrer=&time=2023-08-18T13%3A04%3A00%2B08%3A00&ts=1692335040068
Requested by
Host: a051.oregonlive.com
URL: https://a051.oregonlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-112.sin5.r.cloudfront.net
Software
- /
Resource Hash
2cde01f5fc4501e4c4f2c58e784d5929a2572895e30ba2b6ae5d7cdcc21727e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Aug 2023 05:04:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 c38127ef40e972ba03fa4e269bbdb780.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
SIN5-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
167
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.oregonlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
27xC_B4EgWNClT4Ezt3rFClS4FrpT0ZenAy77-Jub26tSBvrs82PIQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
1071
a051.oregonlive.com/DG/DEFAULT/rest/rpc/ 		188 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a051.oregonlive.com/DG/DEFAULT/rest/rpc/1071?referer=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&bcsessionid=fd19278e-918a-4958-b72b-880844952999&bctempid=&overruleReferrer=&time=2023-08-18T13%3A04%3A00%2B08%3A00&ts=1692335040070
Requested by
Host: a051.oregonlive.com
URL: https://a051.oregonlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-112.sin5.r.cloudfront.net
Software
- /
Resource Hash
e4341ccc70b48e406963707f813f3d598e971029a27356fb0c5f55c3941f0bb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Aug 2023 05:04:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 c38127ef40e972ba03fa4e269bbdb780.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
SIN5-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
167
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.oregonlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
ZjWBR0HzsJSChTnwKEO3LiJf1SC8MY7pOD4jw4uV0VMl8suFhGx5pQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
1071
a051.oregonlive.com/DG/DEFAULT/rest/rpc/ 		188 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a051.oregonlive.com/DG/DEFAULT/rest/rpc/1071?referer=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&bcsessionid=fd19278e-918a-4958-b72b-880844952999&bctempid=&overruleReferrer=&time=2023-08-18T13%3A04%3A00%2B08%3A00&ts=1692335040071
Requested by
Host: a051.oregonlive.com
URL: https://a051.oregonlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-112.sin5.r.cloudfront.net
Software
- /
Resource Hash
735dee2b2dfd8f5f809fddc1a5319d4bff8686e2661638d2da319d693732bc24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Aug 2023 05:04:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 c38127ef40e972ba03fa4e269bbdb780.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
SIN5-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
167
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.oregonlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
MjrCZmjRg1cS7_w9Q__lFUPiD2tdQhTpe04zxv7c1ttNRKiOQ33hmQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
1071
a051.oregonlive.com/DG/DEFAULT/rest/rpc/ 		11 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a051.oregonlive.com/DG/DEFAULT/rest/rpc/1071?referer=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&bcsessionid=fd19278e-918a-4958-b72b-880844952999&bctempid=&overruleReferrer=&time=2023-08-18T13%3A04%3A00%2B08%3A00&ts=1692335040079
Requested by
Host: a051.oregonlive.com
URL: https://a051.oregonlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-112.sin5.r.cloudfront.net
Software
- /
Resource Hash
7e4c31f162892bc4786ca720fd465e5006849710cbef9e2d2aa41bd44d70c472
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Aug 2023 05:04:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 c38127ef40e972ba03fa4e269bbdb780.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
SIN5-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
4798
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.oregonlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
jr90z0RS3afsIhChOpWP8evTGg90Sk1zA6YcUUEP6_GqTzRpdcz-Qg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel.gif
px.moatads.com/ 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=ADVANCEDDIGITAL_DFP1&hp=1&wf=1&ra=6&pxm=1&sgs=3&vb=4&pl=0&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1692335036306&de=439293034369&rx=818617337947&m=0&ar=2e6b325d-clean&iw=1138ff4&q=2&cb=0&cu=1692335036306&ll=2&lm=0&ln=0&em=0&en=0&d=1485972055%3A558359335%3A1720211575%3A138411207445&bo=343101415&bp=388286695&bd=undefined&zMoatAU=%2F344101295%2FOR%2Fwww.oregonlive.com%2Fnews&zMoatProduct=cal&zMoatPS=-&zMoatSlot=RightRail_Bottom&zMoatPlatform=desktop&zMoatVersion=-&zMoatATF=false&zMoatCounter=1&zMoatOrigSlicer1=343101415&zMoatOrigSlicer2=388286695&zMoatJS=-&zMoatAdUnit1=-&zMoatAdUnit2=-&zMoatSM=-&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&id=1&ii=4&dfp=0%2C1&la=388286695&gw=advanceddigitalheader640552616592&fd=1&it=500&ti=0&ih=2&pe=1%3A3422%3A3422%3A0%3A3412&fs=42&na=1751059496&cs=0
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.241.170 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-241-170.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 05:04:01 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 18 Aug 2023 05:04:01 GMT
i.png
trx-hub.com/i/m/ 		128 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trx-hub.com/i/m/i.png?q=N4IghgLhBOD6BmB7aB3M0AmBLAdgcxAC5gBfAGhAFsBTCMDSMI0iiLS3A48kAV2gA2AZ2Y9IMWGAAOU6jgyiKUsHmqwYYAMbUiAbVBDE-bURAALKFKGEA9DZQOAdMmp5EOAVgBu1R5sSUNjjUKEI2AEwADFE2kQCMNv6UUrwQ1NBCALRCbAICmRiIKDiZuJkubiX+vDgQAJ6ZZlgQmQBGDZp1reniWgDWjhaUAiAU0NTw6ePQpqPgUHBIqOjY+KIkALoUmrw5AbA0dIogmp5yEOrsOoQgUeEAzJmRAByZcc8AKpEArISRACx-SKOcJxACcAC05spVJcIAJriAAMIBFJpDIAAhyWDyGMKxQxuAxAHlxpUMdVanUMU0IBj2hSuj0oP0MZkMRV3J4fH4AnMsFgFDcBRg4gA2MEPe7fAHRcHwABWBAo1B8tXUdVkpnYUnGQiEWHccx2exocEFpnoXjAOG0sH+cQA7BgwbBOThjYKpHFLRhrba1A7nWDPRgpOFTO6QCQgA
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-94.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a4d450d9f67e06c84c82a9a8c58cfc96fd91795b935201dace82e858732ddea6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 03:04:16 GMT
via
1.1 f2f73edfafc086543441bca742024226.cloudfront.net (CloudFront)
last-modified
Mon, 24 Aug 2020 04:40:25 GMT
server
AmazonS3
x-amz-cf-pop
SIN5-C1
age
39585
etag
"90eb1bf3b49429bde87a3b5f0b53e6a5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
128
x-amz-cf-id
aMceqz9-mbhvsJGOWlKP6kQMWDVxyHl8VT3oRL0vmArNRTGl_z0xxQ==
mbox
vidanalytics.taboola.com/putes/ 		2 B
164 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://vidanalytics.taboola.com/putes/mbox
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/advance-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

x-cache-hits
0
date
Fri, 18 Aug 2023 05:04:01 GMT
via
1.1 varnish
x-backend-name
5i41NEgLZrTBnTzubPzIMu--F_NLB_VIDEO_UI_00102
server
nginx
x-timer
S1692335041.355202,VS0,VE221
x-cache
MISS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.oregonlive.com
access-control-allow-credentials
true
accept-ranges
bytes
content-length
2
x-served-by
cache-bfi-krnt7300100-BFI
activeview
pagead2.googlesyndication.com/pcs/ Frame 1D66 		42 B
404 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst1apfJjph6WbWTUeopdIXK0Rl-4fR1KD3E4ATzLlciNOiyR7n-gf9p9pCR8-gxemWGmAMPJrIkty1-6vgJOR-BxjQQRDP_k00MdnWZ5zH8lSD_-Mx4&sig=Cg0ArKJSzFaNibt7aP9ZEAE&id=lidar2&mcvt=1005&p=674,975,1274,1275&mtos=0,1005,1005,1005,1005&tos=0,1005,0,0,0&v=20230816&bin=7&avms=nio&bs=1600,1200&mc=0.88&vu=1&app=0&itpl=3&adk=3930182481&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692335037930&rpt=1460&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 05:04:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame B324
Redirect Chain
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=CNfgEvfveZOzsDYyLssUPot-c-AjqqNqvcraH67HiEZjo5IeYFRABILfI00dgpYCAgJABoAHtwtm1AsgBCeACAKgDAcgDAqoE6gJP0AoSLgurB2PUAeyuvTELonKyPLvCup2ahDuNs4e5...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xa4ca99c8ae68f21a0000000000000000%22,%222%22:%220x93703c8f2be0035e0000000000000000%22,%225%22:%220x815472...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xa4ca99c8ae68f21a0000000000000000%22,%222%22:%220x93703c8f2be0035e0000000000000000%22,%225%22:%220x815472d132c9d7af0000000000000000%22},%22debug_key%22:%224469048895941089650%22,%22debug_reporting%22:true,%22destination%22:%22https://muscle-booster.io%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22649486701%22],%224%22:[%2208-18%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223729397240287554513%22}&andc=true
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H3
Server
64.233.170.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://234794022749f960a58f52c6b5002407.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:04:02 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0xa4ca99c8ae68f21a0000000000000000","2":"0x93703c8f2be0035e0000000000000000","5":"0x815472d132c9d7af0000000000000000"},"debug_key":"4469048895941089650","debug_reporting":true,"destination":"https://muscle-booster.io","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["649486701"],"4":["08-18"],"6":["true"]},"priority":"500","source_event_id":"3729397240287554513"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
null
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 18 Aug 2023 05:04:02 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 18 Aug 2023 05:04:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xa4ca99c8ae68f21a0000000000000000","2":"0x93703c8f2be0035e0000000000000000","5":"0x815472d132c9d7af0000000000000000"},"debug_key":"4469048895941089650","debug_reporting":true,"destination":"https://muscle-booster.io","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["649486701"],"4":["08-18"],"6":["true"]},"priority":"500","source_event_id":"3729397240287554513"}&andc=true
access-control-allow-origin
https://234794022749f960a58f52c6b5002407.safeframe.googlesyndication.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CNfgEvfveZOzsDYyLssUPot-c-AjqqNqvcraH67HiEZjo5IeYFRABILfI00dgpYCAgJABoAHtwtm1AsgBCeACAKgDAcgDAqoE6gJP0AoSLgurB2PUAeyuvTELonKyPLvCup2ahDuNs4e5xg69mY9oKYo5Y2M-P_OlWsLul-Uc7xUvaabdDr4Epahf187xVZHDGKy4WZsu3titLBiaY8LDbFiTEbK3JhNZvjRhtB7DXfJ5-YwB0cSumBpc5Yih-HkQKKhnFgVWOWvFiMBHvlofuZqIpmvNOdmh-1OjcdS_BgRDP3q7TmGKOnIAoIHWmEqGp3jlV52ZuYwLdT1vwpfA1AKQpPRYsMZ1Un6us_SKpGqo05Ju0eRlRWBIWldb01JsGcmHYz8rL6V1Bu84bd0NaS-JK2xV9vlrADBldAhLHyblHWx_3nLyIWAbMgi7lEwa2Yp2B9vbExMermXsNTV9MNZ--E1cvuU3mQoPkO5zVVunig9nvt8GtRU5qayDd0s2qEjxswgN67j9BQ7k35RYK3J5PbLwp4G5vSAxZybg_bQQOqJHD9HBEdN7SM_kwEeEIXbvcMAE44HT9cwE4AQBkgUECAQYAZIFBAgFGASgBl2AB_u8psoBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQqKIM0ggUCIBhEAEYHTICigI6AoBASL39wTqaCaoBaHR0cHM6Ly9tdXNjbGUtYm9vc3Rlci5pbz9icmFuY2gtbmFtZT1jaGFpciZ0ZXN0LW5hbWU9Z28xY2loJnV0bV9zb3VyY2U9Z29vZ2xlJnV0bV9tZWRpdW09Y3BjJmNhbXBhaWduX2lkPTIwNDU0MTA2MjM4JmFkZ3JvdXBfaWQ9MTU4MDg2Nzc1MDExJmFkX2lkPTY2OTcyMjc3MTAwNCZ1dG1fdGVybT2ACgPICwHaDBAKChDg9dSazcS9_gcSAgED2BMN0BUBmBYBgBcBshceChwIABIUcHViLTY0MjIyMzE2NTE0OTMyNzgY35Ef&sigh=uNJfgdjtRoc&uach_m=[UACH]&ase=2&cid=CAQSPABpAlJWKuU_arY4FG9rlvI8qEaJRbdeBROJituB_QAaRAWtYadpm-PcvmSaXdiDC7b3qbTqH1LGnvw0jBgB&cbvp=2&vis=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://234794022749f960a58f52c6b5002407.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://234794022749f960a58f52c6b5002407.safeframe.googlesyndication.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 18 Aug 2023 05:04:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
1071
a051.oregonlive.com/DG/DEFAULT/rest/rpc/ 		11 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a051.oregonlive.com/DG/DEFAULT/rest/rpc/1071?referer=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&bcsessionid=fd19278e-918a-4958-b72b-880844952999&bctempid=&overruleReferrer=&time=2023-08-18T13%3A04%3A00%2B08%3A00&ts=1692335040863
Requested by
Host: a051.oregonlive.com
URL: https://a051.oregonlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-112.sin5.r.cloudfront.net
Software
- /
Resource Hash
a1b7d071e72234d7479182d42e905ce27a8d372a4961d2f402974d4f58da7e81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Aug 2023 05:04:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 c38127ef40e972ba03fa4e269bbdb780.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
SIN5-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
4798
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.oregonlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
lRMmncTIHEZRPBqEdEXj13bSJ2LchcCe0er2a8uSAnuoNv--xYI2Iw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xa4ca99c8ae68f21a0000000000000000%22,%222%22:%220x93703c8f2be0035e0000000000000000%22,%225%22:%220x815472d132c9d7af0000000000000000%22},%22debug_key%22:%224469048895941089650%22,%22debug_reporting%22:true,%22destination%22:%22https://muscle-booster.io%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22649486701%22],%224%22:[%2208-18%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223729397240287554513%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
null
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 18 Aug 2023 05:04:01 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
getuserdbdata
app.matheranalytics.com/u/ 		54 B
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.matheranalytics.com/u/getuserdbdata
Requested by
Host: js.matheranalytics.com
URL: https://js.matheranalytics.com/s/ma63527/484602609/all/ml.js?cb=1632
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.255.72 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
72.255.186.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
44026785039df91c14b8c331292992e1fd71a23acdd5cb09c40d12d1c8e8aaac

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 18 Aug 2023 05:04:01 GMT
via
1.1 google
content-type
text/plain
server
nginx
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-served-by
5-gc-use1-dhzl0114
execute
c2.piano.io/xbuilder/experience/ 		15 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2.piano.io/xbuilder/experience/execute?aid=aUOJ4c05bh
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.240.21 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e85b40ae2d4eab5be9eb53afdacfc84a9055c5f4bc7e5465a3e9eb156c55761
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 18 Aug 2023 05:04:02 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400
x-request-id
tuui2w6jwk
pragma
no-cache
server
cloudflare
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.oregonlive.com
access-control-expose-headers
Composer-Request-Control-Policy
cache-control
no-cache, no-store
access-control-allow-credentials
true
cf-ray
7f879d1b3f4ea941-SYD
pixel.gif
px.moatads.com/ 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=6&pxm=1&sgs=3&vb=4&kq=1&lo=3&uk=null&pk=1&wk=1&rk=1&tk=1&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F15405676982247968343&i=ADVANCEDDIGITAL_DFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BG%24%3D!!tFQ%5BhKjWfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-sISpS2PucglBbk5475S6XrSoK4rogWbxm7rLGdl3vY3c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-eVpGhov6BziEcg%3D%3D&sc=1&os=1-Ag%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-480&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=0&h=600&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&id=1&ii=4&pl=0&f=0&j=&t=1692335036306&de=403739846066&rx=818617337947&cu=1692335036306&m=3410&ar=2e6b325d-clean&iw=1138ff4&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4405&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=88&vx=88%3A-%3A-&pe=1%3A3422%3A3422%3A0%3A3412&as=0&ag=20&an=0&gf=0&gg=0&ix=0&ic=0&ez=1&aj=1&pg=88&pf=0&ib=1&cc=0&bw=20&bx=0&dj=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=40&cd=0&ah=40&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=1485972055%3A558359335%3A1720211575%3A138411207715&bo=343101415&bp=388286695&bd=undefined&gw=advanceddigitalheader640552616592&zMoatOrigSlicer1=343101415&zMoatOrigSlicer2=388286695&dfp=0%2C1&la=388286695&zMoatAU=%2F344101295%2FOR%2Fwww.oregonlive.com%2Fnews&zMoatProduct=cal&zMoatPS=-&zMoatSlot=RightRail_Top&zMoatPlatform=desktop&zMoatVersion=-&zMoatATF=true&zMoatCounter=1&zMoatJS=3%3A-&zMoatAdUnit1=-&zMoatAdUnit2=-&zMoatSM=-&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&oq=0&ot=cc&ti=0&ih=2&tc=0&fs=42&na=1999925236&cs=0
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.241.170 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-241-170.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 05:04:01 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 18 Aug 2023 05:04:01 GMT
collect
www.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-PWR1T65GXN&gtm=45je38g0&_p=1442454486&cid=858605516.1692335035&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&dt=Computers%20still%20down%20in%20Oregon%20county%20hit%20by%20cyberattack&dp=%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&dl=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&sid=1692335035&sct=1&seg=0&_s=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PWR1T65GXN&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f101.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 05:04:01 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.oregonlive.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame E1DA 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.76 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:04:00 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pixel.gif
px.moatads.com/ 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=6&pxm=1&sgs=3&vb=4&kq=1&lo=3&uk=null&pk=1&wk=1&rk=1&tk=1&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F10945350616414006256&i=ADVANCEDDIGITAL_DFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BG%24%3D!!tFQ%5BhKjWfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-sISpS2PucglBbk5475S6XrSoK4rogWbxm7rLGdl3vY3c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-eVpGhov6BziEcg%3D%3D&sc=1&os=1-Ag%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-480&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=0&h=600&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&id=1&ii=4&pl=0&f=0&j=&t=1692335036306&de=439293034369&rx=818617337947&cu=1692335036306&m=3416&ar=2e6b325d-clean&iw=1138ff4&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4405&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A3422%3A3422%3A0%3A3412&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10&cd=0&ah=10&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=1485972055%3A558359335%3A1720211575%3A138411207445&bo=343101415&bp=388286695&bd=undefined&gw=advanceddigitalheader640552616592&zMoatOrigSlicer1=343101415&zMoatOrigSlicer2=388286695&dfp=0%2C1&la=388286695&zMoatAU=%2F344101295%2FOR%2Fwww.oregonlive.com%2Fnews&zMoatProduct=cal&zMoatPS=-&zMoatSlot=RightRail_Bottom&zMoatPlatform=desktop&zMoatVersion=-&zMoatATF=false&zMoatCounter=1&zMoatJS=3%3A-&zMoatAdUnit1=-&zMoatAdUnit2=-&zMoatSM=-&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&oq=0&ot=0&ti=0&ih=2&tc=0&fs=42&na=102202133&cs=0
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.241.170 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-241-170.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 05:04:01 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 18 Aug 2023 05:04:01 GMT
OvaMediaPlayer.js
vidstat.taboola.com/vpaid/vPlayer/player/v15.4.1/ 		447 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v15.4.1/OvaMediaPlayer.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_2_1/infra/cmTagINLINE_INSTREAM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
aa56a655b6cb77a3c0035819033d02970bba3770850f506e8d61163098ab63a0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-meta-mtime
1692176463
date
Fri, 18 Aug 2023 05:04:01 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
7XFYAF74582J7ZHZ
age
158522
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1692176476
x-amz-meta-mode
33188
content-length
85942
x-amz-id-2
qLHbR7fLjEd+VlC3cSVBOpxqmCafve8HOY3m+CT5CpKeEEilrLzLCI8LrvM1txG/JoGUGqTMWIQ=
x-served-by
cache-bfi-krnt7300100-BFI
last-modified
Wed, 16 Aug 2023 09:01:17 GMT
server
AmazonS3-br
x-timer
S1692335042.799422,VS0,VE0
etag
"4992e49389d98d37c3b5ca7742d2f7dd"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
20763
sync
ch-match.taboola.com/ Frame 45C7 		566 B
651 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ch-match.taboola.com/sync?dast=V8kLgCLAbU6DeRE8HlnBKo0W8iJ4LLOS0AAABgYOD4AImsPDbfcmNzC1aziVs0mq3WCt_ItxYZJw7DcLeczSwLIyCRlcfmW25sbsFqNnGLRrPVWuEb-dYi48RhGO6Ws5llYQUk0vQZTQdJw2k2CJ0Xy9NkEBVdb4vd4TR7DmqBrGly-d2gDE2nw-e61-t-v7ve8vL57Wan7WXX-N1-ucv3-UsGk8FesNhr_G7D6_SyfN6a09Nsdov8vrtbaXfrLS-f3-7W-F130_MtdJreEudb47y4LA_T6eHx2oWmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rABjfIODMcli4l-d0UPvtlr_LHwAAAABAAAAAAJAAEEhvKgHwoTp24v________8_xgB95o2M_____xsLPQAefAA8CAEAALgYsjb57chY1jlO5ACjCCMAAAAAQstwoUcm6QQViyr____9VgCuAAAEKB4cXNVk0R2UeAsDAABAMGaBHha_3-ywa_xul_n_________N_N_5h-NUIsHbhphTBR7Nb-AAABrfgEBANhoG3IDAPBGAE7QIWjFYLA6BDQbzWYHAAAA4M7___-_HpDyDQfLyWLj2U2WM4vLZXOYNsPBcjgz-WaOlXO5PUhRhWKjtePbfUik6TOaDpKG02wQOi-Wp8kgKrreFrvDafYc1AJZ0-Ty28-ELUaryWSzHM6Wi8lgOBqORvszEIvZAE3EYLmcTBaT3Wq0Gm2Gu9FssEACMZggihYNJqvRaLKYDFejyWq2XOx2G0TRqtVstBkMV7PJbLdbDQfD5WiEJmwxWk0mm-VwtlxMBsPRcDQaIhjYbEyD4WCyltgss7Vo5HG4JQ6Lxy2bzHYzh3M4MW5ca9HrY7qYjMPFZuNFggFae5E8LdKJbjgbeXwbx8Iw8-wGg9FqN1l4diOHxzHYTUy2kUUs0Zws0onssm_5hoPlZLHx7CbLmcXlsjlMm-FgOZyZfDPHyrncFzYb02A4mKwlNstsLRp5HG6Jw-Jxyyaz3czhHE6MG9da9PqYLibjcLHZ-Buz5WSzWQ02s31jtpxsNqvBZrbv0Bm-q8_ZqNwMax2TbbpbnD43p0HhMli806JF2jocfUad1zYRpsbenHdidTkvXoPCc_Coxp9ryGtOiczVg9Z7MCpiieAinShMtofd43LrLS-f324RS5Smi3Sil7t8n79kMBnsBYu9xu82vE4vy-etOT3NZrfI77u7lXa33vLy-e1ujd91Nz3fQqfpLXG-Nc6Ly_IwnR4er11oepstYongdJFORC_j6aL-IwebzSWDzVyxmMwVs8UqAQAAAAAAAABYgkmmmwAAAAA4GcRysFvu1ulABrvVZLNaLoAH31ZdP-e80L8rliu7usVuIwV68hqKNfaYQ5hsD7vH5dZbXj6_3coAHiYhmG32GUGs1WpZAwAAEMAGAAAQwE033gScWXH_____4wAAAATIoQcAAHC8D8gqbL3QA1eKX0FMBpPV_gGoEGu1Wt1urNVqBSyoxW41m0AAAIEV!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_2_1/infra/cmTagINLINE_INSTREAM.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
959568437a1894bc414600b65e4a3e7f5971e3b5768f8b589650ae99caf8e658

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Fri, 18 Aug 2023 05:04:01 GMT
machineid
3805
server
nginx
loading2.png
vidstat.taboola.com/assets/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vidstat.taboola.com/assets/loading2.png
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4f2b7e987474183ea3293084c5069b7a5227876ed8fa10da3dd3588ee7124c16

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-meta-mtime
1498646328
date
Fri, 18 Aug 2023 05:04:01 GMT
via
1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop
SEA73-P1
age
849374
x-cache
Hit from cloudfront, HIT
x-amz-meta-mode
33188
content-length
24300
x-served-by
cache-bfi-krnt7300100-BFI
last-modified
Sun, 02 Jul 2017 14:25:04 GMT
server
AmazonS3
x-timer
S1692335042.823891,VS0,VE0
etag
"ead84d746b6ee07ee78dc4243d7349c8"
x-amz-meta-uid
0
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
an1ibIEs2AQOuFb-VxrNqmDC8Xi6DASXhuLVAZn01qeEYS37gb6kow==
x-cache-hits
43627
replay-button.svg
vidstat.taboola.com/assets/ 		1 KB
984 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vidstat.taboola.com/assets/replay-button.svg
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a9aca50019231f85f469a5e0019bf363b41b9886b238a44bb1fe837ca4408da1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:04:01 GMT
via
1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
SEA73-P1
age
677827
x-cache
Miss from cloudfront, HIT
content-length
701
x-served-by
cache-bfi-krnt7300100-BFI
last-modified
Wed, 13 Feb 2019 09:30:13 GMT
server
AmazonS3
x-timer
S1692335042.824395,VS0,VE0
etag
"e871e80b457ead7801d3bbe63b25c4fb"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
N8Q_VISAoVRXVBmsP1P0E0GM1Sf1Wr0lwOsVHYcBsZHxGunflxlk-g==
x-cache-hits
29568
replay-button-hover.svg
vidstat.taboola.com/assets/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vidstat.taboola.com/assets/replay-button-hover.svg
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d92c3106afa291abcefd52dd891825af921521fb643b4ce9e432e7d555bba2f8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:04:01 GMT
via
1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
SEA73-P1
age
935462
x-cache
Hit from cloudfront, HIT
content-length
709
x-served-by
cache-bfi-krnt7300100-BFI
last-modified
Wed, 13 Feb 2019 09:30:13 GMT
server
AmazonS3
x-timer
S1692335042.824562,VS0,VE0
etag
"ae0344bce724db935e4f7ba6573ee516"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
lwD2ZC0wdNGpd5JBWuBUCPApZMi-lGOXhtYLbnrP_SMis_Gv6EuJ6g==
x-cache-hits
42144
learn-more-button.svg
vidstat.taboola.com/assets/ 		2 KB
918 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vidstat.taboola.com/assets/learn-more-button.svg
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f0648e82e4c77d04dac47abdae61b19b9a5adb1890fceb13a6d9e89c04c060a8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:04:01 GMT
via
1.1 0d5efb0576b3c35a58ca71a83003f34a.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
YVR50-C1
age
1285048
x-cache
Miss from cloudfront, HIT
content-length
634
x-served-by
cache-bfi-krnt7300100-BFI
last-modified
Wed, 13 Feb 2019 09:30:12 GMT
server
AmazonS3
x-timer
S1692335042.824558,VS0,VE0
etag
"3132e8c3bdd274efa7ce1531ec89580d"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
93rCfUqImY-rUkyeaXK0WRS7hgIEhxkf8UtgO9ZJUbDF9BWXgJNzcA==
x-cache-hits
62649
learn-more-button-hover.svg
vidstat.taboola.com/assets/ 		2 KB
1020 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vidstat.taboola.com/assets/learn-more-button-hover.svg
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e93981763fee7adb1384f54134ae21113517f9e80febe5d0d80f01a75eb97e90

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:04:01 GMT
via
1.1 39688168a2a3353be1f3c9378d12d89f.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
SEA19-C2
age
330948
x-cache
Hit from cloudfront, HIT
content-length
660
x-served-by
cache-bfi-krnt7300100-BFI
last-modified
Wed, 13 Feb 2019 09:30:11 GMT
server
AmazonS3
x-timer
S1692335042.876434,VS0,VE0
etag
"b14888c73642ebc29c1451727eb1eb8a"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
60eVOAFUSA4nwUw-T-M8llMIteHgPadrb_-_ZciVVOdG_txqbXSXCQ==
x-cache-hits
18895
c5ef96bc-30ab-456a-b3d5-a84f367c6a46.svg
cdn.taboola.com/static/c5/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/c5/c5ef96bc-30ab-456a-b3d5-a84f367c6a46.svg
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1d89405054b0eccfd66baa763bf4781b8dff83824636284b79800ecdc25579f1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
3GoWmPpnzFDs5CP3.ebHbCmhALWQMuvH
content-encoding
gzip
via
1.1 varnish
date
Fri, 18 Aug 2023 05:04:01 GMT
x-amz-request-id
N8EM5PT4WQC5D7YA
age
43
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1502
x-amz-id-2
Gt9jRiqxkBUre+mqd1v/bUo3f1lvVzQ7r0NFXwodCgTVxbTovN2U5BV06Mz6vEWPs+BdfxhfUVQ=
x-served-by
cache-bfi-krnt7300100-BFI
last-modified
Sun, 10 Jun 2018 13:23:55 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1692335042.826561,VS0,VE0
etag
"11d8569a7da0739259e3ac0b0d666e94"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
abp
39
cache-control
private,max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
5
debug
ch-trc-events.taboola.com/advance-oregon/log/2/ 		0
131 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ch-trc-events.taboola.com/advance-oregon/log/2/debug?type=warn&msg=TRC.mark%20-%20trying%20to%20stop%20measurement%20that%20was%20not%20started%20videoInitToRenderundefinedStop&lt=trecs-networks-panel_var&tvi2=10685&tim=13%3A04%3A01.691&id=22580&cv=20230808-32-RELEASE&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/advance-network/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.oregonlive.com
date
Fri, 18 Aug 2023 05:04:01 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
284769
blackScreen60.mp4
vidstatb.taboola.com/vid/ 		69 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://vidstatb.taboola.com/vid/blackScreen60.mp4
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Range
bytes=0-

Response headers

x-amz-meta-mtime
1497790439
date
Fri, 18 Aug 2023 05:04:01 GMT
via
1.1 bb568be725e8f0bfefe1fb7412e5804a.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop
YVR50-C1
age
1972214
x-cache
Hit from cloudfront, HIT
Content-Range
bytes 0-70425/70426
x-amz-meta-mode
33188
Content-Length
70426
x-served-by
cache-bfi-krnt7300100-BFI
last-modified
Sun, 02 Jul 2017 20:41:01 GMT
server
AmazonS3
x-timer
S1692335042.897386,VS0,VE0
etag
"4c56565b3f2f41c2c52ae4e6177ece38"
x-amz-meta-uid
0
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
video/mp4
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
5fgmV6-d6cr6gIBDjG6XeNrUnAPUcHK8wZLzjjNj0-FlZIAgTD6PcQ==
x-cache-hits
14476
activeview
pagead2.googlesyndication.com/pcs/ Frame B324 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss4z8CirO7xjqThtoBafxxmoXMUfvY_bNqPYMfNVTN8w-HAcAl6y9WkHAzye9peuSttF1SaBZwM9HvROTb0McNp7uLBrWrBRqN44dAwTN6fZcpreL6nKtb2w9Sg6l8C8F0SGxe7GFX-lA&sai=AMfl-YQ5W2rB--DXx_DZGjOEbfV5sZ3gRILq9NwWBgGH4chXVZ3wpXlBJyFZ7MaYJqLG0SCCgkANe1lP8E34SW6WP_CkRZt4cBLSYhwUXR0FPCmydnxR7VlWnNqCxv5j&sig=Cg0ArKJSzPMWmcaLqwvcEAE&cid=CAQSPABpAlJWKuU_arY4FG9rlvI8qEaJRbdeBROJituB_QAaRAWtYadpm-PcvmSaXdiDC7b3qbTqH1LGnvw0jBgB&id=lidar2&mcvt=1044&p=109,315,359,1285&mtos=1044,1044,1044,1044,1044&tos=1044,0,0,0,0&v=20230816&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=866199041&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692335037920&rpt=2772&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://234794022749f960a58f52c6b5002407.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 05:04:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=ud&error=uid%2Fmuid%2Fduid%20not%20found&tv=js-3.0.129&tna=Mather&aid=v1&p=web&tz=Australia%2FPerth&tzoff=-480&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=15&tvcfg=all&tid=b5700fbe-6724-4e83-a7b2-6cf8e0d58ce4&pid=2b7b519d-69c5-45d2-8bdf-46edd53e7601&dtm=1692335041791&qnm=_matherq&visible=1&tabid=fd0d1b87-55d2-4e6c-b769-4d65b98d23b8&url=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&vp=1600x1200&ds=1600x4405&tofa=1692335037&vid=1&lvidt=1692335037&duid=b6882e90c4294ffd&fp=757936674&cid=ma63527&mrk=484602609&cx=eyJ1c2VyREIiOnsic2VnbWVudHMiOltdLCJtZXRlckRhdGEiOnsibWV0ZXJUaHJlc2hvbGQiOiIwIiwicmVzZXRNZXRlciI6IjAifSwicGFnZVZpZXdzIjoiMiIsInVzZXJEQkZldGNoIjoiMSIsImVyciI6InVpZC9tdWlkL2R1aWQgbm90IGZvdW5kIiwibmV4dFVwZGF0ZSI6IjE4MDAwMDAiLCJuZXh0VXBkYXRlVFMiOiIxNjkyMzM2ODQxMjI1In19
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.184.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-184-108.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Fri, 18 Aug 2023 05:04:01 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
pixel.gif
px.moatads.com/ 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&ra=6&pxm=1&sgs=3&vb=4&kq=1&lo=3&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=ADVANCEDDIGITAL_DFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BG%24%3D!!tFQ%5BhKjWfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-sISpS2PucglBbk5475S6XrSoK4rogWbxm7rLGdl3vY3c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-eVpGhov6BziEcg%3D%3D&sc=1&os=1-Ag%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-480&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&h=600&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&id=1&ii=4&pl=0&f=0&j=&t=1692335036306&de=403739846066&rx=818617337947&cu=1692335036306&m=4395&ar=2e6b325d-clean&iw=1138ff4&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4405&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=88&vx=88%3A-%3A-&pe=1%3A3422%3A3422%3A0%3A3412&as=1&ag=1009&an=20&gf=0&gg=0&ix=0&ic=0&ez=1&ck=1009&kw=826&aj=1&pg=88&pf=88&ib=1&cc=1&bw=1009&bx=20&ci=1009&jz=826&dj=1&im=0&in=0&pd=0&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=826&cd=40&ah=826&am=40&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=1485972055%3A558359335%3A1720211575%3A138411207715&bo=343101415&bp=388286695&bd=undefined&gw=advanceddigitalheader640552616592&zMoatOrigSlicer1=343101415&zMoatOrigSlicer2=388286695&dfp=0%2C1&la=388286695&zMoatAU=%2F344101295%2FOR%2Fwww.oregonlive.com%2Fnews&zMoatProduct=cal&zMoatPS=-&zMoatSlot=RightRail_Top&zMoatPlatform=desktop&zMoatVersion=-&zMoatATF=true&zMoatCounter=1&zMoatJS=3%3A-&zMoatAdUnit1=-&zMoatAdUnit2=-&zMoatSM=-&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&oq=0&ot=cc&ti=0&ih=2&tc=0&fs=42&na=2069392606&cs=0
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.241.170 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-241-170.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 05:04:02 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 18 Aug 2023 05:04:02 GMT
vast.xml
video-ads.rubiconproject.com/video/16698/144084/1761832/203/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video-ads.rubiconproject.com/video/16698/144084/1761832/203/vast.xml?rf=https%3A%2F%2Fwww.oregonlive.com&gdpr=0&p_aso.video.maxduration=60&us_privacy=1---
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.4.1/OvaMediaPlayer.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.190.68 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-190-68.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (CentOS) PHP/5.4.16 / PHP/5.4.16
Resource Hash
99f0ad92fcdab1d2820c5e230e10d85252191371102b0d6e50d36ed300d3aaaf

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 05:04:02 GMT
Content-Encoding
gzip
Server
Apache/2.4.6 (CentOS) PHP/5.4.16
X-Powered-By
PHP/5.4.16
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, PUT, OPTIONS, PATCH, DELETE
Content-Type
text/xml
Access-Control-Allow-Origin
https://www.oregonlive.com
Cache-Control
public, must-revalidate, max-age=0, s-maxage=600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
X-Accept-Charset,X-Accept,Content-Type
Content-Length
927
Expires
Fri, 18 Aug 2023 05:04:02 GMT
9507649
ads.stickyadstv.com/vast/vpaid-adapter/ 		795 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/9507649?_fw_gdpr=0&schain=1.0,1!taboola.com,1031853,1,-123023743&_fw_us_privacy=1---
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.4.1/OvaMediaPlayer.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.177 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-177.pacnet.net
Software
nginx /
Resource Hash
a5ec5adf72c74f642a5177202ef1d351e246230382245ad88825430e6b20cedd

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 05:04:02 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://www.oregonlive.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
795
x-sticky-vk
1692335042819017-50
Expires
Fri, 18 Aug 2023 05:04:02 GMT
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame 45C7
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/03c40802-bf26-4dca-babc-6267fa98b8c5-tuctbd8813c?gdpr=0&us_privacy=1---
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-3MNfTbtE2oRhvMwQ4.XNwLMg88Y2fps.uh0YgQ--~A
0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-3MNfTbtE2oRhvMwQ4.XNwLMg88Y2fps.uh0YgQ--~A
Requested by
Host: ch-match.taboola.com
URL: https://ch-match.taboola.com/sync?dast=V8kLgCLAbU6DeRE8HlnBKo0W8iJ4LLOS0AAABgYOD4AImsPDbfcmNzC1aziVs0mq3WCt_ItxYZJw7DcLeczSwLIyCRlcfmW25sbsFqNnGLRrPVWuEb-dYi48RhGO6Ws5llYQUk0vQZTQdJw2k2CJ0Xy9NkEBVdb4vd4TR7DmqBrGly-d2gDE2nw-e61-t-v7ve8vL57Wan7WXX-N1-ucv3-UsGk8FesNhr_G7D6_SyfN6a09Nsdov8vrtbaXfrLS-f3-7W-F130_MtdJreEudb47y4LA_T6eHx2oWmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rABjfIODMcli4l-d0UPvtlr_LHwAAAABAAAAAAJAAEEhvKgHwoTp24v________8_xgB95o2M_____xsLPQAefAA8CAEAALgYsjb57chY1jlO5ACjCCMAAAAAQstwoUcm6QQViyr____9VgCuAAAEKB4cXNVk0R2UeAsDAABAMGaBHha_3-ywa_xul_n_________N_N_5h-NUIsHbhphTBR7Nb-AAABrfgEBANhoG3IDAPBGAE7QIWjFYLA6BDQbzWYHAAAA4M7___-_HpDyDQfLyWLj2U2WM4vLZXOYNsPBcjgz-WaOlXO5PUhRhWKjtePbfUik6TOaDpKG02wQOi-Wp8kgKrreFrvDafYc1AJZ0-Ty28-ELUaryWSzHM6Wi8lgOBqORvszEIvZAE3EYLmcTBaT3Wq0Gm2Gu9FssEACMZggihYNJqvRaLKYDFejyWq2XOx2G0TRqtVstBkMV7PJbLdbDQfD5WiEJmwxWk0mm-VwtlxMBsPRcDQaIhjYbEyD4WCyltgss7Vo5HG4JQ6Lxy2bzHYzh3M4MW5ca9HrY7qYjMPFZuNFggFae5E8LdKJbjgbeXwbx8Iw8-wGg9FqN1l4diOHxzHYTUy2kUUs0Zws0onssm_5hoPlZLHx7CbLmcXlsjlMm-FgOZyZfDPHyrncFzYb02A4mKwlNstsLRp5HG6Jw-Jxyyaz3czhHE6MG9da9PqYLibjcLHZ-Buz5WSzWQ02s31jtpxsNqvBZrbv0Bm-q8_ZqNwMax2TbbpbnD43p0HhMli806JF2jocfUad1zYRpsbenHdidTkvXoPCc_Coxp9ryGtOiczVg9Z7MCpiieAinShMtofd43LrLS-f324RS5Smi3Sil7t8n79kMBnsBYu9xu82vE4vy-etOT3NZrfI77u7lXa33vLy-e1ujd91Nz3fQqfpLXG-Nc6Ly_IwnR4er11oepstYongdJFORC_j6aL-IwebzSWDzVyxmMwVs8UqAQAAAAAAAABYgkmmmwAAAAA4GcRysFvu1ulABrvVZLNaLoAH31ZdP-e80L8rliu7usVuIwV68hqKNfaYQ5hsD7vH5dZbXj6_3coAHiYhmG32GUGs1WpZAwAAEMAGAAAQwE033gScWXH_____4wAAAATIoQcAAHC8D8gqbL3QA1eKX0FMBpPV_gGoEGu1Wt1urNVqBSyoxW41m0AAAIEV!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ch-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:04:02 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
190717

Redirect headers

date
Fri, 18 Aug 2023 05:04:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-3MNfTbtE2oRhvMwQ4.XNwLMg88Y2fps.uh0YgQ--~A
content-length
0
/
sync.taboola.com/sg/yahoosspus-network/1/rtb-h/ Frame 45C7
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=0&us_privacy=1---
  • https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-a7IooBNE2uG9uTacXETc27lu1XVN7cu6~A&gdpr_in_effect=0
0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-a7IooBNE2uG9uTacXETc27lu1XVN7cu6~A&gdpr_in_effect=0
Requested by
Host: ch-match.taboola.com
URL: https://ch-match.taboola.com/sync?dast=V8kLgCLAbU6DeRE8HlnBKo0W8iJ4LLOS0AAABgYOD4AImsPDbfcmNzC1aziVs0mq3WCt_ItxYZJw7DcLeczSwLIyCRlcfmW25sbsFqNnGLRrPVWuEb-dYi48RhGO6Ws5llYQUk0vQZTQdJw2k2CJ0Xy9NkEBVdb4vd4TR7DmqBrGly-d2gDE2nw-e61-t-v7ve8vL57Wan7WXX-N1-ucv3-UsGk8FesNhr_G7D6_SyfN6a09Nsdov8vrtbaXfrLS-f3-7W-F130_MtdJreEudb47y4LA_T6eHx2oWmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rABjfIODMcli4l-d0UPvtlr_LHwAAAABAAAAAAJAAEEhvKgHwoTp24v________8_xgB95o2M_____xsLPQAefAA8CAEAALgYsjb57chY1jlO5ACjCCMAAAAAQstwoUcm6QQViyr____9VgCuAAAEKB4cXNVk0R2UeAsDAABAMGaBHha_3-ywa_xul_n_________N_N_5h-NUIsHbhphTBR7Nb-AAABrfgEBANhoG3IDAPBGAE7QIWjFYLA6BDQbzWYHAAAA4M7___-_HpDyDQfLyWLj2U2WM4vLZXOYNsPBcjgz-WaOlXO5PUhRhWKjtePbfUik6TOaDpKG02wQOi-Wp8kgKrreFrvDafYc1AJZ0-Ty28-ELUaryWSzHM6Wi8lgOBqORvszEIvZAE3EYLmcTBaT3Wq0Gm2Gu9FssEACMZggihYNJqvRaLKYDFejyWq2XOx2G0TRqtVstBkMV7PJbLdbDQfD5WiEJmwxWk0mm-VwtlxMBsPRcDQaIhjYbEyD4WCyltgss7Vo5HG4JQ6Lxy2bzHYzh3M4MW5ca9HrY7qYjMPFZuNFggFae5E8LdKJbjgbeXwbx8Iw8-wGg9FqN1l4diOHxzHYTUy2kUUs0Zws0onssm_5hoPlZLHx7CbLmcXlsjlMm-FgOZyZfDPHyrncFzYb02A4mKwlNstsLRp5HG6Jw-Jxyyaz3czhHE6MG9da9PqYLibjcLHZ-Buz5WSzWQ02s31jtpxsNqvBZrbv0Bm-q8_ZqNwMax2TbbpbnD43p0HhMli806JF2jocfUad1zYRpsbenHdidTkvXoPCc_Coxp9ryGtOiczVg9Z7MCpiieAinShMtofd43LrLS-f324RS5Smi3Sil7t8n79kMBnsBYu9xu82vE4vy-etOT3NZrfI77u7lXa33vLy-e1ujd91Nz3fQqfpLXG-Nc6Ly_IwnR4er11oepstYongdJFORC_j6aL-IwebzSWDzVyxmMwVs8UqAQAAAAAAAABYgkmmmwAAAAA4GcRysFvu1ulABrvVZLNaLoAH31ZdP-e80L8rliu7usVuIwV68hqKNfaYQ5hsD7vH5dZbXj6_3coAHiYhmG32GUGs1WpZAwAAEMAGAAAQwE033gScWXH_____4wAAAATIoQcAAHC8D8gqbL3QA1eKX0FMBpPV_gGoEGu1Wt1urNVqBSyoxW41m0AAAIEV!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ch-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:04:02 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
190717

Redirect headers

location
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-a7IooBNE2uG9uTacXETc27lu1XVN7cu6~A&gdpr_in_effect=0
date
Fri, 18 Aug 2023 05:04:02 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
usync.html
eus.rubiconproject.com/ Frame 046E 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Requested by
Host: ch-match.taboola.com
URL: https://ch-match.taboola.com/sync?dast=V8kLgCLAbU6DeRE8HlnBKo0W8iJ4LLOS0AAABgYOD4AImsPDbfcmNzC1aziVs0mq3WCt_ItxYZJw7DcLeczSwLIyCRlcfmW25sbsFqNnGLRrPVWuEb-dYi48RhGO6Ws5llYQUk0vQZTQdJw2k2CJ0Xy9NkEBVdb4vd4TR7DmqBrGly-d2gDE2nw-e61-t-v7ve8vL57Wan7WXX-N1-ucv3-UsGk8FesNhr_G7D6_SyfN6a09Nsdov8vrtbaXfrLS-f3-7W-F130_MtdJreEudb47y4LA_T6eHx2oWmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rABjfIODMcli4l-d0UPvtlr_LHwAAAABAAAAAAJAAEEhvKgHwoTp24v________8_xgB95o2M_____xsLPQAefAA8CAEAALgYsjb57chY1jlO5ACjCCMAAAAAQstwoUcm6QQViyr____9VgCuAAAEKB4cXNVk0R2UeAsDAABAMGaBHha_3-ywa_xul_n_________N_N_5h-NUIsHbhphTBR7Nb-AAABrfgEBANhoG3IDAPBGAE7QIWjFYLA6BDQbzWYHAAAA4M7___-_HpDyDQfLyWLj2U2WM4vLZXOYNsPBcjgz-WaOlXO5PUhRhWKjtePbfUik6TOaDpKG02wQOi-Wp8kgKrreFrvDafYc1AJZ0-Ty28-ELUaryWSzHM6Wi8lgOBqORvszEIvZAE3EYLmcTBaT3Wq0Gm2Gu9FssEACMZggihYNJqvRaLKYDFejyWq2XOx2G0TRqtVstBkMV7PJbLdbDQfD5WiEJmwxWk0mm-VwtlxMBsPRcDQaIhjYbEyD4WCyltgss7Vo5HG4JQ6Lxy2bzHYzh3M4MW5ca9HrY7qYjMPFZuNFggFae5E8LdKJbjgbeXwbx8Iw8-wGg9FqN1l4diOHxzHYTUy2kUUs0Zws0onssm_5hoPlZLHx7CbLmcXlsjlMm-FgOZyZfDPHyrncFzYb02A4mKwlNstsLRp5HG6Jw-Jxyyaz3czhHE6MG9da9PqYLibjcLHZ-Buz5WSzWQ02s31jtpxsNqvBZrbv0Bm-q8_ZqNwMax2TbbpbnD43p0HhMli806JF2jocfUad1zYRpsbenHdidTkvXoPCc_Coxp9ryGtOiczVg9Z7MCpiieAinShMtofd43LrLS-f324RS5Smi3Sil7t8n79kMBnsBYu9xu82vE4vy-etOT3NZrfI77u7lXa33vLy-e1ujd91Nz3fQqfpLXG-Nc6Ly_IwnR4er11oepstYongdJFORC_j6aL-IwebzSWDzVyxmMwVs8UqAQAAAAAAAABYgkmmmwAAAAA4GcRysFvu1ulABrvVZLNaLoAH31ZdP-e80L8rliu7usVuIwV68hqKNfaYQ5hsD7vH5dZbXj6_3coAHiYhmG32GUGs1WpZAwAAEMAGAAAQwE033gScWXH_____4wAAAATIoQcAAHC8D8gqbL3QA1eKX0FMBpPV_gGoEGu1Wt1urNVqBSyoxW41m0AAAIEV!&excid=22&docw=0&cijs=1&nlb=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.51.138.68 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-138-68.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ch-match.taboola.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 18 Aug 2023 05:04:02 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
envelope
lexicon.33across.com/v1/ 		0
0
prebid
id5-sync.com/api/config/ 		135 B
547 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
989e7134f8b722c049f5553bf85347c9052fe40f7c35915f7d18a348ed4de84b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.oregonlive.com
date
Fri, 18 Aug 2023 05:04:02 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
3725
idx.liadm.com/idex/prebid/ 		0
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://idx.liadm.com/idex/prebid/3725?duid=4ba582fb2221--01h83gen8xktc15tdqmhqd5kny&resolve=nonId
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.99.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-99-83.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.oregonlive.com
date
Fri, 18 Aug 2023 05:04:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-credentials
true
trace-id
282911405fdcb935
vary
Origin
request-time
1
envelope
api.rlcdn.com/api/identity/ 		0
255 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=115
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.155.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.155.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Aug 2023 05:04:02 GMT
via
1.1 google
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.oregonlive.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
0
ixmatch.html
js-sec.indexww.com/um/ Frame 40C2 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
182
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7f879d1ebbaa6a6c-SYD
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 18 Aug 2023 05:04:02 GMT
expires
Fri, 18 Aug 2023 09:04:02 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame F414 		36 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=2034%2C2033%2C2030%2C273%2C157%2C2027%2C159%2C2026%2C117%2C359%2C239%2C97%2C99%2C56%2C59%2C3012%2C2043%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C3024%2C3022%2C171%2C3020%2C173%2C294%2C251%2C175%2C132%2C178%2C257%2C3017%2C214%2C3016%2C337%2C338%2C459%2C339%2C77%2C184%2C261%2C141%2C262%2C461%2C188%2C222%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.196.24 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5c81a7b937e08efd7a2e132ddd1fa10c4bb58dcb007f4fe2057ced072b4565e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
12110
content-type
text/html; charset=UTF-8
date
Fri, 18 Aug 2023 05:04:03 GMT
expires
Sun, 20 Aug 2023 05:04:03 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 80A2 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.240.213 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-240-213.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=27225
content-encoding
gzip
content-length
5606
content-type
text/html
date
Fri, 18 Aug 2023 05:04:02 GMT
expires
Fri, 18 Aug 2023 12:37:47 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 6FA4 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gpp=DBABLA~BVQqAAAACgA.QA&gpp_sid=7
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.51.138.68 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-138-68.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 18 Aug 2023 05:04:02 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
cm
trc.taboola.com/sg/prebidJS/1/ 		43 B
486 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/prebidJS/1/cm?gpp=%5Bobject%20Object%5D
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms
114
date
Fri, 18 Aug 2023 05:04:02 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
48228
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-bfi-krnt7300100-BFI
pragma
no-cache
server
nginx
x-timer
S1692335042.230699,VS0,VE114
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
loadTemplateContext
buy.tinypass.com/api/v3/anon/template/ 		585 B
662 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/api/v3/anon/template/loadTemplateContext?aid=aUOJ4c05bh
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.183.177 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28c0e9315f065aa2c5e5be720a9f82a6857298b3cb087ab5ef21357a90536629
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 18 Aug 2023 05:04:02 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
x-request-id
Mq2mkzrqQ7E
pragma
no-cache
wn
prod-dash-10-0-142-83
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
server-time
0.003
cache-control
no-cache, no-store, must-revalidate
cf-ray
7f879d20bcbfa8b9-SYD
expires
0
cacheableShow
buy.tinypass.com/checkout/template/ Frame 4A7A 		17 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/checkout/template/cacheableShow?aid=aUOJ4c05bh&templateId=OTRMUB4CTRX4&templateVariantId=OTV7NW69OI407&offerId=fakeOfferId&experienceId=EX0RHWLWUL3H&iframeId=offer_26ee15f2dc8a2a38fbf2-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.oregonlive.com
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.182.177 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8528e02fda02ad87cc57314ab89b129461491c72d6bd420b203a682e77d16508
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-methods
*
access-control-allow-origin
https://dashboard.piano.io
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=900
cf-cache-status
EXPIRED
cf-ray
7f879d1daf59551b-SYD
content-encoding
br
content-type
text/html;charset=UTF-8
date
Fri, 18 Aug 2023 05:04:02 GMT
expires
Fri, 18 Aug 2023 05:19:02 GMT
last-modified
Fri, 18 Aug 2023 04:37:37 GMT
p3p
CP="NON DSP COR OUR IND"
pragma
server
cloudflare
server-time
0.001
strict-transport-security
max-age=86400; includeSubDomains
vary
accept-encoding
wn
prod-dash-10-0-83-105
x-forwarded-https
on
x-request-id
Mq2mkzrgmWW
x-xss-protection
0
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f139.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 18 Aug 2023 05:04:02 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 22F7 		131 B
196 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.k9_XO8nUOPY.es5.O/am=AMBs/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI5DsgSGoSejK8CkHBPODqaADm3Z1Q/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f139.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
X-Goog-AuthUser
0
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Fri, 18 Aug 2023 05:04:02 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f139.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 18 Aug 2023 05:04:02 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 22F7 		131 B
196 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.k9_XO8nUOPY.es5.O/am=AMBs/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI5DsgSGoSejK8CkHBPODqaADm3Z1Q/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f139.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
X-Goog-AuthUser
0
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Fri, 18 Aug 2023 05:04:02 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f139.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 18 Aug 2023 05:04:02 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 22F7 		131 B
196 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.k9_XO8nUOPY.es5.O/am=AMBs/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI5DsgSGoSejK8CkHBPODqaADm3Z1Q/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f139.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
X-Goog-AuthUser
0
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Fri, 18 Aug 2023 05:04:02 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f139.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 18 Aug 2023 05:04:02 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 22F7 		131 B
196 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.k9_XO8nUOPY.es5.O/am=AMBs/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI5DsgSGoSejK8CkHBPODqaADm3Z1Q/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f139.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
X-Goog-AuthUser
0
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Fri, 18 Aug 2023 05:04:02 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pv&page=Computers%20still%20down%20in%20Oregon%20county%20hit%20by%20cyberattack%20-%20oregonlive.com&metered=1%7C7&metername=Support%20Meter&tv=js-3.0.129&tna=Mather&aid=v1&p=web&tz=Australia%2FPerth&tzoff=-480&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=15&tvcfg=all&tid=9daf3e3d-1afe-470c-9a67-06ee37eb6727&pid=2b7b519d-69c5-45d2-8bdf-46edd53e7601&dtm=1692335042140&qnm=_matherq&visible=1&tabid=fd0d1b87-55d2-4e6c-b769-4d65b98d23b8&url=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&vp=1600x1200&ds=1600x4405&tofa=1692335037&vid=1&lvidt=1692335037&duid=b6882e90c4294ffd&fp=757936674&cid=ma63527&mrk=484602609&cx=eyJhY3Rpb24iOnsiY2F0ZWdvcnkiOiJkaXNwbGF5IiwiYWN0aW9uIjoidGVtcGxhdGUiLCJkYXRhIjp7IjAiOnsidGVtcGxhdGVJZCI6Ik9UUk1VQjRDVFJYNCIsImRpc3BsYXlNb2RlIjoiaW5saW5lIiwiZXhwZXJpZW5jZUFjdGlvbklkIjoic2hvd1RlbXBsYXRlVk01WEJJOTVTT1RZODUiLCJleHBlcmllbmNlSWQiOiJFWDBSSFdMV1VMM0giLCJvZmZlcklkIjoiZmFrZU9mZmVySWQiLCJzaG93Q2xvc2VCdXR0b24iOiIwIn19LCJ2ZW5kb3IiOiJwaWFubyIsInR5cGUiOiJ1bmtub3duIn0sImlkZW50aXRpZXMiOlt7InR5cGUiOiJnYSIsImlkIjoiODU4NjA1NTE2IiwicmVmVGltZSI6IjE2OTIzMzUwNDIxMzgifSx7InR5cGUiOiJzcCIsImlkIjoiNDFlNjRhZTktZGRkMC00M2Q0LTg1MTgtNjA2YTNjNjAxMTMxLjE2OTIzMzUwMzguMS4xNjkyMzM1MDM4LjE2OTIzMzUwMzguNDVjYjRiNGEtOTQyNy00ZGRlLThlMWEtNzQwMTgwNzEzZTkzIiwicmVmVGltZSI6IjE2OTIzMzUwNDIxMzkifV19
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.184.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-184-108.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Fri, 18 Aug 2023 05:04:02 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
usync.js
eus.rubiconproject.com/ Frame 046E 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.51.138.68 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-138-68.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f4dc6984751d8119c3e1f269a2e135838c9b4a56f3fd77bb9e8a6805ab0bf817

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 05:04:02 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Aug 2023 23:27:17 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=66161
Connection
keep-alive
Content-Length
10115
Expires
Fri, 18 Aug 2023 23:26:43 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 80A2 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=13985239&p=159879&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.81 , Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3ed7e4e5f2f685a1357978a36fa8c08d093af6d741757d0e419cc7c553c8668

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Fri, 18 Aug 2023 05:04:02 GMT
content-length
1888
content-type
text/html; charset=UTF-8
PugMaster
image6.pubmatic.com/AdServer/ Frame E1DA 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=2342713&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.81 , Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
9c7e1a4a30f544ac8e5d083f9b9e56d1622186b246bb92bc00d05f0440fc2e47

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Fri, 18 Aug 2023 05:04:02 GMT
content-length
1345
content-type
text/html; charset=UTF-8
usermatch
ssum-sec.casalemedia.com/ Frame 587B
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&s=184674&cb=https%3A...
  • https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&s=184674&cb=https%3A...
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
4a248eb901ca3fd75fdecde541e943663591b4c373d9c085883430cd914b2a4b

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Type
text/html
Date
Fri, 18 Aug 2023 05:04:03 GMT
Expires
0
Keep-Alive
timeout=1, max=499
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Transfer-Encoding
chunked

Redirect headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
0
Date
Fri, 18 Aug 2023 05:04:02 GMT
Expires
0
Keep-Alive
timeout=1, max=500
Location
/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pv&page=Computers%20still%20down%20in%20Oregon%20county%20hit%20by%20cyberattack%20-%20oregonlive.com&metered=1%7C7&tv=js-3.0.129&tna=Mather&aid=v1&p=web&tz=Australia%2FPerth&tzoff=-480&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=15&tvcfg=all&tid=4ebabbbc-5f6b-4c1f-9cda-519166c514c6&pid=2b7b519d-69c5-45d2-8bdf-46edd53e7601&dtm=1692335042146&qnm=_matherq&visible=1&tabid=fd0d1b87-55d2-4e6c-b769-4d65b98d23b8&url=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&vp=1600x1200&ds=1600x4405&tofa=1692335037&vid=1&lvidt=1692335037&duid=b6882e90c4294ffd&fp=757936674&cid=ma63527&mrk=484602609&cx=eyJhY3Rpb24iOnsiY2F0ZWdvcnkiOiJkaXNwbGF5IiwiYWN0aW9uIjoidGVtcGxhdGUiLCJkYXRhIjp7IjAiOnsidGVtcGxhdGVJZCI6Ik9UUk1VQjRDVFJYNCIsImRpc3BsYXlNb2RlIjoiaW5saW5lIiwiZXhwZXJpZW5jZUFjdGlvbklkIjoic2hvd1RlbXBsYXRlVk01WEJJOTVTT1RZODUiLCJleHBlcmllbmNlSWQiOiJFWDBSSFdMV1VMM0giLCJvZmZlcklkIjoiZmFrZU9mZmVySWQiLCJzaG93Q2xvc2VCdXR0b24iOiIwIn19LCJ2ZW5kb3IiOiJwaWFubyIsInR5cGUiOiJ1bmtub3duIn0sImlkZW50aXRpZXMiOlt7InR5cGUiOiJnYSIsImlkIjoiODU4NjA1NTE2IiwicmVmVGltZSI6IjE2OTIzMzUwNDIxNDUifSx7InR5cGUiOiJzcCIsImlkIjoiNDFlNjRhZTktZGRkMC00M2Q0LTg1MTgtNjA2YTNjNjAxMTMxLjE2OTIzMzUwMzguMS4xNjkyMzM1MDM4LjE2OTIzMzUwMzguNDVjYjRiNGEtOTQyNy00ZGRlLThlMWEtNzQwMTgwNzEzZTkzIiwicmVmVGltZSI6IjE2OTIzMzUwNDIxNDUifV19
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.184.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-184-108.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Fri, 18 Aug 2023 05:04:02 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
template.bundle.1.0.css
buy.tinypass.com/widget/dist/template/css/ Frame 4A7A 		26 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=aUOJ4c05bh&templateId=OTRMUB4CTRX4&templateVariantId=OTV7NW69OI407&offerId=fakeOfferId&experienceId=EX0RHWLWUL3H&iframeId=offer_26ee15f2dc8a2a38fbf2-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.oregonlive.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.182.177 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62b28569a733e072413ed1649ad9fd346e6fa5ee81327522c04dcc409606fc77
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=aUOJ4c05bh&templateId=OTRMUB4CTRX4&templateVariantId=OTV7NW69OI407&offerId=fakeOfferId&experienceId=EX0RHWLWUL3H&iframeId=offer_26ee15f2dc8a2a38fbf2-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.oregonlive.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:04:02 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
80
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 14 Aug 2023 01:56:50 GMT
wn
prod-dash-10-0-116-166
server
cloudflare
etag
W/"26850-1691978210000"
vary
accept-encoding
content-type
text/css
server-time
0.001
cache-control
public, max-age=7200
cf-ray
7f879d1fc928551b-SYD
expires
Fri, 18 Aug 2023 07:04:02 GMT
piano-frame.css
static.advance.net/static/common/css/ Frame 4A7A 		144 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.advance.net/static/common/css/piano-frame.css
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=aUOJ4c05bh&templateId=OTRMUB4CTRX4&templateVariantId=OTV7NW69OI407&offerId=fakeOfferId&experienceId=EX0RHWLWUL3H&iframeId=offer_26ee15f2dc8a2a38fbf2-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.oregonlive.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
daeb21ce50aef0be3424a0b4be2873711521508279e8491676358ee2649136ac

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
date
Fri, 18 Aug 2023 05:04:03 GMT
x-shield-cache-expires
10
x-amz-request-id
N6KCGXBE792ZBQ05
age
593
x-cache
HIT, HIT
x-host
static.advance.net
content-length
23137
x-served-by
cache-iad-kcgs7200076-IAD, cache-bfi-krnt7300055-BFI
last-modified
Thu, 10 Aug 2023 14:10:28 GMT
x-timer
S1692335043.089774,VS0,VE0
etag
"2f63bd720604fcb19405f2cc4c8ae571"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=600
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/ Frame 4A7A 		95 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=aUOJ4c05bh&templateId=OTRMUB4CTRX4&templateVariantId=OTV7NW69OI407&offerId=fakeOfferId&experienceId=EX0RHWLWUL3H&iframeId=offer_26ee15f2dc8a2a38fbf2-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.oregonlive.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:04:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
8056442
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
30360
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-17b8b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XUGad6l%2BQqvokIVWvM1cZFt9711IwkVpXLRRlGFr7uqWx9Dxa8dr9aJWgFq5bS5hFdBI4%2FqYgq1rQ5moIYZ05epDqs%2FHn6TGI3mx2Q5jgSk62j4b6I3bYb1sJq1R904klyJHXWHn"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7f879d22db23a88c-SYD
expires
Wed, 07 Aug 2024 05:04:03 GMT
jquery-migrate.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/ Frame 4A7A 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/jquery-migrate.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=aUOJ4c05bh&templateId=OTRMUB4CTRX4&templateVariantId=OTV7NW69OI407&offerId=fakeOfferId&experienceId=EX0RHWLWUL3H&iframeId=offer_26ee15f2dc8a2a38fbf2-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.oregonlive.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:04:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
8761308
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3550
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-2748"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0BtToL%2Bx1ZmoZICyLjzdhioaC7ualHX2xWrMoYokHGDjreghJ3OesaI1BKT%2F1VUvsgui508QEaGKOEOjKgsZvZtY4r5JgSZYjfEkwroqzqX8M58xWcQHnnNaLWqbSxMJt1LSMgyy"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7f879d22db25a88c-SYD
expires
Wed, 07 Aug 2024 05:04:03 GMT
angular.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 4A7A 		104 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=aUOJ4c05bh&templateId=OTRMUB4CTRX4&templateVariantId=OTV7NW69OI407&offerId=fakeOfferId&experienceId=EX0RHWLWUL3H&iframeId=offer_26ee15f2dc8a2a38fbf2-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.oregonlive.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04142857a43c3bf04f03b182ac95d7a519e9c85ec50f44247edd23f951232d98
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:04:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3570891
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
35086
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-1a191"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Al6lPI5byBvvQg2qikHl7sOet%2BvuI4yr555lmLR2PzTFgAlbzrpVDlfYPBunjgb61pOHv5JHaxm5WJWxsPdpcA4HUysVkppWPeUYdssP%2Bvo9HiZi7B%2F93MWzWrCSx6t4Egv2mKP5"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7f879d22db26a88c-SYD
expires
Wed, 07 Aug 2024 05:04:03 GMT
angular-animate.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 4A7A 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-animate.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=aUOJ4c05bh&templateId=OTRMUB4CTRX4&templateVariantId=OTV7NW69OI407&offerId=fakeOfferId&experienceId=EX0RHWLWUL3H&iframeId=offer_26ee15f2dc8a2a38fbf2-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.oregonlive.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07275140ea3f47293d4f8a51d785a766eb1c94e4ae087f7c60c5bd611328ac86
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:04:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
910002
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3978
last-modified
Thu, 22 Jun 2023 10:45:05 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942631-f8a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UxdOngrqb9nltsmXew3EfKX8juifaFW7cSWs4EvDJFsQGtbyxrPaBnp0EPoDNj2GIe0HXQS3FGQzXBUvn5N26aeGmDfO9RDgdrZyYp7cfpeTmtYobXt3MbPkj%2BTFTbL6vnS1cmEP"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7f879d22db27a88c-SYD
expires
Wed, 07 Aug 2024 05:04:03 GMT
angular-cookies.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 4A7A 		825 B
764 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-cookies.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=aUOJ4c05bh&templateId=OTRMUB4CTRX4&templateVariantId=OTV7NW69OI407&offerId=fakeOfferId&experienceId=EX0RHWLWUL3H&iframeId=offer_26ee15f2dc8a2a38fbf2-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.oregonlive.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b460d56dd27b62df333537db25d28e7e5ace33535bf4c7d7d767bdbc687a8dd9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:04:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
4845549
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
434
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-339"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hUINdn5AtpTK0wf294CP67G6G2p8pvt7YCk869hv5sO5oKdr7JGBK3a%2BQ7tBvpcnoX%2FT%2Fy0fgj%2Bb4%2FMH0KcqswEesIvMHuyTHwnl57hq7588hz89cisIi%2F580Osx78S0r%2FcNHwRI"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7f879d22db28a88c-SYD
expires
Wed, 07 Aug 2024 05:04:03 GMT
angular-sanitize.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 4A7A 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-sanitize.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=aUOJ4c05bh&templateId=OTRMUB4CTRX4&templateVariantId=OTV7NW69OI407&offerId=fakeOfferId&experienceId=EX0RHWLWUL3H&iframeId=offer_26ee15f2dc8a2a38fbf2-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.oregonlive.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42e8aa892f98807c2b3f49f7c83002b605e357c9463e8a3fbaeffa805fae5bcc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:04:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
825914
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2160
last-modified
Thu, 22 Jun 2023 10:45:05 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942631-870"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JW9CaSLw3tfSkaOEWYjuK%2F2oNhX50JWX82phlycu5Nu%2BamsEoOeJUurw3Pta3Ve3ShkekCK3rQ8DrqIGqClV6%2Brxk5sINKaBBffGjxdPF3ZzGHwydxmiFw01klncf%2BesSb9T2TM%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7f879d22db2aa88c-SYD
expires
Wed, 07 Aug 2024 05:04:03 GMT
tmhDynamicLocale.min.js
cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/ Frame 4A7A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/tmhDynamicLocale.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=aUOJ4c05bh&templateId=OTRMUB4CTRX4&templateVariantId=OTV7NW69OI407&offerId=fakeOfferId&experienceId=EX0RHWLWUL3H&iframeId=offer_26ee15f2dc8a2a38fbf2-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.oregonlive.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2b400c65cddf356b9056899cc2e34c1df2964e5437eed73e184634679cbbe77
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:04:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1854045
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
956
last-modified
Thu, 22 Jun 2023 10:44:55 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942627-3bc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m2CC67fQ7nQSyd3IBUvDDQFIxeZnGnN3%2FA%2BDW546KN7bQvh5OKt9Z4pwIijUjo%2FMsZkYe%2Fe3OSI1rdfQ5MicSxNbhoWxWW9bfQhVQdHF5SKwptL%2FbG%2F6iCV6eEtRqmkTpi7hbo%2BJ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7f879d22db2ba88c-SYD
expires
Wed, 07 Aug 2024 05:04:03 GMT
angular-ui-utils.min.js
cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/ Frame 4A7A 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/angular-ui-utils.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=aUOJ4c05bh&templateId=OTRMUB4CTRX4&templateVariantId=OTV7NW69OI407&offerId=fakeOfferId&experienceId=EX0RHWLWUL3H&iframeId=offer_26ee15f2dc8a2a38fbf2-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.oregonlive.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9685145fc6691742536e349a2953828a84fd729012f34f00cb09b8a26f713b6f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:04:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
6852493
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
7490
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-5b33"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VoX%2F2gdZIAEuUHIUFW0ZBOybb32CJVrlw4mjoUjdPwB3Pz6hLbbc1FvJURdc%2BXrI5wWG1Pi7AgMb9EcttvYjD00jHonoypTdbl63h%2FjJpmucd%2BTV6u5LzBsftOK0FMPIJBYPV20C"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7f879d236bdaa88c-SYD
expires
Wed, 07 Aug 2024 05:04:03 GMT
angular-ui-ieshiv.js
cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/ Frame 4A7A 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/angular-ui-ieshiv.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=aUOJ4c05bh&templateId=OTRMUB4CTRX4&templateVariantId=OTV7NW69OI407&offerId=fakeOfferId&experienceId=EX0RHWLWUL3H&iframeId=offer_26ee15f2dc8a2a38fbf2-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.oregonlive.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
269c614f28c2a9470a6f1c3642a1734986a949f9272a0ce52e1c9d7eb888028f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:04:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
9716463
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
910
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-93c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aBaGTICDmOggz0lXPHFX95u8cTt1HQCvlVkpMWApGCOgtAzSXOw4wdrPS2UI%2FZjnEew2gstEObWkUyrWLJ7xzmXO5gx7iaIxGugjVJAQCpJWGVGIqEKsVO1Jm33dNZazA9anrdIb"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7f879d236bd9a88c-SYD
expires
Wed, 07 Aug 2024 05:04:03 GMT
angular-ui-router.min.js
cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/ Frame 4A7A 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/angular-ui-router.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=aUOJ4c05bh&templateId=OTRMUB4CTRX4&templateVariantId=OTV7NW69OI407&offerId=fakeOfferId&experienceId=EX0RHWLWUL3H&iframeId=offer_26ee15f2dc8a2a38fbf2-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.oregonlive.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1e9510079704b81b083e51700f25a88ddd444272ae498f3b5cd06deb164bfd1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:04:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
124010
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6935
last-modified
Thu, 22 Jun 2023 10:45:03 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"6494262f-1b17"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N9w8fpCi1Snho59mHG%2BohlZ9OlQSJSmHI%2BNdKcngCil6KIzliJq7Kl0X4jS6ahSiEny2rmy1fKgD3v1G1k%2FS3gcW8oeF%2BxWQ09hQBL96SwjlpW%2BD63kFm25%2Bc5%2FfPycel2xWyRHE"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7f879d22db2da88c-SYD
expires
Wed, 07 Aug 2024 05:04:03 GMT
H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA
buy.tinypass.com/_sam/ Frame 4A7A 		119 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=15.247.0
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=aUOJ4c05bh&templateId=OTRMUB4CTRX4&templateVariantId=OTV7NW69OI407&offerId=fakeOfferId&experienceId=EX0RHWLWUL3H&iframeId=offer_26ee15f2dc8a2a38fbf2-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.oregonlive.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.182.177 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6dc0f5dee2a67da2df69cadfd63e71250d0112515dc45213917f6ae66293b25
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=aUOJ4c05bh&templateId=OTRMUB4CTRX4&templateVariantId=OTV7NW69OI407&offerId=fakeOfferId&experienceId=EX0RHWLWUL3H&iframeId=offer_26ee15f2dc8a2a38fbf2-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.oregonlive.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:04:02 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
22
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 16 Aug 2023 13:23:18 GMT
wn
prod-dash-10-0-136-21
server
cloudflare
optimized-by
_sam
vary
Accept-Encoding
content-type
text/javascript
server-time
0.001
cache-control
public, max-age=604778
cf-ray
7f879d1fc92b551b-SYD
expires
Fri, 25 Aug 2023 05:03:40 GMT
close-icon-white.svg
static.advance.net/static/common/img/piano/ Frame 4A7A 		1 KB
797 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.advance.net/static/common/img/piano/close-icon-white.svg
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=aUOJ4c05bh&templateId=OTRMUB4CTRX4&templateVariantId=OTV7NW69OI407&offerId=fakeOfferId&experienceId=EX0RHWLWUL3H&iframeId=offer_26ee15f2dc8a2a38fbf2-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.oregonlive.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6ff6cf159d19b9bbe64d44941f6f49ef7fa23656d723acac0eb88070e810d5e4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
date
Fri, 18 Aug 2023 05:04:03 GMT
x-shield-cache-expires
10
x-amz-request-id
BGXCCNPHV22R80GH
age
900
x-cache
HIT, HIT
x-host
static.advance.net
content-length
610
x-served-by
cache-iad-kjyo7100175-IAD, cache-bfi-krnt7300055-BFI
last-modified
Mon, 27 Jan 2020 14:39:52 GMT
x-timer
S1692335043.294196,VS0,VE0
etag
"404b790d9175ce8af75799ca9572d3cd"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
logo-oregonlive-inverse.svg
static.advance.net/static/common/img/paywall/lmg/ Frame 4A7A 		1 KB
919 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.advance.net/static/common/img/paywall/lmg/logo-oregonlive-inverse.svg
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=aUOJ4c05bh&templateId=OTRMUB4CTRX4&templateVariantId=OTV7NW69OI407&offerId=fakeOfferId&experienceId=EX0RHWLWUL3H&iframeId=offer_26ee15f2dc8a2a38fbf2-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.oregonlive.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9b230ec1c2023e587cb759104d9173050e4d35fade4afb59993bff57cba41a6e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
date
Fri, 18 Aug 2023 05:04:03 GMT
x-shield-cache-expires
10
x-amz-request-id
46X0EVX2JJBQ1PD0
age
2201
x-cache
HIT, HIT
x-host
static.advance.net
content-length
746
x-served-by
cache-iad-kjyo7100057-IAD, cache-bfi-krnt7300055-BFI
last-modified
Mon, 27 Jan 2020 15:36:54 GMT
x-timer
S1692335043.406415,VS0,VE2
etag
"346292dcd8afe46e74cc357e2be559e7"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
logo-oregonlive.svg
static.advance.net/static/common/img/paywall/lmg/ Frame 4A7A 		1 KB
911 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.advance.net/static/common/img/paywall/lmg/logo-oregonlive.svg
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=aUOJ4c05bh&templateId=OTRMUB4CTRX4&templateVariantId=OTV7NW69OI407&offerId=fakeOfferId&experienceId=EX0RHWLWUL3H&iframeId=offer_26ee15f2dc8a2a38fbf2-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.oregonlive.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d1e32ebab2bdf5ce44bbafbc57e6788f5eb0c9ae6b0d499f5038bfa8147a3c51

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
date
Fri, 18 Aug 2023 05:04:03 GMT
x-shield-cache-expires
10
x-amz-request-id
VBKWPCNPQ96QC7VB
age
4654
x-cache
HIT, HIT
x-host
static.advance.net
content-length
746
x-served-by
cache-iad-kiad7000024-IAD, cache-bfi-krnt7300055-BFI
last-modified
Mon, 27 Jan 2020 15:36:54 GMT
x-timer
S1692335043.432458,VS0,VE0
etag
"c49149634ed4f8a4fc059bfa63e29957"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cannabisinsider-nj.svg
static.advance.net/static/common/img/piano/dynamic-offer/logos/ Frame 4A7A 		19 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.advance.net/static/common/img/piano/dynamic-offer/logos/cannabisinsider-nj.svg
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=aUOJ4c05bh&templateId=OTRMUB4CTRX4&templateVariantId=OTV7NW69OI407&offerId=fakeOfferId&experienceId=EX0RHWLWUL3H&iframeId=offer_26ee15f2dc8a2a38fbf2-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.oregonlive.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6066054d8669e8ca3c9a1ca53af6b3e80dba9361b59f023c82d7b55542b36fb0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
date
Fri, 18 Aug 2023 05:04:03 GMT
x-shield-cache-expires
10
x-amz-request-id
TB0Y6VHM4JRHTPH1
age
4785
x-cache
HIT, HIT
x-host
static.advance.net
content-length
14248
x-served-by
cache-iad-kiad7000030-IAD, cache-bfi-krnt7300055-BFI
last-modified
Thu, 03 Mar 2022 17:31:43 GMT
x-timer
S1692335043.432444,VS0,VE0
etag
"aefa848511ed2323f5f7292cad413d91"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=36000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cannabisinsider-newyorkupstate.svg
static.advance.net/static/common/img/piano/dynamic-offer/logos/ Frame 4A7A 		16 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.advance.net/static/common/img/piano/dynamic-offer/logos/cannabisinsider-newyorkupstate.svg
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=aUOJ4c05bh&templateId=OTRMUB4CTRX4&templateVariantId=OTV7NW69OI407&offerId=fakeOfferId&experienceId=EX0RHWLWUL3H&iframeId=offer_26ee15f2dc8a2a38fbf2-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.oregonlive.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3b2ce9e63a7f14001e6af32ad0d3b19b045b916cf8073180d25688e4b3f49e40

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
date
Fri, 18 Aug 2023 05:04:03 GMT
x-shield-cache-expires
10
x-amz-request-id
FS902SY5F79MRH1B
age
14368
x-cache
HIT, HIT
x-host
static.advance.net
content-length
3492
x-served-by
cache-iad-kcgs7200121-IAD, cache-bfi-krnt7300055-BFI
last-modified
Mon, 07 Mar 2022 18:18:54 GMT
x-timer
S1692335043.432444,VS0,VE0
etag
"67c5456929bc3d85c2333fc91a450c71"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=36000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
syracuse-cny.svg
static.advance.net/static/common/img/piano/dynamic-offer/logos/ Frame 4A7A 		64 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.advance.net/static/common/img/piano/dynamic-offer/logos/syracuse-cny.svg
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=aUOJ4c05bh&templateId=OTRMUB4CTRX4&templateVariantId=OTV7NW69OI407&offerId=fakeOfferId&experienceId=EX0RHWLWUL3H&iframeId=offer_26ee15f2dc8a2a38fbf2-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.oregonlive.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
924e4b297681729162fa238a756db89acf5a1dc0cd23c1204c9a4e4407493822

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
date
Fri, 18 Aug 2023 05:04:03 GMT
x-shield-cache-expires
10
x-amz-request-id
3F7PYAJDYS7W3G3P
age
13440
x-cache
HIT, HIT
x-host
static.advance.net
content-length
48413
x-served-by
cache-iad-kiad7000094-IAD, cache-bfi-krnt7300055-BFI
last-modified
Tue, 04 Jan 2022 20:10:53 GMT
x-timer
S1692335043.432423,VS0,VE0
etag
"30947d9aefcf59c3095181bf0123a29f"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=36000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
al-thelede.svg
static.advance.net/static/common/img/piano/dynamic-offer/logos/ Frame 4A7A 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.advance.net/static/common/img/piano/dynamic-offer/logos/al-thelede.svg
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=aUOJ4c05bh&templateId=OTRMUB4CTRX4&templateVariantId=OTV7NW69OI407&offerId=fakeOfferId&experienceId=EX0RHWLWUL3H&iframeId=offer_26ee15f2dc8a2a38fbf2-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.oregonlive.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
30e382a9546c4b436b0568f463e7c3274696c3c59f7aa871af91a33a967f05c4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
date
Fri, 18 Aug 2023 05:04:03 GMT
x-shield-cache-expires
10
x-amz-request-id
EBAHXZWEXVBJW871
age
16126
x-cache
HIT, HIT
x-host
static.advance.net
content-length
2079
x-served-by
cache-iad-kjyo7100029-IAD, cache-bfi-krnt7300055-BFI
last-modified
Tue, 24 May 2022 18:14:31 GMT
x-timer
S1692335043.432404,VS0,VE0
etag
"1527b5427a70175541ef142224302fa8"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=36000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
logo-lede_bhm-al.png
static.advance.net/static/common/img/piano/dynamic-offer/logos/ Frame 4A7A 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.advance.net/static/common/img/piano/dynamic-offer/logos/logo-lede_bhm-al.png
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=aUOJ4c05bh&templateId=OTRMUB4CTRX4&templateVariantId=OTV7NW69OI407&offerId=fakeOfferId&experienceId=EX0RHWLWUL3H&iframeId=offer_26ee15f2dc8a2a38fbf2-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.oregonlive.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
70c0b487552a9a2ea102ed22ae505177c567320390f5136bcef5dd56d48d4f02

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 18 Aug 2023 05:04:03 GMT
x-shield-cache-expires
10
x-amz-request-id
3VTZWC38PDNKM6QC
age
1354
x-cache
HIT, HIT
x-host
static.advance.net
content-length
44631
x-served-by
cache-iad-kiad7000053-IAD, cache-bfi-krnt7300055-BFI
last-modified
Fri, 20 May 2022 13:44:08 GMT
x-timer
S1692335043.432382,VS0,VE0
etag
"a683a2407cd20aa2076aed1087f11b61"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=36000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
logo-lede_hsv-al.png
static.advance.net/static/common/img/piano/dynamic-offer/logos/ Frame 4A7A 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.advance.net/static/common/img/piano/dynamic-offer/logos/logo-lede_hsv-al.png
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=aUOJ4c05bh&templateId=OTRMUB4CTRX4&templateVariantId=OTV7NW69OI407&offerId=fakeOfferId&experienceId=EX0RHWLWUL3H&iframeId=offer_26ee15f2dc8a2a38fbf2-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.oregonlive.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9c1a3cf6c5fae33a0a2b627a9785b585148970346adbbcc204a4519d05f9a089

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 18 Aug 2023 05:04:03 GMT
x-shield-cache-expires
10
x-amz-request-id
ZQST5DX8XNA2CQCM
age
21820
x-cache
HIT, HIT
x-host
static.advance.net
content-length
42755
x-served-by
cache-iad-kjyo7100080-IAD, cache-bfi-krnt7300055-BFI
last-modified
Fri, 20 May 2022 13:44:08 GMT
x-timer
S1692335043.432371,VS0,VE0
etag
"1dc34579a74c449327a76697d00bb180"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=36000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
logo-lede_mob-al.png
static.advance.net/static/common/img/piano/dynamic-offer/logos/ Frame 4A7A 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.advance.net/static/common/img/piano/dynamic-offer/logos/logo-lede_mob-al.png
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=aUOJ4c05bh&templateId=OTRMUB4CTRX4&templateVariantId=OTV7NW69OI407&offerId=fakeOfferId&experienceId=EX0RHWLWUL3H&iframeId=offer_26ee15f2dc8a2a38fbf2-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.oregonlive.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d2b28582d25b3aa38daf12c501c7abc9297ae74d035ee343941f0938adec0524

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 18 Aug 2023 05:04:03 GMT
x-shield-cache-expires
10
x-amz-request-id
THSS8Z1X4TWHJWFB
age
5117
x-cache
HIT, HIT
x-host
static.advance.net
content-length
42953
x-served-by
cache-iad-kiad7000082-IAD, cache-bfi-krnt7300055-BFI
last-modified
Fri, 20 May 2022 13:44:08 GMT
x-timer
S1692335044.536908,VS0,VE0
etag
"563af4d5a587fe270e3c6e43be6f32ec"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=36000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
penn-truecrime.png
static.advance.net/static/common/img/piano/dynamic-offer/logos/ Frame 4A7A 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.advance.net/static/common/img/piano/dynamic-offer/logos/penn-truecrime.png
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=aUOJ4c05bh&templateId=OTRMUB4CTRX4&templateVariantId=OTV7NW69OI407&offerId=fakeOfferId&experienceId=EX0RHWLWUL3H&iframeId=offer_26ee15f2dc8a2a38fbf2-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.oregonlive.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d86ce55edee7f570d7fc315f84814e3b1171edef20e3778e10066727092638b9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 18 Aug 2023 05:04:03 GMT
x-shield-cache-expires
10
x-amz-request-id
7Y3G0QCFXFQ6BCQJ
age
33365
x-cache
HIT, HIT
x-host
static.advance.net
content-length
7289
x-served-by
cache-iad-kcgs7200048-IAD, cache-bfi-krnt7300055-BFI
last-modified
Tue, 05 Jul 2022 18:14:11 GMT
x-timer
S1692335044.536886,VS0,VE0
etag
"b3623ac64851022e99375a518b7bb87c"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=36000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
close-icon-black.svg
static.advance.net/static/common/img/piano/ Frame 4A7A 		1 KB
864 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.advance.net/static/common/img/piano/close-icon-black.svg
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=aUOJ4c05bh&templateId=OTRMUB4CTRX4&templateVariantId=OTV7NW69OI407&offerId=fakeOfferId&experienceId=EX0RHWLWUL3H&iframeId=offer_26ee15f2dc8a2a38fbf2-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.oregonlive.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
eef57151e6646e4f59ca6a1d749631ee2f89bf4d1b736fb4620b784cedbe0de6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
date
Fri, 18 Aug 2023 05:04:03 GMT
x-shield-cache-expires
10
x-amz-request-id
PJJGA1AFC3HNTMBP
age
6152
x-cache
HIT, HIT
x-host
static.advance.net
content-length
610
x-served-by
cache-iad-kjyo7100168-IAD, cache-bfi-krnt7300055-BFI
last-modified
Mon, 27 Jan 2020 14:39:52 GMT
x-timer
S1692335044.536885,VS0,VE0
etag
"35ec888ec074218ee36fea53d51653a8"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame 6FA4 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gpp=DBABLA~BVQqAAAACgA.QA&gpp_sid=7
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.51.138.68 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-138-68.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f4dc6984751d8119c3e1f269a2e135838c9b4a56f3fd77bb9e8a6805ab0bf817

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?gpp=DBABLA~BVQqAAAACgA.QA&gpp_sid=7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 05:04:02 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Aug 2023 23:27:17 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=66161
Connection
keep-alive
Content-Length
10115
Expires
Fri, 18 Aug 2023 23:26:43 GMT
match
c1.adform.net/serving/cookie/ Frame 3096
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=551EE106-756F-4E51-B29D-5D3D95B38A23&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=551EE106-756F-4E51-B29D-5D3D95B38A23&gdpr=0&gdpr_consent=
35 B
591 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=551EE106-756F-4E51-B29D-5D3D95B38A23&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Fri, 18 Aug 2023 05:04:03 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Fri, 18 Aug 2023 05:04:03 GMT
expires
-1
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=551EE106-756F-4E51-B29D-5D3D95B38A23&gdpr=0&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 6D63
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=1T_KpYVpzfPOPpqm1T2DooE_zPXOMp2kgDIqp5Jr
42 B
340 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=1T_KpYVpzfPOPpqm1T2DooE_zPXOMp2kgDIqp5Jr
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 18 Aug 2023 05:04:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Fri, 18 Aug 2023 05:04:03 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=1T_KpYVpzfPOPpqm1T2DooE_zPXOMp2kgDIqp5Jr
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 30AD
Redirect Chain
  • https://cm.ambientdsp.com/cm/send?vc=pmj
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=118o1bwn7gl9
1 B
228 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=118o1bwn7gl9
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Fri, 18 Aug 2023 05:04:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-encoding
utf-8
cache-control
no-store
content-length
0
date
Fri, 18 Aug 2023 05:04:03 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=118o1bwn7gl9
lws
127.0.0.1
strict-transport-security
max-age=31536000; includeSubDomains
time-ms
0
Pug
simage2.pubmatic.com/AdServer/ Frame B7F2
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7863576873242556398&gdpr=0&gdpr_consent=
42 B
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7863576873242556398&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 18 Aug 2023 05:04:02 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
e801eaa3-7aa5-4c74-bda7-33427ab81c24
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Fri, 18 Aug 2023 05:04:02 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7863576873242556398&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
66.203.112.161; 66.203.112.161; 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
x-xss-protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame 4914
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 18 Aug 2023 05:04:02 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Fri, 18 Aug 2023 05:04:02 GMT
expires
Fri, 18 Aug 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
775691
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame B5B5
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
85 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZN77wwAAAPAQywBV
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Fri, 18 Aug 2023 05:04:03 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-bfi-kbfi7400085-BFI
x-timer
S1692335043.464769,VS0,VE71

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Fri, 18 Aug 2023 05:04:03 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZN77wwAAAPAQywBV
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-bfi-kbfi7400085-BFI
x-timer
S1692335043.163116,VS0,VE70
Pug
simage2.pubmatic.com/AdServer/ Frame D23C
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=T5JGdZOhWWx9qO_rLbwWkELLcKE&gdpr=0&gdpr_consent=
42 B
303 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=T5JGdZOhWWx9qO_rLbwWkELLcKE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 18 Aug 2023 05:04:02 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Fri, 18 Aug 2023 05:04:02 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=T5JGdZOhWWx9qO_rLbwWkELLcKE&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame 1041
Redirect Chain
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=afej6twsv6tr
42 B
308 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=afej6twsv6tr
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 18 Aug 2023 05:04:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-encoding
utf-8
cache-control
no-cache, no-store
content-length
0
date
Fri, 18 Aug 2023 05:04:03 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=afej6twsv6tr
lws
20
strict-transport-security
max-age=31536000; includeSubDomains
time-ms
0
458249.gif
idsync.rlcdn.com/ Frame 80A2
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=551EE106-756F-4E51-B29D-5D3D95B38A23
  • https://pippio.com/api/sync?pid=5324&it=1&iv=92678aca106c222dfaade70d089ca5dde1281feb3daece9ca445e3b61ace0fcf791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA5MjY3OGFjYTEwNmMyMjJkZmFhZGU3MGQwODljYTVkZGUxMjgxZmViM2RhZWNlOWNhNDQ1ZTNiNjFhY2UwZmNmNzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA5MjY3OGFjYTEwNmMyMjJkZmFhZGU3MGQwODljYTVkZGUxMjgxZmViM2RhZWNlOWNhNDQ1ZTNiNjFhY2UwZmNmNzkxNDI2YjU0MTdkY2UyMRAAGgwIw_f7pgYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=a0a6e585-e542-4f7b-8599-bf6bda753f75
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=a0a6e585-e542-4f7b-8599-bf6bda753f75
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:04:04 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/458249.gif?partner_uid=a0a6e585-e542-4f7b-8599-bf6bda753f75
date
Fri, 18 Aug 2023 05:04:04 GMT
via
1.1 google
x-samesite
secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
content-type
text/html; charset=utf-8
SPug
image4.pubmatic.com/AdServer/ Frame 80A2
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=551EE106-756F-4E51-B29D-5D3D95B38A23&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-.vX.eVhE2uXlC3h2y_4mvHjMfO22y5Q-~A&gdpr=0
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-.vX.eVhE2uXlC3h2y_4mvHjMfO22y5Q-~A&gdpr=0
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Server
207.65.33.76 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:04:02 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-.vX.eVhE2uXlC3h2y_4mvHjMfO22y5Q-~A&gdpr=0
date
Fri, 18 Aug 2023 05:04:02 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 80A2
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3129732796144541368
42 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3129732796144541368
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Server
67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 18 Aug 2023 05:04:03 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 05:04:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3129732796144541368
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 80A2
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3716523809623638564&gdpr=0&gdpr_consent=&us_privacy=
1 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3716523809623638564&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Server
67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Fri, 18 Aug 2023 05:04:03 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3716523809623638564&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Fri, 18 Aug 2023 05:04:03 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
match
c1.adform.net/serving/cookie/ Frame F6B9
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=551EE106-756F-4E51-B29D-5D3D95B38A23&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=551EE106-756F-4E51-B29D-5D3D95B38A23&gdpr=0&gdpr_consent=
35 B
590 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=551EE106-756F-4E51-B29D-5D3D95B38A23&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Fri, 18 Aug 2023 05:04:03 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Fri, 18 Aug 2023 05:04:03 GMT
expires
-1
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=551EE106-756F-4E51-B29D-5D3D95B38A23&gdpr=0&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
396846.gif
idsync.rlcdn.com/ Frame E1DA
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=551EE106-756F-4E51-B29D-5D3D95B38A23
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=5045b17f-3fb7-4c24-8c2c-f7ea349b04c7
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=5045b17f-3fb7-4c24-8c2c-f7ea349b04c7
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:04:03 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Fri, 18 Aug 2023 05:04:02 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=5045b17f-3fb7-4c24-8c2c-f7ea349b04c7
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame 9CCB
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=MgzvSGJa6B4pDb9LMAymHDNb6hspXelOMQHlTC5E
42 B
341 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=MgzvSGJa6B4pDb9LMAymHDNb6hspXelOMQHlTC5E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 18 Aug 2023 05:04:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Fri, 18 Aug 2023 05:04:03 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=MgzvSGJa6B4pDb9LMAymHDNb6hspXelOMQHlTC5E
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 73DA
Redirect Chain
  • https://cm.ambientdsp.com/cm/send?vc=pmj
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=118o1bwworz4
1 B
149 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=118o1bwworz4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Fri, 18 Aug 2023 05:04:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-encoding
utf-8
cache-control
no-store
content-length
0
date
Fri, 18 Aug 2023 05:04:03 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=118o1bwworz4
lws
127.0.0.1
strict-transport-security
max-age=31536000; includeSubDomains
time-ms
0
Pug
simage2.pubmatic.com/AdServer/ Frame 4F39
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7863576873242556398&gdpr=0&gdpr_consent=
42 B
97 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7863576873242556398&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 18 Aug 2023 05:04:02 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
0e8717f2-36fa-4413-9b4c-e5ea723e1cb1
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Fri, 18 Aug 2023 05:04:02 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7863576873242556398&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
66.203.112.161; 66.203.112.161; 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
x-xss-protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame 1D55
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 18 Aug 2023 05:04:02 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Fri, 18 Aug 2023 05:04:02 GMT
expires
Fri, 18 Aug 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
642405
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
SPug
image4.pubmatic.com/AdServer/ Frame E1DA
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=551EE106-756F-4E51-B29D-5D3D95B38A23&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-.vX.eVhE2uXlC3h2y_4mvHjMfO22y5Q-~A&gdpr=0
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-.vX.eVhE2uXlC3h2y_4mvHjMfO22y5Q-~A&gdpr=0
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Server
207.65.33.76 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:04:02 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-.vX.eVhE2uXlC3h2y_4mvHjMfO22y5Q-~A&gdpr=0
date
Fri, 18 Aug 2023 05:04:02 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame ED94
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
85 B
228 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZN77wwAJZreGIgAN
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Fri, 18 Aug 2023 05:04:03 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-bfi-kbfi7400085-BFI
x-timer
S1692335043.466497,VS0,VE70

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Fri, 18 Aug 2023 05:04:03 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZN77wwAJZreGIgAN
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-bfi-kbfi7400085-BFI
x-timer
S1692335043.163100,VS0,VE71
ecm3
s.amazon-adsystem.com/ Frame 1C03 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID551EE106-756F-4E51-B29D-5D3D95B38A23
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 18 Aug 2023 05:04:02 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
CVSVWB2E6N4M4CH5M8TK
bridge-31050.js
video-ads.rubiconproject.com/video/ Frame 66AA 		65 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video-ads.rubiconproject.com/video/bridge-31050.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.4.1/OvaMediaPlayer.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.190.68 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-190-68.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (CentOS) PHP/5.4.16 /
Resource Hash
c002b1b4f4aacc0c7e2bf806a9efa9263fb5f34826500f0ffb0417238cc7cceb

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 05:04:02 GMT
Content-Encoding
gzip
Last-Modified
Thu, 10 Nov 2022 16:05:35 GMT
Server
Apache/2.4.6 (CentOS) PHP/5.4.16
ETag
"10253-5ed1ff17fb1c0-gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, PUT, OPTIONS, PATCH, DELETE
Content-Type
application/javascript
Access-Control-Allow-Origin
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Accept-Charset,X-Accept,Content-Type
Content-Length
20231
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame 1369 		446 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.4.1/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-64.sin2.r.cloudfront.net
Software
CloudFront /
Resource Hash
2587c21e92433883573fb9a7d23f3219f7263fb61cc36e0cedc4dec4a3841b6b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 20:00:57 GMT
content-encoding
br
via
1.1 aba5c115363c1a37b7337fdb5a449b1e.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
x-cache-status
MISS
x-cache
Hit from cloudfront
last-modified
Thu, 06 Jul 2023 01:58:31 GMT
server
CloudFront
etag
W/"64a61fc7-6f992"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=86400
access-control-allow-credentials
true
x-amz-cf-id
hf1d1KJ0RM3nQ1rzehLhl_kKTKtOPwNscMMebjOFQFbmn5n1BEpEtA==
expires
Fri, 18 Aug 2023 20:00:57 GMT
vast.xml
optimized-by.rubiconproject.com/a/api/ Frame 66AA 		28 B
310 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://optimized-by.rubiconproject.com/a/api/vast.xml?us_privacy=1---&account_id=16698&site_id=144084&zone_id=1761832&size_id=203&rf=https://guestofaguest.com&p_aso.video.maxduration=60&p_window.depth=0&p_window.url=&p_window.w=1600&p_window.h=1200&width=300&height=168&p_aso.video.api=2&p_aso.video.mimes=application/javascript,video/mp4&tk_vpaid=1&cb=294355079931463.1&rp_secure=1
Requested by
Host: video-ads.rubiconproject.com
URL: https://video-ads.rubiconproject.com/video/bridge-31050.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.139.77.230 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-139-77-230.ap-southeast-1.compute.amazonaws.com
Software
nginx/1.21.4 /
Resource Hash
71a904ba726ae38a8aa08425bae824e9850452b5c41a182bdc526a139ba3a9bc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

expires
Wed, 17 Sep 1975 21:32:10 GMT
pragma
no-cache
date
Fri, 18 Aug 2023 05:04:04 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://www.oregonlive.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
28
x-http2-stream-id
84711
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
405 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
3c249668dec724dea6b993109ec75d09f5370a49616af3f625e752cf6cd280c7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.oregonlive.com
date
Fri, 18 Aug 2023 05:04:03 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
crum
dsum-sec.casalemedia.com/ Frame 587B
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?us_privacy=1---&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZN77wm-kt8ryulzCHlnBYwAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELVQiTGvJkeky_yV29dLqK0&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELVQiTGvJkeky_yV29dLqK0&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 05:04:04 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 05:04:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELVQiTGvJkeky_yV29dLqK0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 587B 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=1---&gdpr=&gdpr_consent=&id=ZN77wm_kt8ryulzCHlnBYwAAEmsAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 05:04:03 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
RT0Y0FNJEEXBQ0J2X6TP
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 587B
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale?us_privacy=1---
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=8b999cfa-351b-4b8b-9198-9c822931a478&expiration=1694927043&gdpr=0&gdpr_consent=
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=8b999cfa-351b-4b8b-9198-9c822931a478&expiration=1694927043&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 05:04:04 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 05:04:03 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=8b999cfa-351b-4b8b-9198-9c822931a478&expiration=1694927043&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
usermatchredir
ssum-sec.casalemedia.com/ Frame 587B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZN77wm_kt8ryulzCHlnBYwAAEmsAAAIB&gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELAxLoKJ8ankqpLuhmZAck8&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELAxLoKJ8ankqpLuhmZAck8&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 05:04:03 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 05:04:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELAxLoKJ8ankqpLuhmZAck8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 587B
Redirect Chain
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=1---&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=f3a24a65-2fb7-4df6-8a6e-a73cc0302135&gpp_sid=null&gpp=null&us_privacy=1---&gdpr_consent=null&gdpr=null
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=f3a24a65-2fb7-4df6-8a6e-a73cc0302135&gpp_sid=null&gpp=null&us_privacy=1---&gdpr_consent=null&gdpr=null
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 05:04:04 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=f3a24a65-2fb7-4df6-8a6e-a73cc0302135&gpp_sid=null&gpp=null&us_privacy=1---&gdpr_consent=null&gdpr=null
date
Fri, 18 Aug 2023 05:04:04 GMT
server
_
content-length
0
crum
dsum-sec.casalemedia.com/ Frame 587B
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=4530681814726889376&gdpr=0&gdpr_consent=
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=4530681814726889376&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 05:04:04 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=4530681814726889376&gdpr=0&gdpr_consent=
date
Fri, 18 Aug 2023 05:04:03 GMT
content-length
0
rum
dsum-sec.casalemedia.com/ Frame 587B
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&us_privacy=1---
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&us_privacy=1---&_test=ZN77wwAGMnYSbgBV
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZN77wwAGMnYSbgBV&us_privacy=1---&_test=ZN77wwAGMnYSbgBV
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZN77wwAGMnYSbgBV&us_privacy=1---&_test=ZN77wwAGMnYSbgBV
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 05:04:04 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-bfi-kbfi7400085-BFI
pragma
no-cache
date
Fri, 18 Aug 2023 05:04:03 GMT
via
1.1 varnish
server
Varnish
x-timer
S1692335044.698085,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZN77wwAGMnYSbgBV&us_privacy=1---&_test=ZN77wwAGMnYSbgBV
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
crum
dsum.casalemedia.com/ Frame 587B
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&us_privacy=1---
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=7863576873242556398&us_privacy=1---
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=7863576873242556398&us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 05:04:04 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 05:04:03 GMT
an-x-request-uuid
cf6363e5-5bbc-4e6a-aa59-d5088e2956c4
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=7863576873242556398&us_privacy=1---
x-proxy-origin
66.203.112.161; 66.203.112.161; 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame 587B 		43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZN77wm-kt8ryulzCHlnBYwAA%264715=&us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:04:03 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
44507
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7f879d260e28a961-SYD
content-length
43
expires
Sat, 19 Aug 2023 05:04:03 GMT
piano-frame.js
static.advance.net/static/common/js/ Frame 4A7A 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.advance.net/static/common/js/piano-frame.js
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
66fd57ba72d90085943ad028bb0a99da56ab6daba1a9030929e9504dc8ec12b7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
date
Fri, 18 Aug 2023 05:04:03 GMT
x-shield-cache-expires
10
x-amz-request-id
G6ZQXKEQYZS8RASG
age
247
x-cache
HIT, HIT
x-host
static.advance.net
content-length
3628
x-served-by
cache-iad-kcgs7200148-IAD, cache-bfi-krnt7300055-BFI
last-modified
Tue, 18 Apr 2023 13:28:23 GMT
x-timer
S1692335044.536845,VS0,VE0
etag
"491a0b3bf098d18871981579ae670ba7"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=600
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
pubcid.php
hbx.media.net/ Frame F414 		57 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hbx.media.net/pubcid.php?itype=HB&cb=window.advBidxc.mnetCoRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=2034%2C2033%2C2030%2C273%2C157%2C2027%2C159%2C2026%2C117%2C359%2C239%2C97%2C99%2C56%2C59%2C3012%2C2043%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C3024%2C3022%2C171%2C3020%2C173%2C294%2C251%2C175%2C132%2C178%2C257%2C3017%2C214%2C3016%2C337%2C338%2C459%2C339%2C77%2C184%2C261%2C141%2C262%2C461%2C188%2C222%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.48.24 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-48-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7b48a74fa0f94d83ae6d60c772f5e7aa66e7be1b63ccf223ca14e34d3d7b0d22
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
content-encoding
gzip
date
Fri, 18 Aug 2023 05:04:04 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=1800
content-length
18543
x-mnet-hl2
E
expires
Fri, 18 Aug 2023 05:34:04 GMT
sync
gum.criteo.com/ Frame F414 		88 B
327 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=2034%2C2033%2C2030%2C273%2C157%2C2027%2C159%2C2026%2C117%2C359%2C239%2C97%2C99%2C56%2C59%2C3012%2C2043%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C3024%2C3022%2C171%2C3020%2C173%2C294%2C251%2C175%2C132%2C178%2C257%2C3017%2C214%2C3016%2C337%2C338%2C459%2C339%2C77%2C184%2C261%2C141%2C262%2C461%2C188%2C222%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
025e4422eb9dfd019608fd72ccbdfdfbb6212ad35b28d4754b6a0f83ce72ecd8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:04:03 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
557325
expires
60
cksync.html
contextual.media.net/ Frame 2BBA
Redirect Chain
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3353366432889778000V10%26type%3Drkt%26refUrl%3D%26vid%3D233504351633533664328897780...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3353366432889778000V10&type=rkt&refUrl=&vid=23350435163353366432889778000V10&ovsid=1977432093378128057
235 B
659 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3353366432889778000V10&type=rkt&refUrl=&vid=23350435163353366432889778000V10&ovsid=1977432093378128057
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=2034%2C2033%2C2030%2C273%2C157%2C2027%2C159%2C2026%2C117%2C359%2C239%2C97%2C99%2C56%2C59%2C3012%2C2043%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C3024%2C3022%2C171%2C3020%2C173%2C294%2C251%2C175%2C132%2C178%2C257%2C3017%2C214%2C3016%2C337%2C338%2C459%2C339%2C77%2C184%2C261%2C141%2C262%2C461%2C188%2C222%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.196.24 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7adfac299561b9d5ab03c88e9d582cf76bd31746a4c0564d7d0d428199c943df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
235
content-type
text/html;charset=UTF-8
date
Fri, 18 Aug 2023 05:04:04 GMT
expires
Fri, 18 Aug 2023 05:04:04 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E

Redirect headers

Content-Length
0
Date
Fri, 18 Aug 2023 05:04:04 GMT
Location
https://contextual.media.net/cksync.html?cs=8&vsid=3353366432889778000V10&type=rkt&refUrl=&vid=23350435163353366432889778000V10&ovsid=1977432093378128057
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
cksync.php
contextual.media.net/ Frame F414
Redirect Chain
  • https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3353366432889778000V10%26type%3Dcon%26refUrl...
  • https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=7af504b98647257b&is_secure=true&version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3353366432889778000V10&type=con&refUrl=&vid=23350435163353366432889778000V10&ovsid=AAAJrVUv6KOD8QM6wH7KAAAAAAA&expiration=1692421444&is_secure=true
61 B
468 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3353366432889778000V10&type=con&refUrl=&vid=23350435163353366432889778000V10&ovsid=AAAJrVUv6KOD8QM6wH7KAAAAAAA&expiration=1692421444&is_secure=true
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=2034%2C2033%2C2030%2C273%2C157%2C2027%2C159%2C2026%2C117%2C359%2C239%2C97%2C99%2C56%2C59%2C3012%2C2043%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C3024%2C3022%2C171%2C3020%2C173%2C294%2C251%2C175%2C132%2C178%2C257%2C3017%2C214%2C3016%2C337%2C338%2C459%2C339%2C77%2C184%2C261%2C141%2C262%2C461%2C188%2C222%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.83.196.24 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 18 Aug 2023 05:04:05 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Fri, 18 Aug 2023 05:04:05 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 05:04:04 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://contextual.media.net/cksync.php?cs=8&vsid=3353366432889778000V10&type=con&refUrl=&vid=23350435163353366432889778000V10&ovsid=AAAJrVUv6KOD8QM6wH7KAAAAAAA&expiration=1692421444&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
cksync.php
contextual.media.net/ Frame F414
Redirect Chain
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3353366432889778000V10%26type%3Dr1%26refUrl%3D%26vid%3D23350435163353366432...
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&zcc=1&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3353366432889778000V10%26type%3Dr1%26refUrl%3D%26vid%3D23350435163353...
  • https://ad.turn.com/r/cs?pid=45&rndcb=7206829049
  • https://sync.1rx.io/usersync/turn/3716523809623638564?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-bf7e7654-3a31-4510-adb4-9e67b63e59de-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3353366432889778000V10%26type%3Dr1%2...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3353366432889778000V10&type=r1&refUrl=&vid=23350435163353366432889778000V10&ovsid=RX-bf7e7654-3a31-4510-adb4-9e67b63e59de-004
61 B
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3353366432889778000V10&type=r1&refUrl=&vid=23350435163353366432889778000V10&ovsid=RX-bf7e7654-3a31-4510-adb4-9e67b63e59de-004
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=2034%2C2033%2C2030%2C273%2C157%2C2027%2C159%2C2026%2C117%2C359%2C239%2C97%2C99%2C56%2C59%2C3012%2C2043%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C3024%2C3022%2C171%2C3020%2C173%2C294%2C251%2C175%2C132%2C178%2C257%2C3017%2C214%2C3016%2C337%2C338%2C459%2C339%2C77%2C184%2C261%2C141%2C262%2C461%2C188%2C222%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.83.196.24 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 18 Aug 2023 05:04:05 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Fri, 18 Aug 2023 05:04:05 GMT

Redirect headers

location
https://contextual.media.net/cksync.php?cs=8&vsid=3353366432889778000V10&type=r1&refUrl=&vid=23350435163353366432889778000V10&ovsid=RX-bf7e7654-3a31-4510-adb4-9e67b63e59de-004
date
Fri, 18 Aug 2023 05:04:05 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXbf7e76543a314510adb49e67b63e59de004
content-type
text/html
cksync
cs.media.net/ Frame F414
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzM1MzM2NjQzMjg4OTc3ODAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEG-HGEgg_t0nFKFow_rQB3I&google_cver=1
61 B
626 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEG-HGEgg_t0nFKFow_rQB3I&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=2034%2C2033%2C2030%2C273%2C157%2C2027%2C159%2C2026%2C117%2C359%2C239%2C97%2C99%2C56%2C59%2C3012%2C2043%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C3024%2C3022%2C171%2C3020%2C173%2C294%2C251%2C175%2C132%2C178%2C257%2C3017%2C214%2C3016%2C337%2C338%2C459%2C339%2C77%2C184%2C261%2C141%2C262%2C461%2C188%2C222%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
96.17.188.24 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-188-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 05:04:04 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
61
x-mnet-hl2
E
Expires
Fri, 18 Aug 2023 05:04:04 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 05:04:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEG-HGEgg_t0nFKFow_rQB3I&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame F414
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3353366432889778000V10%26type%3Ddxu%26refUrl%3D%26vid%3D23350435163353366432889...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3353366432889778000V10%26type%3Ddxu%26refUrl%3D%26vid%3D23350435163353366...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3353366432889778000V10&type=dxu&refUrl=&vid=23350435163353366432889778000V10&ovsid=EPncLZo91QwREw5
61 B
459 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3353366432889778000V10&type=dxu&refUrl=&vid=23350435163353366432889778000V10&ovsid=EPncLZo91QwREw5
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=2034%2C2033%2C2030%2C273%2C157%2C2027%2C159%2C2026%2C117%2C359%2C239%2C97%2C99%2C56%2C59%2C3012%2C2043%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C3024%2C3022%2C171%2C3020%2C173%2C294%2C251%2C175%2C132%2C178%2C257%2C3017%2C214%2C3016%2C337%2C338%2C459%2C339%2C77%2C184%2C261%2C141%2C262%2C461%2C188%2C222%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.83.196.24 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 18 Aug 2023 05:04:04 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Fri, 18 Aug 2023 05:04:04 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 05:04:03 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-788-g55788f4#dev-temp-decrease-retargeting-updates-batch i-0e212611649353800@ap-southeast-1a@dxedge-app-ap-southeast-1-prod-asg
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3353366432889778000V10&type=dxu&refUrl=&vid=23350435163353366432889778000V10&ovsid=EPncLZo91QwREw5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame F414
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=00ba0101-218e-463a-b0f2-54fd1550533a
61 B
623 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=00ba0101-218e-463a-b0f2-54fd1550533a
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=2034%2C2033%2C2030%2C273%2C157%2C2027%2C159%2C2026%2C117%2C359%2C239%2C97%2C99%2C56%2C59%2C3012%2C2043%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C3024%2C3022%2C171%2C3020%2C173%2C294%2C251%2C175%2C132%2C178%2C257%2C3017%2C214%2C3016%2C337%2C338%2C459%2C339%2C77%2C184%2C261%2C141%2C262%2C461%2C188%2C222%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.83.196.24 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 18 Aug 2023 05:04:03 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Fri, 18 Aug 2023 05:04:03 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 05:04:03 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=00ba0101-218e-463a-b0f2-54fd1550533a
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
987812
content-length
0
expires
Fri, 18 Aug 2023 00:00:00 GMT
cksync.php
contextual.media.net/ Frame F414
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=medianet&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=medianet&gdpr=0&user_id=nLEaoMznHfaHsEqjnrFT9J3mH_OH4Bymn7wTPGGS
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=85d455f1-a9cd-401c-b4a8-2f85f780b33b&gdpr=0&gdpr_consent=&gdpr_pd=
61 B
472 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=85d455f1-a9cd-401c-b4a8-2f85f780b33b&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=2034%2C2033%2C2030%2C273%2C157%2C2027%2C159%2C2026%2C117%2C359%2C239%2C97%2C99%2C56%2C59%2C3012%2C2043%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C3024%2C3022%2C171%2C3020%2C173%2C294%2C251%2C175%2C132%2C178%2C257%2C3017%2C214%2C3016%2C337%2C338%2C459%2C339%2C77%2C184%2C261%2C141%2C262%2C461%2C188%2C222%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.83.196.24 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 18 Aug 2023 05:04:04 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Fri, 18 Aug 2023 05:04:04 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?cs=1&type=bs&ovsid=85d455f1-a9cd-401c-b4a8-2f85f780b33b&gdpr=0&gdpr_consent=&gdpr_pd=
Date
Fri, 18 Aug 2023 05:04:04 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cksync.php
contextual.media.net/ Frame F414
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?puid=${VSID}&cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__https%3A%2F%2Fcontextual.media.net%2Fcksync.php...
  • https://stags.bluekai.com/site/23178?id=53I2OPE7Joc9Vv-EHxBm&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2MJGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPJVGNETET2QIU3UU33DHFLHMLKFJB4EE...
  • https://contextual.media.net/cksync.php?cs=1&ovsid=53I2OPE7Joc9Vv-EHxBmhttps%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8&ovsid=__ZUID__&refUrl=&type=zem&type=zem&vid=233504351633533664328897...
60 B
298 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&ovsid=53I2OPE7Joc9Vv-EHxBmhttps%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8&ovsid=__ZUID__&refUrl=&type=zem&type=zem&vid=23350435163353366432889778000V10&vsid=3353366432889778000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=2034%2C2033%2C2030%2C273%2C157%2C2027%2C159%2C2026%2C117%2C359%2C239%2C97%2C99%2C56%2C59%2C3012%2C2043%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C3024%2C3022%2C171%2C3020%2C173%2C294%2C251%2C175%2C132%2C178%2C257%2C3017%2C214%2C3016%2C337%2C338%2C459%2C339%2C77%2C184%2C261%2C141%2C262%2C461%2C188%2C222%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.83.196.24 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0c34dc4de2a524e93b1315788f03ba101b99e22ff50082945e84a00368d73e16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 18 Aug 2023 05:04:05 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
60
x-mnet-hl2
E
expires
Fri, 18 Aug 2023 05:04:05 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 05:04:05 GMT
Content-Type
text/html; charset=utf-8
Location
https://contextual.media.net/cksync.php?cs=1&ovsid=53I2OPE7Joc9Vv-EHxBmhttps%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8&ovsid=__ZUID__&refUrl=&type=zem&type=zem&vid=23350435163353366432889778000V10&vsid=3353366432889778000V10
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
284
Expires
Thu, 01 Dec 1994 16:00:00 GMT
/
dmp.adblade.com/srv/sync/gateway/ Frame F414 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adblade.com/srv/sync/gateway/?cId=Medianet;__src=adblade
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=2034%2C2033%2C2030%2C273%2C157%2C2027%2C159%2C2026%2C117%2C359%2C239%2C97%2C99%2C56%2C59%2C3012%2C2043%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C3024%2C3022%2C171%2C3020%2C173%2C294%2C251%2C175%2C132%2C178%2C257%2C3017%2C214%2C3016%2C337%2C338%2C459%2C339%2C77%2C184%2C261%2C141%2C262%2C461%2C188%2C222%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.73.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-73-116.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 05:04:04 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
cksync.php
contextual.media.net/ Frame F414
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3353366432889778000V10
  • https://contextual.media.net/cksync.php?type=mf&ovsid=b891cd1a-f4d0-4056-8fe1-6a338fe37346&cs=1
61 B
472 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=mf&ovsid=b891cd1a-f4d0-4056-8fe1-6a338fe37346&cs=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=2034%2C2033%2C2030%2C273%2C157%2C2027%2C159%2C2026%2C117%2C359%2C239%2C97%2C99%2C56%2C59%2C3012%2C2043%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C3024%2C3022%2C171%2C3020%2C173%2C294%2C251%2C175%2C132%2C178%2C257%2C3017%2C214%2C3016%2C337%2C338%2C459%2C339%2C77%2C184%2C261%2C141%2C262%2C461%2C188%2C222%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.83.196.24 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 18 Aug 2023 05:04:04 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Fri, 18 Aug 2023 05:04:04 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?type=mf&ovsid=b891cd1a-f4d0-4056-8fe1-6a338fe37346&cs=1
Date
Fri, 18 Aug 2023 05:04:03 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
710489.gif
id.rlcdn.com/ Frame F414 		42 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/710489.gif
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=2034%2C2033%2C2030%2C273%2C157%2C2027%2C159%2C2026%2C117%2C359%2C239%2C97%2C99%2C56%2C59%2C3012%2C2043%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C3024%2C3022%2C171%2C3020%2C173%2C294%2C251%2C175%2C132%2C178%2C257%2C3017%2C214%2C3016%2C337%2C338%2C459%2C339%2C77%2C184%2C261%2C141%2C262%2C461%2C188%2C222%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:04:03 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
cksync
cs.media.net/ Frame F414
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=8b999cfa-351b-4b8b-9198-9c822931a478
61 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=8b999cfa-351b-4b8b-9198-9c822931a478
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=2034%2C2033%2C2030%2C273%2C157%2C2027%2C159%2C2026%2C117%2C359%2C239%2C97%2C99%2C56%2C59%2C3012%2C2043%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C3024%2C3022%2C171%2C3020%2C173%2C294%2C251%2C175%2C132%2C178%2C257%2C3017%2C214%2C3016%2C337%2C338%2C459%2C339%2C77%2C184%2C261%2C141%2C262%2C461%2C188%2C222%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
96.17.188.24 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-188-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 05:04:04 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
61
x-mnet-hl2
E
Expires
Fri, 18 Aug 2023 05:04:04 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 05:04:03 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=8b999cfa-351b-4b8b-9198-9c822931a478
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
199
cksync.php
contextual.media.net/ Frame F414
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=medianet
  • https://creativecdn.com/cm-notify?pi=medianet&tc=1
  • https://contextual.media.net/cksync.php?cs=1&vsid=%7BMedia.net_User_id%7D&type=rbh&ovsid=kbhJOymLa2OtKuhbL3so&pi=medianet&tc=1
61 B
462 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&vsid=%7BMedia.net_User_id%7D&type=rbh&ovsid=kbhJOymLa2OtKuhbL3so&pi=medianet&tc=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=2034%2C2033%2C2030%2C273%2C157%2C2027%2C159%2C2026%2C117%2C359%2C239%2C97%2C99%2C56%2C59%2C3012%2C2043%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C3024%2C3022%2C171%2C3020%2C173%2C294%2C251%2C175%2C132%2C178%2C257%2C3017%2C214%2C3016%2C337%2C338%2C459%2C339%2C77%2C184%2C261%2C141%2C262%2C461%2C188%2C222%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.83.196.24 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 18 Aug 2023 05:04:05 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Fri, 18 Aug 2023 05:04:05 GMT

Redirect headers

location
https://contextual.media.net/cksync.php?cs=1&vsid=%7BMedia.net_User_id%7D&type=rbh&ovsid=kbhJOymLa2OtKuhbL3so&pi=medianet&tc=1
pragma
no-cache
date
Fri, 18 Aug 2023 05:04:04 GMT, Fri, 18 Aug 2023 05:04:04 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
392.json
id5-sync.com/g/v2/ 		630 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/392.json
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
95fcbcaba1f4023d3aea0e4be65673dcd6ee4487cad14b4478e75f29395ab921
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Aug 2023 05:04:02 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.oregonlive.com
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
log
c21lg-d.media.net/ Frame F414 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&origin=1&pvgid=data-c&ovsid=sAYpiyOmRz6uwrChO8TIiFgA38kDSD_e&cs=15&vsid=3353366432889778000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=2034%2C2033%2C2030%2C273%2C157%2C2027%2C159%2C2026%2C117%2C359%2C239%2C97%2C99%2C56%2C59%2C3012%2C2043%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C3024%2C3022%2C171%2C3020%2C173%2C294%2C251%2C175%2C132%2C178%2C257%2C3017%2C214%2C3016%2C337%2C338%2C459%2C339%2C77%2C184%2C261%2C141%2C262%2C461%2C188%2C222%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.36.48.24 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-48-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 05:04:05 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Fri, 18 Aug 2023 05:04:05 GMT
logAutoMicroConversion
api-v3.tinypass.com/api/v3/conversion/ 		49 B
227 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api-v3.tinypass.com/api/v3/conversion/logAutoMicroConversion?page_title=Computers%20still%20down%20in%20Oregon%20county%20hit%20by%20cyberattack&url=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&page_view_id=llg4l41arndprzgq&referrer=&content_author=bamaap&content_created=1580342853935&content_section=news&tags=%5B%22%40hp-top-stories%2C%40topics-Defense%20and%20Cybersecurity%22%5D&tracking_id=%7Bkpdx%7DAAAA-le1Ii7w6woKYVVPSjRjMDViaBIQbGxnNGw0MWFybmRwcnpncRoMRVgwUkhXTFdVTDNIIiUxODA1MWhnMDkwLTAwMDAzMmc3MHRtb2xvbmoyYzU4bHU1YmtrKhpzaG93VGVtcGxhdGVWTTVYQkk5NVNPVFk4NTABOgxPVFJNVUI0Q1RSWDRCDU9UVjdOVzY5T0k0MDdSS3YtMjAyMy0wOC0xOC0xMy0wMy01Ny0zNjctV0tIRjRBdkh5ZkY0TVNjRS1iYjgyZGExYWUwZjkwODQzODZjZDQ4NTcyYzEwZTI5NVoONjYuMjAzLjExMi4xNjFiA2R3Y2jBmoGnBnAkeAQ&browser_id=llg4l41ay6vccpo8&event_type=EXTERNAL_EVENT&event_group_id=config&custom_params=%7B%22config%22%3A%22%7B%5C%22type%5C%22%3A%5C%22bottomfixed%5C%22%2C%5C%22version%5C%22%3A%5C%22cta%5C%22%2C%5C%22placement%5C%22%3A%5C%22bottom-fixed%5C%22%2C%5C%22newsletterId%5C%22%3A%5C%22%5C%22%2C%5C%22closable%5C%22%3A%5C%22true%5C%22%2C%5C%22scrollLock%5C%22%3A%5C%22true%5C%22%7D%22%7D&cookie_consents=null&callback=jsonp5404
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.182.177 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a49a954fe04fadea42f0b26580f50540681708f79467b95e7112957283a76d12
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 05:04:04 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
7f879d28f8d1551b-SYD
alt-svc
h3=":443"; ma=86400
x-request-id
c21a4587865baaf1c6186c74304bda73
expires
0
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pv&page=Computers%20still%20down%20in%20Oregon%20county%20hit%20by%20cyberattack%20-%20oregonlive.com&metered=1%7C7&tv=js-3.0.129&tna=Mather&aid=v1&p=web&tz=Australia%2FPerth&tzoff=-480&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=15&tvcfg=all&tid=85f243d3-8733-491e-a350-bf712d0b906d&pid=2b7b519d-69c5-45d2-8bdf-46edd53e7601&dtm=1692335043946&qnm=_matherq&visible=1&tabid=fd0d1b87-55d2-4e6c-b769-4d65b98d23b8&url=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&vp=1600x1200&ds=1600x4405&tofa=1692335037&vid=1&lvidt=1692335037&duid=b6882e90c4294ffd&fp=757936674&cid=ma63527&mrk=484602609&cx=eyJhY3Rpb24iOnsiY2F0ZWdvcnkiOiJjdXN0b21fZXZlbnQiLCJhY3Rpb24iOiJjb25maWciLCJkYXRhIjp7ImV2ZW50TmFtZSI6ImNvbmZpZyIsInBhcmFtcyI6eyJjb25maWciOiJ7XCJ0eXBlXCI6XCJib3R0b21maXhlZFwiLFwidmVyc2lvblwiOlwiY3RhXCIsXCJwbGFjZW1lbnRcIjpcImJvdHRvbS1maXhlZFwiLFwibmV3c2xldHRlcklkXCI6XCJcIixcImNsb3NhYmxlXCI6XCJ0cnVlXCIsXCJzY3JvbGxMb2NrXCI6XCJ0cnVlXCJ9In19LCJ2ZW5kb3IiOiJwaWFubyIsInR5cGUiOiJ1bmtub3duIn0sImlkZW50aXRpZXMiOlt7InR5cGUiOiJnYSIsImlkIjoiODU4NjA1NTE2IiwicmVmVGltZSI6IjE2OTIzMzUwNDM5NDUifSx7InR5cGUiOiJzcCIsImlkIjoiNDFlNjRhZTktZGRkMC00M2Q0LTg1MTgtNjA2YTNjNjAxMTMxLjE2OTIzMzUwMzguMS4xNjkyMzM1MDM4LjE2OTIzMzUwMzguNDVjYjRiNGEtOTQyNy00ZGRlLThlMWEtNzQwMTgwNzEzZTkzIiwicmVmVGltZSI6IjE2OTIzMzUwNDM5NDYifV19
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.184.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-184-108.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Fri, 18 Aug 2023 05:04:04 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
farnhamheadline-semi-bold.woff
fonts.advance.net/fonts/v1/farnham-headline-semi-bold/ Frame 4A7A 		36 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.advance.net/fonts/v1/farnham-headline-semi-bold/farnhamheadline-semi-bold.woff
Requested by
Host: static.advance.net
URL: https://static.advance.net/static/common/css/piano-frame.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
80aef8ca7c0f2e0384b4862dc03f1f4222d61f4179a7031a2180530722db8142

Request headers

Referer
https://static.advance.net/
Origin
https://buy.tinypass.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 18 Aug 2023 05:04:04 GMT
x-shield-cache-expires
10
x-amz-request-id
QR1JWEHE2S4DAD3A
age
54287
x-cache
HIT, HIT
x-host
fonts.advance.net
content-length
37160
x-served-by
cache-iad-kcgs7200113-IAD, cache-bfi-kbfi7400024-BFI
last-modified
Wed, 19 Sep 2018 19:27:30 GMT
x-timer
S1692335045.538646,VS0,VE0
etag
"c9a8222fbabe6b700baacd21dd7a1f61"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
application/font-woff
access-control-allow-origin
*
cache-control
s-maxage-ignore=86400, no-store
166b5d40-3430-46a0-8fb2-43f30962dec7-3.woff
fonts.advance.net/fonts/v1/benton-sans-regular/ Frame 4A7A 		54 KB
54 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.advance.net/fonts/v1/benton-sans-regular/166b5d40-3430-46a0-8fb2-43f30962dec7-3.woff
Requested by
Host: static.advance.net
URL: https://static.advance.net/static/common/css/piano-frame.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6fa8b9c20d5c4f5711f76f4f4adafafc90e8f89bac2c7b3dfc2c7e63abb55d21

Request headers

Referer
https://static.advance.net/
Origin
https://buy.tinypass.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 18 Aug 2023 05:04:04 GMT
x-shield-cache-expires
10
x-amz-request-id
E8SK9B9NWEDMA5ZD
age
26
x-cache
HIT, HIT
x-host
fonts.advance.net
content-length
55125
x-served-by
cache-iad-kjyo7100118-IAD, cache-bfi-kbfi7400024-BFI
last-modified
Tue, 16 Jul 2019 16:35:54 GMT
x-timer
S1692335045.539134,VS0,VE1
etag
"63c3700153fd19bac6ac63c816251c03"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
application/font-woff
access-control-allow-origin
*
cache-control
maxage=600
448c4642-c106-472f-9c6a-a4d7b5347b03-3.woff
fonts.advance.net/fonts/v1/benton-sans-medium/ Frame 4A7A 		53 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.advance.net/fonts/v1/benton-sans-medium/448c4642-c106-472f-9c6a-a4d7b5347b03-3.woff
Requested by
Host: static.advance.net
URL: https://static.advance.net/static/common/css/piano-frame.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c942cb01ca7d8956086518f0315ac0be0374cb0f0a38ffe67a52bc4ae7ff5f6f

Request headers

Referer
https://static.advance.net/
Origin
https://buy.tinypass.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 18 Aug 2023 05:04:04 GMT
x-shield-cache-expires
10
x-amz-request-id
B6VH1MBCD4HEEP25
age
849310
x-cache
HIT, HIT
x-host
fonts.advance.net
content-length
54040
x-served-by
cache-iad-kcgs7200033-IAD, cache-bfi-kbfi7400024-BFI
last-modified
Mon, 10 Jun 2019 14:09:26 GMT
x-timer
S1692335045.539127,VS0,VE0
etag
"00b8650c0e6992c5c9ced8f621e43ffd"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
application/font-woff
access-control-allow-origin
*
cache-control
s-maxage-ignore=2629800, no-store
VideoBidRequestHandlerServlet
ch-wf.taboola.com/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ch-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=300&height=168&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1692335044242&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1541&pt=-2135443746&tz=480&viewable=true&ddast=V8kLgCLAbU6DeRE8HlnBKo0W8iJ4LLOS0AAABgYOD4AImsPDbfcmNzC1aziVs0mq3WCt_ItxYZJw7DcLeczSwLIyCRlcfmW25sbsFqNnGLRrPVWuEb-dYi48RhGO6Ws5llYQUk0vQZTQdJw2k2CJ0Xy9NkEBVdb4vd4TR7DmqBrGly-d2gDE2nw-e61-t-v7ve8vL57Wan7WXX-N1-ucv3-UsGk8FesNhr_G7D6_SyfN6a09Nsdov8vrtbaXfrLS-f3-7W-F130_MtdJreEudb47y4LA_T6eHx2oWmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rABjfIODMcli4l-d0UPvtlr_LHwAAAABAAAAAAJAAEEhvKgHwoTp24v________8_xgB95o2M_____xsLPQAefAA8CAEAALgYsjb57chY1jlO5ACjCCMAAAAAQstwoUcm6QQViyr____9VgCuAAAEKB4cXNVk0R2UeAsDAABAMGaBHha_3-ywa_xul_n_________N_N_5h-NUIsHbhphTBR7Nb-AAABrfgEBANhoG3IDAPBGAE7QIWjFYLA6BDQbzWYHAAAA4M7___-_HpDyDQfLyWLj2U2WM4vLZXOYNsPBcjgz-WaOlXO5PUhRhWKjtePbfUik6TOaDpKG02wQOi-Wp8kgKrreFrvDafYc1AJZ0-Ty28-ELUaryWSzHM6Wi8lgOBqORvszEIvZAE3EYLmcTBaT3Wq0Gm2Gu9FssEACMZggihYNJqvRaLKYDFejyWq2XOx2G0TRqtVstBkMV7PJbLdbDQfD5WiEJmwxWk0mm-VwtlxMBsPRcDQaIhjYbEyD4WCyltgss7Vo5HG4JQ6Lxy2bzHYzh3M4MW5ca9HrY7qYjMPFZuNFggFae5E8LdKJbjgbeXwbx8Iw8-wGg9FqN1l4diOHxzHYTUy2kUUs0Zws0onssm_5hoPlZLHx7CbLmcXlsjlMm-FgOZyZfDPHyrncFzYb02A4mKwlNstsLRp5HG6Jw-Jxyyaz3czhHE6MG9da9PqYLibjcLHZ-Buz5WSzWQ02s31jtpxsNqvBZrbv0Bm-q8_ZqNwMax2TbbpbnD43p0HhMli806JF2jocfUad1zYRpsbenHdidTkvXoPCc_Coxp9ryGtOiczVg9Z7MCpiieAinShMtofd43LrLS-f324RS5Smi3Sil7t8n79kMBnsBYu9xu82vE4vy-etOT3NZrfI77u7lXa33vLy-e1ujd91Nz3fQqfpLXG-Nc6Ly_IwnR4er11oepstYongdJFORC_j6aL-IwebzSWDzVyxmMwVs8UqAQAAAAAAAABYgkmmmwAAAAA4GcRysFvu1ulABrvVZLNaLoAH31ZdP-e80L8rliu7usVuIwV68hqKNfaYQ5hsD7vH5dZbXj6_3coAHiYhmG32GUGs1WpZAwAAEMAGAAAQwE033gScWXH_____4wAAAATIoQcAAHC8D8gqbL3QA1eKX0FMBpPV_gGoEGu1Wt1urNVqBSyoxW41m0AAAIEV!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2075235&dpubid=190797&abtst=166721b_vA!206725b_vA!nonrv_vA!t45!testmsn_vB&mPre=0.033&cirf=https%3A%2F%2Fwww.oregonlive.com&en=1&subu=4&panid=081c00a15d0180ed94e248888e4916d53938e9716699b50234e936fa923fae2a
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.1/UnitInlineDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
5c9dd509a6429abe870804c9489b70278a3534ef1ba4de22df3c477185ab8cb1

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 05:04:04 GMT
content-encoding
gzip
server
nginx
machineid
1857
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.oregonlive.com
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pv&page=Computers%20still%20down%20in%20Oregon%20county%20hit%20by%20cyberattack%20-%20oregonlive.com&metered=1%7C7&tv=js-3.0.129&tna=Mather&aid=v1&p=web&tz=Australia%2FPerth&tzoff=-480&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=15&tvcfg=all&tid=885e4e86-32b5-49d1-aad4-68c246a47e37&pid=2b7b519d-69c5-45d2-8bdf-46edd53e7601&dtm=1692335043949&qnm=_matherq&visible=1&tabid=fd0d1b87-55d2-4e6c-b769-4d65b98d23b8&url=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&vp=1600x1200&ds=1600x4405&tofa=1692335037&vid=1&lvidt=1692335037&duid=b6882e90c4294ffd&fp=757936674&cid=ma63527&mrk=484602609&cx=eyJhY3Rpb24iOnsiY2F0ZWdvcnkiOiJjdXN0b21fZXZlbnQiLCJhY3Rpb24iOiJjb25maWciLCJkYXRhIjp7ImV2ZW50TmFtZSI6ImNvbmZpZyIsInBhcmFtcyI6eyJjb25maWciOiJ7XCJ0eXBlXCI6XCJib3R0b21maXhlZFwiLFwidmVyc2lvblwiOlwiY3RhXCIsXCJwbGFjZW1lbnRcIjpcImJvdHRvbS1maXhlZFwiLFwibmV3c2xldHRlcklkXCI6XCJcIixcImNsb3NhYmxlXCI6XCJ0cnVlXCIsXCJzY3JvbGxMb2NrXCI6XCJ0cnVlXCJ9In19LCJ2ZW5kb3IiOiJwaWFubyIsInR5cGUiOiJ1bmtub3duIn0sImlkZW50aXRpZXMiOlt7InR5cGUiOiJnYSIsImlkIjoiODU4NjA1NTE2IiwicmVmVGltZSI6IjE2OTIzMzUwNDM5NDgifSx7InR5cGUiOiJzcCIsImlkIjoiNDFlNjRhZTktZGRkMC00M2Q0LTg1MTgtNjA2YTNjNjAxMTMxLjE2OTIzMzUwMzguMS4xNjkyMzM1MDM4LjE2OTIzMzUwMzguNDVjYjRiNGEtOTQyNy00ZGRlLThlMWEtNzQwMTgwNzEzZTkzIiwicmVmVGltZSI6IjE2OTIzMzUwNDM5NDkifV19
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.184.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-184-108.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Fri, 18 Aug 2023 05:04:04 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
log
c21lg-d.media.net/ Frame F414 		35 B
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&origin=1&pvgid=data-con&ovsid=4329fa62-6d10-4a6b-8d5f-b00f8e861158&cs=15&vsid=3353366432889778000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=2034%2C2033%2C2030%2C273%2C157%2C2027%2C159%2C2026%2C117%2C359%2C239%2C97%2C99%2C56%2C59%2C3012%2C2043%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C3024%2C3022%2C171%2C3020%2C173%2C294%2C251%2C175%2C132%2C178%2C257%2C3017%2C214%2C3016%2C337%2C338%2C459%2C339%2C77%2C184%2C261%2C141%2C262%2C461%2C188%2C222%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.48.24 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-48-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 18 Aug 2023 05:04:04 GMT
cache-control
max-age=0, no-cache, no-store
expires
Fri, 18 Aug 2023 05:04:04 GMT
content-length
35
content-type
image/gif
bandwidth-test-25ko
cdn.stickyadstv.com/mustang/ Frame 1369 		0
0
stv
match.prod.bidr.io/cookie-sync/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null&gpp_string=DBABLA~BVQqAAAACgA.QA&gpp_sid=7
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=42e4c623bb801e1484f732704e29e096&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7b...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=w8a9c_7268523676445433364&gdpr=0&gdpr_consent=null
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=8b999cfa-351b-4b8b-9198-9c822931a478&gdpr=0&gdpr_consent=
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=42e4c623bb801e1484f732704e29e096&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7b...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=w8a9c_7268523676445433364&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://ads.stickyadstv.com/user-registering?userId=AAEUCU7JvfgAACRKRN-VbQ&dataProviderId=817&gdpr=0
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=42e4c623bb801e1484f732704e29e096&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7b...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=w8a9c_7268523676445433364&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?userId=AAEUCU7JvfgAACRKRN-VbQ&dataProviderId=817&gdpr=0
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=42e4c623bb801e1484f732704e29e096&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7b...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=w8a9c_7268523676445433364&gdpr=0&gdpr_consent=
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/42e4c623bb801e1484f732704e29e096?gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-GoEHL6NE2oN9GQo205VW8dayjjJUlLFLRZnbHRg.~A
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=42e4c623bb801e1484f732704e29e096&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7b...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=w8a9c_7268523676445433364&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=
0
0
/
ads.stickyadstv.com/additional-scripts/ Frame 1369 		301 B
800 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/additional-scripts/?zoneId=9507649&loc=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&gpp_string=DBABLA~BVQqAAAACgA.QA&gpp_sid=7
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.177 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-177.pacnet.net
Software
nginx /
Resource Hash
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept
application/xml, text/xml
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 05:04:04 GMT
Server
nginx
Access-Control-Allow-Origin
https://www.oregonlive.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
301
x-sticky-vk
1692335044959069-15
Expires
Fri, 18 Aug 2023 05:04:04 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 1369 		67 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=9507649&_fw_gdpr=0&_fw_us_privacy=1---&schain=1.0%2C1!taboola.com%2C1031853%2C1%2C-123023743&vav=7544bb1d9059286af904e47b815f4d3c&vaviv=5bd3421c54444395bb24d82790b3467d&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.8.1&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&playerSize=300x168&supportsFlash=false&supportsJavascript=true
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.177 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-177.pacnet.net
Software
nginx /
Resource Hash

Request headers

Accept
application/xml, text/xml
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 05:04:05 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.oregonlive.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1692335044978045-15
Expires
Fri, 18 Aug 2023 05:04:05 GMT
data
bcp.crwdcntrl.net/6/ 		172 B
550 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/965/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.74.67.35 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-67-35.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
7a59bc58f3abfde16caeba6a66571f474a48a4e6b70f4f78fb4e2ec77cbc33b4

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 05:04:04 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.oregonlive.com
cache-control
no-cache
x-server
10.42.1.232
access-control-allow-credentials
true
content-length
172
expires
0
SPug
simage4.pubmatic.com/AdServer/ Frame 80A2 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159879&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.76 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:04:04 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
SPug
simage4.pubmatic.com/AdServer/ Frame E1DA 		0
48 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.76 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:04:04 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pixel.gif
px.moatads.com/ 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=6&pxm=1&sgs=3&vb=4&kq=1&lo=3&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=ADVANCEDDIGITAL_DFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BG%24%3D!!tFQ%5BhKjWfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-sISpS2PucglBbk5475S6XrSoK4rogWbxm7rLGdl3vY3c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-eVpGhov6BziEcg%3D%3D&sc=1&os=1-Ag%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-480&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=600&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&id=1&ii=4&pl=0&f=0&j=&t=1692335036306&de=403739846066&rx=818617337947&cu=1692335036306&m=8526&ar=2e6b325d-clean&iw=1138ff4&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4419&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=88&vx=88%3A-%3A-&pe=1%3A3422%3A3422%3A0%3A3412&as=1&ag=5141&an=1009&gf=0&gg=0&ix=0&ic=0&ez=1&ck=1009&kw=826&aj=1&pg=88&pf=88&ib=1&cc=1&bw=5141&bx=1009&ci=1009&jz=826&dj=1&im=0&in=0&pd=0&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4956&cd=826&ah=4956&am=826&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=1485972055%3A558359335%3A1720211575%3A138411207715&bo=343101415&bp=388286695&bd=undefined&gw=advanceddigitalheader640552616592&zMoatOrigSlicer1=343101415&zMoatOrigSlicer2=388286695&dfp=0%2C1&la=388286695&zMoatAU=%2F344101295%2FOR%2Fwww.oregonlive.com%2Fnews&zMoatProduct=cal&zMoatPS=-&zMoatSlot=RightRail_Top&zMoatPlatform=desktop&zMoatVersion=-&zMoatATF=true&zMoatCounter=1&zMoatJS=3%3A-&zMoatAdUnit1=-&zMoatAdUnit2=-&zMoatSM=-&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&oq=0&ot=cc&ti=0&ih=2&tc=0&fs=42&na=1888353300&cs=0
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.241.170 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-241-170.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 05:04:04 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 18 Aug 2023 05:04:04 GMT
pixel.gif
px.moatads.com/ 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=6&pxm=1&sgs=3&vb=4&kq=1&lo=3&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=ADVANCEDDIGITAL_DFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BG%24%3D!!tFQ%5BhKjWfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-sISpS2PucglBbk5475S6XrSoK4rogWbxm7rLGdl3vY3c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-eVpGhov6BziEcg%3D%3D&sc=1&os=1-Ag%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-480&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&h=600&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&id=1&ii=4&pl=0&f=0&j=&t=1692335036306&de=439293034369&rx=818617337947&cu=1692335036306&m=8736&ar=2e6b325d-clean&iw=1138ff4&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4419&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A3422%3A3422%3A0%3A3412&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5121&cd=10&ah=5121&am=10&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=1485972055%3A558359335%3A1720211575%3A138411207445&bo=343101415&bp=388286695&bd=undefined&gw=advanceddigitalheader640552616592&zMoatOrigSlicer1=343101415&zMoatOrigSlicer2=388286695&dfp=0%2C1&la=388286695&zMoatAU=%2F344101295%2FOR%2Fwww.oregonlive.com%2Fnews&zMoatProduct=cal&zMoatPS=-&zMoatSlot=RightRail_Bottom&zMoatPlatform=desktop&zMoatVersion=-&zMoatATF=false&zMoatCounter=1&zMoatJS=3%3A-&zMoatAdUnit1=-&zMoatAdUnit2=-&zMoatSM=-&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&oq=0&ot=0&ti=0&ih=2&tc=0&fs=42&na=1427139511&cs=0
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.241.170 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-241-170.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 05:04:05 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 18 Aug 2023 05:04:05 GMT
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NDJlNGM2MjNiYjgwMWUxNDg0ZjczMjcwNGUyOWUwOTY=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NDJlNGM2MjNiYjgwMWUxNDg0ZjczMjcwNGUyOWUwOTY=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H3
Server
74.125.130.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 05:04:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 05:04:05 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NDJlNGM2MjNiYjgwMWUxNDg0ZjczMjcwNGUyOWUwOTY=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1692335045146092-15
Expires
Fri, 18 Aug 2023 05:04:05 GMT
ecm3
s.amazon-adsystem.com/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
  • https://s.amazon-adsystem.com/ecm3?id=42e4c623bb801e1484f732704e29e096&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=42e4c623bb801e1484f732704e29e096&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 05:04:05 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
5YM0AT2GNJ4N6TXZB0SD
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 05:04:05 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=42e4c623bb801e1484f732704e29e096&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1692335045169095-15
Expires
Fri, 18 Aug 2023 05:04:05 GMT
gaAccount
buy.tinypass.com/api/v3/anon/assets/ 		52 B
199 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/api/v3/anon/assets/gaAccount?aid=aUOJ4c05bh
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.183.177 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
903ee23b93448e89e41f40bf1ebee58df051d8efb5357f9c2464f51a00be88a3
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 18 Aug 2023 05:04:05 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
wn
prod-dash-10-0-115-72
server
cloudflare
p3p
CP="NON DSP COR OUR IND"
access-control-allow-origin
*
server-time
0.010
content-type
application/json
cache-control
public, max-age=86400, s-maxage=86400
x-forwarded-https
on
cf-ray
7f879d3068a1a8b9-SYD
alt-svc
h3=":443"; ma=86400
x-request-id
Mt2mkzrh8Je
perf
ch-trc-events.taboola.com/advance-oregon/log/3/ 		0
380 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ch-trc-events.taboola.com/advance-oregon/log/3/perf?tvi2=10685&route=US%3ACH%3AV&lti=trecs-networks-panel_var
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/advance-network/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.oregonlive.com
pragma
no-cache
date
Fri, 18 Aug 2023 05:04:05 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
PugMaster
image6.pubmatic.com/AdServer/ Frame 80A2 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=33513021&p=159879&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.81 , Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
17e3b4c4f0092cffc0426f5e8dbf54a594ac2ae1a9c90e0bef2c8a900c06bb1a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Fri, 18 Aug 2023 05:04:05 GMT
content-length
1540
content-type
text/html; charset=UTF-8
Pug
simage2.pubmatic.com/AdServer/ Frame B598
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=T5JGdZOhWWx9qO_rLbwWkELLcKE&gdpr=0&gdpr_consent=
42 B
383 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=T5JGdZOhWWx9qO_rLbwWkELLcKE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 18 Aug 2023 05:04:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Fri, 18 Aug 2023 05:04:05 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=T5JGdZOhWWx9qO_rLbwWkELLcKE&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame 80A2
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1908309046779791046
42 B
322 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1908309046779791046
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Server
67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 18 Aug 2023 05:04:05 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 05:04:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1908309046779791046
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
image2.pubmatic.com/AdServer/ Frame 7F8E
Redirect Chain
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=afej6twsv6tr
42 B
308 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=afej6twsv6tr
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 18 Aug 2023 05:04:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-encoding
utf-8
cache-control
no-cache, no-store
content-length
0
date
Fri, 18 Aug 2023 05:04:06 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=afej6twsv6tr
lws
126
strict-transport-security
max-age=31536000; includeSubDomains
time-ms
0
cm
ipac.ctnsnet.com/int/ Frame 4B13 		43 B
369 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Fri, 18 Aug 2023 05:04:05 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
Pug
simage2.pubmatic.com/AdServer/ Frame 1142
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=7665fa5896fc4041a02edd47b9750c21
42 B
303 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=7665fa5896fc4041a02edd47b9750c21
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 18 Aug 2023 05:04:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html;charset=UTF-8
date
Fri, 18 Aug 2023 05:04:05 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=7665fa5896fc4041a02edd47b9750c21
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
status
302
via
1.1 google
x-xss-protection
1; mode=block
Pug
image2.pubmatic.com/AdServer/ Frame 0FEF
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?piggybackCookie=OPUc166af47755d431da875e2ed02f2fa1f&vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA%3D
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?piggybackCookie=OPUc166af47755d431da875e2ed02f2fa1f&vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 18 Aug 2023 05:04:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
168
content-type
text/html; charset=utf-8
date
Fri, 18 Aug 2023 05:04:05 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?piggybackCookie=OPUc166af47755d431da875e2ed02f2fa1f&vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA%3D
pragma
no-cache
server
Tengine
send
sync-dsp.ad-m.asia/dsp/api/sync/ Frame C76C 		43 B
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
220.150.223.50 , Japan, ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP),
Reverse DNS
50.223.150.220.in-addr.arpa
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
no-store,no-cache
Connection
close
Content-Length
43
Content-Type
image/gif
Date
Fri, 18 Aug 2023 05:04:14 GMT
Pragma
no-cache
Server
nginx
expires
-1
Pug
image2.pubmatic.com/AdServer/ Frame 9062
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=yozjjDr8BI6V_7FNxvveZA
42 B
200 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=yozjjDr8BI6V_7FNxvveZA
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 18 Aug 2023 05:04:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
cache-control
no-store
content-length
153
content-type
text/html; charset=utf-8
date
Fri, 18 Aug 2023 05:04:06 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=yozjjDr8BI6V_7FNxvveZA
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 80A2
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3716523809623638564&gdpr=0&gdpr_consent=&us_privacy=
1 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3716523809623638564&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Server
67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Fri, 18 Aug 2023 05:04:05 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3716523809623638564&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Fri, 18 Aug 2023 05:04:05 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 80A2
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=551EE106-756F-4E51-B29D-5D3D95B38A23&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=156c1c0eef6a1b3f&is_secure=true&networkId=17100&version=1&nuid=551EE106-756F-4E51-B29D-5D3D95B38A23&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAJrVUv6KOElwMjFL35AAAAAAA&expiration=1692421445&nuid=551EE106-756F-4E51-B29D-5D3D95B38A23&...
42 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAJrVUv6KOElwMjFL35AAAAAAA&expiration=1692421445&nuid=551EE106-756F-4E51-B29D-5D3D95B38A23&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Server
67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 18 Aug 2023 05:04:06 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 05:04:05 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAJrVUv6KOElwMjFL35AAAAAAA&expiration=1692421445&nuid=551EE106-756F-4E51-B29D-5D3D95B38A23&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
OpportunityServlet
ch-vid-events.taboola.com/ 		1 B
122 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ch-vid-events.taboola.com/OpportunityServlet
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_2_1/infra/cmTagINLINE_INSTREAM.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.oregonlive.com
date
Fri, 18 Aug 2023 05:04:06 GMT
access-control-allow-credentials
true
server
nginx
content-length
1
mbox
vidanalytics.taboola.com/putes/ 		2 B
172 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://vidanalytics.taboola.com/putes/mbox
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/advance-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

x-cache-hits
0
date
Fri, 18 Aug 2023 05:04:07 GMT
via
1.1 varnish
x-backend-name
5i41NEgLZrTBnTzubPzIMu--F_NLB_VIDEO_UI_00102
server
nginx
x-timer
S1692335047.829284,VS0,VE232
x-cache
MISS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.oregonlive.com
access-control-allow-credentials
true
accept-ranges
bytes
content-length
2
x-served-by
cache-bfi-krnt7300100-BFI
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pe&tv=js-3.0.129&tna=Mather&aid=v1&p=web&tz=Australia%2FPerth&tzoff=-480&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=15&tvcfg=all&f_privb=0&tid=26a5c75b-56bb-4665-be21-c99239c0c7e3&pid=2b7b519d-69c5-45d2-8bdf-46edd53e7601&dtm=1692335047187&qnm=_matherq&visible=1&tabid=fd0d1b87-55d2-4e6c-b769-4d65b98d23b8&url=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&vp=1600x1200&ds=1600x4419&tofa=1692335037&vid=1&lvidt=1692335037&duid=b6882e90c4294ffd&fp=757936674&cid=ma63527&mrk=484602609&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTY5MjMzNTAzMDI3NCIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIyNC41bWIiLCJoZWFwVCI6IjI5LjRtYiIsImZzdFBhaW50IjoiMzQyMiIsImZldGNoUyI6IjEiLCJkb21haW5TIjoiMiIsImRvbWFpbkUiOiI1NjgiLCJjb25uUyI6IjU2OCIsImNvbm5FIjoiMTMxMSIsInNzbFMiOiI5MzkiLCJyZXF1UyI6IjEzMTEiLCJyZXNwUyI6IjI3MTUiLCJyZXNwRSI6IjI3NTQiLCJkb21Mb2FkIjoiMjcxOSIsImRvbUludGVyIjoiMzQxMiIsImRvbUxvYWRTIjoiMzk4NSIsImRvbUxvYWRFIjoiMzk5MCJ9fQ
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.184.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-184-108.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Fri, 18 Aug 2023 05:04:07 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
SPug
simage4.pubmatic.com/AdServer/ Frame 80A2 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159879&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.76 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:04:07 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
VideoBidRequestHandlerServlet
ch-wf.taboola.com/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ch-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=300&height=168&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1692335049271&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1541&pt=-2135443746&tz=480&viewable=true&ddast=V8kLgCLAbU6DeRE8HlnBKo0W8iJ4LLOS0AAABgYOD4AImsPDbfcmNzC1aziVs0mq3WCt_ItxYZJw7DcLeczSwLIyCRlcfmW25sbsFqNnGLRrPVWuEb-dYi48RhGO6Ws5llYQUk0vQZTQdJw2k2CJ0Xy9NkEBVdb4vd4TR7DmqBrGly-d2gDE2nw-e61-t-v7ve8vL57Wan7WXX-N1-ucv3-UsGk8FesNhr_G7D6_SyfN6a09Nsdov8vrtbaXfrLS-f3-7W-F130_MtdJreEudb47y4LA_T6eHx2oWmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rABjfIODMcli4l-d0UPvtlr_LHwAAAABAAAAAAJAAEEhvKgHwoTp24v________8_xgB95o2M_____xsLPQAefAA8CAEAALgYsjb57chY1jlO5ACjCCMAAAAAQstwoUcm6QQViyr____9VgCuAAAEKB4cXNVk0R2UeAsDAABAMGaBHha_3-ywa_xul_n_________N_N_5h-NUIsHbhphTBR7Nb-AAABrfgEBANhoG3IDAPBGAE7QIWjFYLA6BDQbzWYHAAAA4M7___-_HpDyDQfLyWLj2U2WM4vLZXOYNsPBcjgz-WaOlXO5PUhRhWKjtePbfUik6TOaDpKG02wQOi-Wp8kgKrreFrvDafYc1AJZ0-Ty28-ELUaryWSzHM6Wi8lgOBqORvszEIvZAE3EYLmcTBaT3Wq0Gm2Gu9FssEACMZggihYNJqvRaLKYDFejyWq2XOx2G0TRqtVstBkMV7PJbLdbDQfD5WiEJmwxWk0mm-VwtlxMBsPRcDQaIhjYbEyD4WCyltgss7Vo5HG4JQ6Lxy2bzHYzh3M4MW5ca9HrY7qYjMPFZuNFggFae5E8LdKJbjgbeXwbx8Iw8-wGg9FqN1l4diOHxzHYTUy2kUUs0Zws0onssm_5hoPlZLHx7CbLmcXlsjlMm-FgOZyZfDPHyrncFzYb02A4mKwlNstsLRp5HG6Jw-Jxyyaz3czhHE6MG9da9PqYLibjcLHZ-Buz5WSzWQ02s31jtpxsNqvBZrbv0Bm-q8_ZqNwMax2TbbpbnD43p0HhMli806JF2jocfUad1zYRpsbenHdidTkvXoPCc_Coxp9ryGtOiczVg9Z7MCpiieAinShMtofd43LrLS-f324RS5Smi3Sil7t8n79kMBnsBYu9xu82vE4vy-etOT3NZrfI77u7lXa33vLy-e1ujd91Nz3fQqfpLXG-Nc6Ly_IwnR4er11oepstYongdJFORC_j6aL-IwebzSWDzVyxmMwVs8UqAQAAAAAAAABYgkmmmwAAAAA4GcRysFvu1ulABrvVZLNaLoAH31ZdP-e80L8rliu7usVuIwV68hqKNfaYQ5hsD7vH5dZbXj6_3coAHiYhmG32GUGs1WpZAwAAEMAGAAAQwE033gScWXH_____4wAAAATIoQcAAHC8D8gqbL3QA1eKX0FMBpPV_gGoEGu1Wt1urNVqBSyoxW41m0AAAIEV!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2075235&dpubid=190797&abtst=166721b_vA!206725b_vA!nonrv_vA!t45!testmsn_vB&mPre=0.033&cirf=https%3A%2F%2Fwww.oregonlive.com&en=1&subu=4&panid=081c00a15d0180ed94e248888e4916d53938e9716699b50234e936fa923fae2a
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.1/UnitInlineDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
6208aa8234effa94de37dda48574079a60783ea01992b2a27b97f14ee8bed3ac

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 05:04:09 GMT
content-encoding
gzip
server
nginx
machineid
1845
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.oregonlive.com
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel.gif
px.moatads.com/ 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&wf=1&ra=6&pxm=1&sgs=3&vb=4&kq=1&lo=3&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=ADVANCEDDIGITAL_DFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BG%24%3D!!tFQ%5BhKjWfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-sISpS2PucglBbk5475S6XrSoK4rogWbxm7rLGdl3vY3c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-eVpGhov6BziEcg%3D%3D&sc=1&os=1-Ag%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-480&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&h=600&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&id=1&ii=4&pl=0&f=0&j=&t=1692335036306&de=403739846066&rx=818617337947&cu=1692335036306&m=13451&ar=2e6b325d-clean&iw=1138ff4&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4419&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=88&vx=88%3A-%3A-&pe=1%3A3422%3A3422%3A0%3A3412&as=1&ag=10066&an=5141&gf=0&gg=0&ix=0&ic=0&ez=1&ck=1009&kw=826&aj=1&pg=88&pf=88&ib=1&cc=1&bw=10066&bx=5141&ci=1009&jz=826&dj=1&im=0&in=0&pd=0&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=9880&cd=4956&ah=9880&am=4956&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=1485972055%3A558359335%3A1720211575%3A138411207715&bo=343101415&bp=388286695&bd=undefined&gw=advanceddigitalheader640552616592&zMoatOrigSlicer1=343101415&zMoatOrigSlicer2=388286695&dfp=0%2C1&la=388286695&zMoatAU=%2F344101295%2FOR%2Fwww.oregonlive.com%2Fnews&zMoatProduct=cal&zMoatPS=-&zMoatSlot=RightRail_Top&zMoatPlatform=desktop&zMoatVersion=-&zMoatATF=true&zMoatCounter=1&zMoatJS=3%3A-&zMoatAdUnit1=-&zMoatAdUnit2=-&zMoatSM=-&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&oq=0&ot=cc&ti=0&ih=2&tc=0&fs=42&na=966054989&cs=0
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.241.170 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-241-170.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 05:04:09 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 18 Aug 2023 05:04:09 GMT
VideoBidRequestHandlerServlet
ch-wf.taboola.com/ 		6 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ch-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=300&height=168&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1692335054297&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=4&pv=1541&pt=-2135443746&tz=480&viewable=true&ddast=V8kLgCLAbU6DeRE8HlnBKo0W8iJ4LLOS0AAABgYOD4AImsPDbfcmNzC1aziVs0mq3WCt_ItxYZJw7DcLeczSwLIyCRlcfmW25sbsFqNnGLRrPVWuEb-dYi48RhGO6Ws5llYQUk0vQZTQdJw2k2CJ0Xy9NkEBVdb4vd4TR7DmqBrGly-d2gDE2nw-e61-t-v7ve8vL57Wan7WXX-N1-ucv3-UsGk8FesNhr_G7D6_SyfN6a09Nsdov8vrtbaXfrLS-f3-7W-F130_MtdJreEudb47y4LA_T6eHx2oWmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rABjfIODMcli4l-d0UPvtlr_LHwAAAABAAAAAAJAAEEhvKgHwoTp24v________8_xgB95o2M_____xsLPQAefAA8CAEAALgYsjb57chY1jlO5ACjCCMAAAAAQstwoUcm6QQViyr____9VgCuAAAEKB4cXNVk0R2UeAsDAABAMGaBHha_3-ywa_xul_n_________N_N_5h-NUIsHbhphTBR7Nb-AAABrfgEBANhoG3IDAPBGAE7QIWjFYLA6BDQbzWYHAAAA4M7___-_HpDyDQfLyWLj2U2WM4vLZXOYNsPBcjgz-WaOlXO5PUhRhWKjtePbfUik6TOaDpKG02wQOi-Wp8kgKrreFrvDafYc1AJZ0-Ty28-ELUaryWSzHM6Wi8lgOBqORvszEIvZAE3EYLmcTBaT3Wq0Gm2Gu9FssEACMZggihYNJqvRaLKYDFejyWq2XOx2G0TRqtVstBkMV7PJbLdbDQfD5WiEJmwxWk0mm-VwtlxMBsPRcDQaIhjYbEyD4WCyltgss7Vo5HG4JQ6Lxy2bzHYzh3M4MW5ca9HrY7qYjMPFZuNFggFae5E8LdKJbjgbeXwbx8Iw8-wGg9FqN1l4diOHxzHYTUy2kUUs0Zws0onssm_5hoPlZLHx7CbLmcXlsjlMm-FgOZyZfDPHyrncFzYb02A4mKwlNstsLRp5HG6Jw-Jxyyaz3czhHE6MG9da9PqYLibjcLHZ-Buz5WSzWQ02s31jtpxsNqvBZrbv0Bm-q8_ZqNwMax2TbbpbnD43p0HhMli806JF2jocfUad1zYRpsbenHdidTkvXoPCc_Coxp9ryGtOiczVg9Z7MCpiieAinShMtofd43LrLS-f324RS5Smi3Sil7t8n79kMBnsBYu9xu82vE4vy-etOT3NZrfI77u7lXa33vLy-e1ujd91Nz3fQqfpLXG-Nc6Ly_IwnR4er11oepstYongdJFORC_j6aL-IwebzSWDzVyxmMwVs8UqAQAAAAAAAABYgkmmmwAAAAA4GcRysFvu1ulABrvVZLNaLoAH31ZdP-e80L8rliu7usVuIwV68hqKNfaYQ5hsD7vH5dZbXj6_3coAHiYhmG32GUGs1WpZAwAAEMAGAAAQwE033gScWXH_____4wAAAATIoQcAAHC8D8gqbL3QA1eKX0FMBpPV_gGoEGu1Wt1urNVqBSyoxW41m0AAAIEV!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2075235&dpubid=190797&abtst=166721b_vA!206725b_vA!nonrv_vA!t45!testmsn_vB&mPre=0.033&cirf=https%3A%2F%2Fwww.oregonlive.com&en=1&subu=4&panid=081c00a15d0180ed94e248888e4916d53938e9716699b50234e936fa923fae2a
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.1/UnitInlineDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
783dd38b44818150ed3d1bac0f1ebff6e6ad671834ad1e4005705ad05a5b7c50

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 05:04:14 GMT
content-encoding
gzip
server
nginx
machineid
1857
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.oregonlive.com
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
link
<https://tag.targeting.unrulymedia.com>; rel=preconnect
expires
Sat, 26 Jul 1997 05:00:00 GMT
vast2
tag.targeting.unrulymedia.com/rmp/217976/0/ 		168 B
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.targeting.unrulymedia.com/rmp/217976/0/vast2?adtype=video&compMode=and&dim=101&z=1r&url=www.oregonlive.com&w=300&h=168&us_privacy=1---&schain=1.0,1!taboola.com,1031853,1,-123023650
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.4.1/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.118.186.106 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://www.oregonlive.com
pragma
no-cache
date
Fri, 18 Aug 2023 05:04:15 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
168
content-type
application/xml
pixel.gif
px.moatads.com/ 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=ADVANCEDDIGITAL_HEADER1&hp=1&wf=1&ra=5&pxm=1&sgs=6&vb=4&cm=1&zMoatIS=0&pl=1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&t=1692335036306&de=614788305199&rx=818617337947&m=0&ar=2e6b325d-clean&iw=1138ff4&q=3&cb=0&cu=1692335036306&ll=2&lm=0&ln=0&em=0&en=0&d=oregonlive.com%3AComputers%20still%20down%20in%20Oregon%20county%20hit%20by%20cyberattack%3A__page__%3A-&zGSRC=1&gu=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&id=1&ii=4&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=advanceddigitalheader640552616592&fd=1&it=500&ti=0&ih=2&pe=1%3A3422%3A3422%3A0%3A3412&fs=42&na=1125230632&cs=0
Requested by
Host: www.oregonlive.com
URL: https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.241.170 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-241-170.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 05:04:14 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 18 Aug 2023 05:04:14 GMT
optimus_rules.json
tags.crwdcntrl.net/lt/c/965/ 		26 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/965/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/965/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.249.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-249-98.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f8051f3eb7b146bdfd1156266a2947c7361e2d9546fa39f4c86cc06d869cd877

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 17 Aug 2023 11:38:27 GMT
content-encoding
gzip
via
1.1 f89fcc37b128414167e80016d2f77972.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN52-C2
age
62749
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Wed, 31 May 2023 18:37:44 GMT
server
AmazonS3
etag
W/"5f1caf5b5ed07225c2bf7016429a9c40"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=86400
x-amz-cf-id
J0BMkrsjHiUWM6ftFS6crSiNhd9t-Utxpk45G98vCJKiSXcxU6nQFA==
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308100101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
cafe /
Resource Hash
241cc539efeafa635ba1a698f1da28ca0d8ea246fae233b30e27084cad155509
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:04:14 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11757
x-xss-protection
0
pixel.gif
px.moatads.com/ 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=5&pxm=1&sgs=6&vb=4&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=1&ak=https%3A%2F%2Fwww.oregonlive.com%2F%2Fnews%2F2020%2F01%2F-&i=ADVANCEDDIGITAL_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BG%24%3D!!tFQ%5BhKjWfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-sISpS2PucglBbk5475S6XrSoK4rogWbxm7rLGdl3vY3c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-eVpGhov6BziEcg%3D%3D&sc=1&os=1-Ag%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-480&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=0&h=4&w=4&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&zGSRC=1&gu=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&id=1&ii=4&cm=1&zMoatIS=0&pl=1&f=0&t=1692335036306&de=614788305199&rx=818617337947&cu=1692335036306&m=18377&ar=2e6b325d-clean&iw=1138ff4&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4419&le=1&ch=0&vv=0&vw=0%3A0%3A0&vp=undefined&vx=-%3A-%3A-&pe=1%3A3422%3A3422%3A0%3A3412&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=0&cd=0&ah=0&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=oregonlive.com%3AComputers%20still%20down%20in%20Oregon%20county%20hit%20by%20cyberattack%3A__page__%3A-&gw=advanceddigitalheader640552616592&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&ab=3&fd=1&kt=null&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=42&na=1855293908&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.241.170 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-241-170.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 05:04:15 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 18 Aug 2023 05:04:15 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:04:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 18 Aug 2023 05:04:15 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E81B 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
39201
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 17 Aug 2023 18:10:54 GMT
expires
Fri, 16 Aug 2024 18:10:54 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame D277 		829 B
993 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f99.1e100.net
Software
GSE /
Resource Hash
cbea665491448a9bf4ddfe678460ac9ff9773ce5cf9f5b71b2f49e72bf5cfdff
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-m2as-gK4wJDfl9Z_UwAf8g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
537
content-security-policy
script-src 'report-sample' 'nonce-m2as-gK4wJDfl9Z_UwAf8g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 18 Aug 2023 05:04:15 GMT
expires
Fri, 18 Aug 2023 05:04:15 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
pixel.gif
px.moatads.com/ 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=25&q=2&hp=1&wf=1&ra=6&pxm=1&sgs=3&vb=4&kq=1&lo=3&uk=null&pk=1&wk=1&rk=1&tk=1&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F15405676982247968343&i=ADVANCEDDIGITAL_DFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BG%24%3D!!tFQ%5BhKjWfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-sISpS2PucglBbk5475S6XrSoK4rogWbxm7rLGdl3vY3c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-eVpGhov6BziEcg%3D%3D&sc=1&os=1-Ag%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-480&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&h=600&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&id=1&ii=4&pl=0&f=0&j=&t=1692335036306&de=403739846066&rx=818617337947&cu=1692335036306&m=18572&ar=2e6b325d-clean&iw=1138ff4&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4419&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=88&vx=88%3A-%3A-&pe=1%3A3422%3A3422%3A24414%3A3412&as=1&ag=15187&an=10066&gf=0&gg=0&ix=0&ic=0&ez=1&ck=1009&kw=826&aj=1&pg=88&pf=88&ib=1&cc=1&bw=15187&bx=10066&ci=1009&jz=826&dj=1&im=0&in=0&pd=0&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=15013&cd=9880&ah=15013&am=9880&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=1485972055%3A558359335%3A1720211575%3A138411207715&bo=343101415&bp=388286695&bd=undefined&gw=advanceddigitalheader640552616592&zMoatOrigSlicer1=343101415&zMoatOrigSlicer2=388286695&dfp=0%2C1&la=388286695&zMoatAU=%2F344101295%2FOR%2Fwww.oregonlive.com%2Fnews&zMoatProduct=cal&zMoatPS=-&zMoatSlot=RightRail_Top&zMoatPlatform=desktop&zMoatVersion=-&zMoatATF=true&zMoatCounter=1&zMoatJS=3%3A-&zMoatAdUnit1=-&zMoatAdUnit2=-&zMoatSM=-&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&oq=0&ot=cc&ti=0&ih=2&tc=0&fs=42&na=1382380862&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.241.170 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-241-170.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 05:04:15 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 18 Aug 2023 05:04:15 GMT
pixel.gif
px.moatads.com/ 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&wf=1&ra=6&pxm=1&sgs=3&vb=4&kq=1&lo=3&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=ADVANCEDDIGITAL_DFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BG%24%3D!!tFQ%5BhKjWfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-sISpS2PucglBbk5475S6XrSoK4rogWbxm7rLGdl3vY3c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-eVpGhov6BziEcg%3D%3D&sc=1&os=1-Ag%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-480&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=600&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&id=1&ii=4&pl=0&f=0&j=&t=1692335036306&de=439293034369&rx=818617337947&cu=1692335036306&m=18774&ar=2e6b325d-clean&iw=1138ff4&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4419&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A3422%3A3422%3A24414%3A3412&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=15167&cd=5121&ah=15167&am=5121&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=1485972055%3A558359335%3A1720211575%3A138411207445&bo=343101415&bp=388286695&bd=undefined&gw=advanceddigitalheader640552616592&zMoatOrigSlicer1=343101415&zMoatOrigSlicer2=388286695&dfp=0%2C1&la=388286695&zMoatAU=%2F344101295%2FOR%2Fwww.oregonlive.com%2Fnews&zMoatProduct=cal&zMoatPS=-&zMoatSlot=RightRail_Bottom&zMoatPlatform=desktop&zMoatVersion=-&zMoatATF=false&zMoatCounter=1&zMoatJS=3%3A-&zMoatAdUnit1=-&zMoatAdUnit2=-&zMoatSM=-&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&oq=0&ot=0&ti=0&ih=2&tc=0&fs=42&na=1934657581&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.241.170 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-241-170.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 05:04:15 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 18 Aug 2023 05:04:15 GMT
perf
ch-trc-events.taboola.com/advance-oregon/log/3/ 		0
380 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ch-trc-events.taboola.com/advance-oregon/log/3/perf?tvi2=10685&route=US%3ACH%3AV&lti=trecs-networks-panel_var
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/advance-network/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.oregonlive.com
pragma
no-cache
date
Fri, 18 Aug 2023 05:04:15 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
sodar
pagead2.googlesyndication.com/pagead/ Frame D277 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308100101&jk=398669120220532&rc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js
pagead2.googlesyndication.com/bg/ Frame E81B 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
sffe /
Resource Hash
54e623589f5260a5167aafd289740f8aae40ebe6e0d6afe29d28459edb5a4718
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 20:44:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
30007
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14636
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 16 Aug 2024 20:44:08 GMT
generate_204
tpc.googlesyndication.com/ Frame E81B 		0
41 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?1hagHg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:04:16 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308100101&jk=398669120220532&bg=!V1SlVADNAAZGPLJIZjw7ADkAdvg8WkPk7Ky9gYEnhKTLT8ZT6kPT87RcdgP6W1qg7tcg0KYr0mVGNO2zIgylfKtnZQS0vjlH_lsCAAAAilIAAAAGaAEHCgCDixvizhIlNcBPpD7j4WXvHZs470kiZaGuiLq1_Oftvq3hXXaYvZWCRaYqbDcykclx619DkSrO6x14-4Ark4--8BzB9TyJXW4MPfSjjyVKEPT71y2M8djE9ExTsIchV4XvaTXv2vh076TZA5757HN_-NFVXhIKO4ei1Nh5mNJah-piXnCZAsfrenAMRm2pAYEQ_oJNtICwsn4d1iybgzr7zSpprTM0sdifWbERmvaNgGj1wwXKWtkGQmjjlk9A4fvghujEaJhWytzYcLfFlm2eg67b7lvswegJ6yiPCAZLEKu_lbszJabumgUrK7fulkCl-vPw7Ilks3ccswhkhnkhqhjCDwTfLIld6JUw6YIRJaz5pGWdnMfR7AQ0YMLuXocvXOyTjGRRjgnqzVTFBXhJOtKuB5gI5iVCNnaw2qlzqz67kq_AmRKmx3m9GV6dpmdVkQY8WgFYsGnmhH3_jVXi-T3gedPcltlVDmhdaNWihVeezMdhq3wsdr_NWIoyAX_UWfzzfBgOnTD4960of3-U2xzWhLJE2qSqgyhFTe2vyI5ckR34JTVLPbUWEZVriQyCpO2xUWJzk2C4050M92Pefy8tdmfIyrzI_lLH218USbXiB2LlzQwm5ZXZBDqk073VgkxLpAbyOLn4q9XBQfDMDmsFY868_KxP47cakPqhp4FhMnGR2v6H6Sc7tQB7N9MSrai0i4Pw8SY-2wuTU6CFLa8oxixtq2_MUXc_m_opk_6VMbeu36ZavYyOiYsKx6hui-scAaglPu2VosRFjR4ViRP0jDn8oplxsiwLLkBH1ygp2CFir9fgT_W7zT3LgnFKThRpoTjCmf8ZT_VrNCl3lJcjNNI_yNjxw8-TofZ5fbw41wsgDHegfsScZ68a9wb5m_x2_3bwKHRYcXTxeWto_Qroo91Bjo-gWwJktA2XQ59L7ku1Bj7m4OZn0O18w_xNxAnxa5wfB6Mb3HkgSbJaUpMH4bdaHSde2W_zjZ1bXM8pIDMWkVGRBt2um0jlGSyCx3n2KhYO-PUkjOLdviOkIRhEvuboK16z3g1t4dy3aaIHzxIToe9EHhqOR1aN0oOAX9B8ukWxqrNbUevsg2gqnS1JJuqFDzYs11T4uFA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
data
bcp.crwdcntrl.net/6/ 		172 B
550 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/965/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.74.67.35 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-67-35.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
7a59bc58f3abfde16caeba6a66571f474a48a4e6b70f4f78fb4e2ec77cbc33b4

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 05:04:16 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.oregonlive.com
cache-control
no-cache
x-server
10.42.16.32
access-control-allow-credentials
true
content-length
172
expires
0
OpportunityServlet
ch-vid-events.taboola.com/ 		1 B
122 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ch-vid-events.taboola.com/OpportunityServlet
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_2_1/infra/cmTagINLINE_INSTREAM.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.oregonlive.com
date
Fri, 18 Aug 2023 05:04:16 GMT
access-control-allow-credentials
true
server
nginx
content-length
1
VideoBidRequestHandlerServlet
ch-wf.taboola.com/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ch-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=300&height=168&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1692335059299&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=5&pv=1541&pt=-2135443746&tz=480&viewable=true&ddast=V8kLgCLAbU6DeRE8HlnBKo0W8iJ4LLOS0AAABgYOD4AImsPDbfcmNzC1aziVs0mq3WCt_ItxYZJw7DcLeczSwLIyCRlcfmW25sbsFqNnGLRrPVWuEb-dYi48RhGO6Ws5llYQUk0vQZTQdJw2k2CJ0Xy9NkEBVdb4vd4TR7DmqBrGly-d2gDE2nw-e61-t-v7ve8vL57Wan7WXX-N1-ucv3-UsGk8FesNhr_G7D6_SyfN6a09Nsdov8vrtbaXfrLS-f3-7W-F130_MtdJreEudb47y4LA_T6eHx2oWmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rABjfIODMcli4l-d0UPvtlr_LHwAAAABAAAAAAJAAEEhvKgHwoTp24v________8_xgB95o2M_____xsLPQAefAA8CAEAALgYsjb57chY1jlO5ACjCCMAAAAAQstwoUcm6QQViyr____9VgCuAAAEKB4cXNVk0R2UeAsDAABAMGaBHha_3-ywa_xul_n_________N_N_5h-NUIsHbhphTBR7Nb-AAABrfgEBANhoG3IDAPBGAE7QIWjFYLA6BDQbzWYHAAAA4M7___-_HpDyDQfLyWLj2U2WM4vLZXOYNsPBcjgz-WaOlXO5PUhRhWKjtePbfUik6TOaDpKG02wQOi-Wp8kgKrreFrvDafYc1AJZ0-Ty28-ELUaryWSzHM6Wi8lgOBqORvszEIvZAE3EYLmcTBaT3Wq0Gm2Gu9FssEACMZggihYNJqvRaLKYDFejyWq2XOx2G0TRqtVstBkMV7PJbLdbDQfD5WiEJmwxWk0mm-VwtlxMBsPRcDQaIhjYbEyD4WCyltgss7Vo5HG4JQ6Lxy2bzHYzh3M4MW5ca9HrY7qYjMPFZuNFggFae5E8LdKJbjgbeXwbx8Iw8-wGg9FqN1l4diOHxzHYTUy2kUUs0Zws0onssm_5hoPlZLHx7CbLmcXlsjlMm-FgOZyZfDPHyrncFzYb02A4mKwlNstsLRp5HG6Jw-Jxyyaz3czhHE6MG9da9PqYLibjcLHZ-Buz5WSzWQ02s31jtpxsNqvBZrbv0Bm-q8_ZqNwMax2TbbpbnD43p0HhMli806JF2jocfUad1zYRpsbenHdidTkvXoPCc_Coxp9ryGtOiczVg9Z7MCpiieAinShMtofd43LrLS-f324RS5Smi3Sil7t8n79kMBnsBYu9xu82vE4vy-etOT3NZrfI77u7lXa33vLy-e1ujd91Nz3fQqfpLXG-Nc6Ly_IwnR4er11oepstYongdJFORC_j6aL-IwebzSWDzVyxmMwVs8UqAQAAAAAAAABYgkmmmwAAAAA4GcRysFvu1ulABrvVZLNaLoAH31ZdP-e80L8rliu7usVuIwV68hqKNfaYQ5hsD7vH5dZbXj6_3coAHiYhmG32GUGs1WpZAwAAEMAGAAAQwE033gScWXH_____4wAAAATIoQcAAHC8D8gqbL3QA1eKX0FMBpPV_gGoEGu1Wt1urNVqBSyoxW41m0AAAIEV!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2075235&dpubid=190797&abtst=166721b_vA!206725b_vA!nonrv_vA!t45!testmsn_vB&mPre=0.033&cirf=https%3A%2F%2Fwww.oregonlive.com&en=1&subu=4&panid=081c00a15d0180ed94e248888e4916d53938e9716699b50234e936fa923fae2a
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.1/UnitInlineDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
508da22ff3d9e76f83cb4dd8a6f5c5847ab04308db07e62e6cf08166aac39de4

Request headers

Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 05:04:19 GMT
content-encoding
gzip
server
nginx
machineid
1845
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.oregonlive.com
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel.gif
px.moatads.com/ 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=5&pxm=1&sgs=6&vb=4&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=ADVANCEDDIGITAL_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BG%24%3D!!tFQ%5BhKjWfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-sISpS2PucglBbk5475S6XrSoK4rogWbxm7rLGdl3vY3c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-eVpGhov6BziEcg%3D%3D&sc=1&os=1-Ag%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-480&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&fl=1&j=&xc=0&xb=0&xa=0&md=0&mc=0&lb=4419&ld=0&lc=0&la=0&cw=1600&cx=1200&sh=4419&sr=0&sb=0&sq=0&sa=0&sn=0&sj=0&sm=0&si=0&h=4&w=4&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&zGSRC=1&gu=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&id=1&ii=4&cm=1&zMoatIS=0&pl=1&f=0&t=1692335036306&de=614788305199&rx=818617337947&cu=1692335036306&m=23608&ar=2e6b325d-clean&iw=1138ff4&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&le=1&ch=0&vv=0&vw=0%3A0%3A0&vp=undefined&vx=-%3A-%3A-&pe=1%3A3422%3A3422%3A24414%3A3412&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5035&cd=0&ah=5035&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=oregonlive.com%3AComputers%20still%20down%20in%20Oregon%20county%20hit%20by%20cyberattack%3A__page__%3A-&gw=advanceddigitalheader640552616592&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&ab=3&fd=1&kt=null&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=42&na=1768734356&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.241.170 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-241-170.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 05:04:20 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 18 Aug 2023 05:04:20 GMT
mbox
vidanalytics.taboola.com/putes/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fastlane.rubiconproject.com
URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10071&site_id=311396&zone_id=1580986%3B1580978%3B1580974&size_id=2%3B15%3B15&alt_size_ids=55%2C57%3B10%3B10&p_pos=atf%3B%3B&gpp=DBABLA~BVQqAAAACgA.QA&gpp_sid=7&eid_crwdcntrl.net=081c00a15d0180ed94e248888e4916d53938e9716699b50234e936fa923fae2a%5E1&eid_pubcid.org=d25bbde6-9cd0-4d60-ba6e-eb63292e1da0%5E1&rf=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&tg_i.domain=oregonlive.com&tg_i.page=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&tg_i.aupname=344101295%2FOR%2F.*%26rg_adslot%3DTopRail_Below_Flex%2Crg_platform%3Ddesktop%3B344101295%2FOR%2F.*%26rg_adslot%3DRightRail_Top%2Crg_platform%3Ddesktop%3B344101295%2FOR%2F.*%26rg_adslot%3DRightRail_Bottom%2Crg_platform%3Ddesktop&tg_i.pbadslot=desktop-TopRail_Below_Flex%3Bdesktop-RightRail_Top%3Bdesktop-RightRail_Bottom&tk_flint=dmpbjs_v7.54.0&x_source.tid=fc37a741-6473-4950-b319-d84a2d6f851c%3B39baa719-a1e6-4a4b-aff8-39483d18f32f%3B6b06ce5b-3ba4-49c3-85c5-07774e8e8b51&l_pb_bid_id=2489b299e6ebf3%3B3197279a251646%3B4a2b8e9e6a3225&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=fc37a741-6473-4950-b319-d84a2d6f851c%3B39baa719-a1e6-4a4b-aff8-39483d18f32f%3B6b06ce5b-3ba4-49c3-85c5-07774e8e8b51&rp_hard_floor=0.41%3B0.16%3B0.15&rp_maxbids=1&p_gpid=desktop-TopRail_Below_Flex%3Bdesktop-RightRail_Top%3Bdesktop-RightRail_Bottom&slots=3&rand=0.7613688817102495
Domain
display.bidder.taboola.com
URL
https://display.bidder.taboola.com/OpenRTB/TaboolaHB/auction/1494814
Domain
exchange.postrelease.com
URL
https://exchange.postrelease.com/prebid?ntv_pb_eid=W3sic291cmNlIjoiY3J3ZGNudHJsLm5ldCIsInVpZHMiOlt7ImlkIjoiMDgxYzAwYTE1ZDAxODBlZDk0ZTI0ODg4OGU0OTE2ZDUzOTM4ZTk3MTY2OTliNTAyMzRlOTM2ZmE5MjNmYWUyYSIsImF0eXBlIjoxfV19LHsic291cmNlIjoicHViY2lkLm9yZyIsInVpZHMiOlt7ImlkIjoiZDI1YmJkZTYtOWNkMC00ZDYwLWJhNmUtZWI2MzI5MmUxZGEwIiwiYXR5cGUiOjF9XX1d&ntv_ptd=1127248,1127246&ntv_pas=eyIxMTI3MjQ2IjpbWzMwMCwyNTBdLFszMDAsNjAwXV0sIjExMjcyNDgiOltbMzAwLDI1MF0sWzMwMCw2MDBdXSwibGVuZ3RoIjoyfQ==&ntv_ppf=eyJyaWdodFJhaWwtVG9wLTMwMHhGbGV4Ijp7ImJhbm5lciI6eyIzMDB4MjUwIjowLjE2LCIzMDB4NjAwIjowLjE2LCIqIjowLjE2fSwiKiI6eyIqIjowLjE1LCIzMDB4MjUwIjowLjE1LCIzMDB4NjAwIjowLjE1fX0sInJpZ2h0UmFpbC1Cb3R0b20tMzAweEZsZXgiOnsiYmFubmVyIjp7IjMwMHgyNTAiOjAuMTUsIjMwMHg2MDAiOjAuMTUsIioiOjAuMTV9LCIqIjp7IioiOjAuMTUsIjMwMHgyNTAiOjAuMTUsIjMwMHg2MDAiOjAuMTV9fX0=&ntv_pbv=v7.54.0&ntv_pb_rid=25c8ae3aa3aeb6d&ntv_ppc=W3siYWRVbml0Q29kZSI6InJpZ2h0UmFpbC1Ub3AtMzAweEZsZXgiLCJtZWRpYVR5cGVzIjp7ImJhbm5lciI6eyJzaXplcyI6W1szMDAsMjUwXSxbMzAwLDYwMF1dfX19LHsiYWRVbml0Q29kZSI6InJpZ2h0UmFpbC1Cb3R0b20tMzAweEZsZXgiLCJtZWRpYVR5cGVzIjp7ImJhbm5lciI6eyJzaXplcyI6W1szMDAsMjUwXSxbMzAwLDYwMF1dfX19XQ==&ntv_dbr=eyJyaWdodFJhaWwtVG9wLTMwMHhGbGV4IjowLCJyaWdodFJhaWwtQm90dG9tLTMwMHhGbGV4IjowfQ==&ntv_url=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html
Domain
lexicon.33across.com
URL
https://lexicon.33across.com/v1/envelope?pid=0015a00003GCf6FAAT&src=aps&ver=1.0.1&us_privacy=1---
Domain
lexicon.33across.com
URL
https://lexicon.33across.com/v1/envelope?pid=0014000001PAW0LAAX&src=esp&ver=1.0.1&us_privacy=1---
Domain
lexicon.33across.com
URL
https://lexicon.33across.com/v1/envelope?pid=0014000001PAW0LAAX&gdpr=0&src=pbjs&ver=7.54.0
Domain
cdn.stickyadstv.com
URL
https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1692335044471
Domain
match.prod.bidr.io
URL
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=
Domain
vidanalytics.taboola.com
URL
https://vidanalytics.taboola.com/putes/mbox

Verdicts & Comments Add Verdict or Comment

792 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| documentPictureInPicture function| admiral object| googletag object| sophi number| a object| sophiSegments object| BOOMR_mq string| BOOMR_API_key object| BOOMR string| environment object| adiData object| dataLayer object| Fusion object| react object| React function| setImmediate function| clearImmediate object| ReactDOM object| PropTypes object| StyledComponents object| adiTrackPromise object| adiTrack object| regeneratorRuntime object| OneTrustStub function| addUspapiFrame function| optOutMsgHandler function| __uspapi object| usPrivacyCookie object| otCcpaOptOut function| dnsfeed object| CDP object| apstag object| pbjs boolean| bcDFPCallbackCalled function| bcDFPCallback object| lotame_965 number| rg_insertionMultiple object| AdManager function| setAdiDataAffiliateMarket object| _taboola object| Advance object| tp object| SWG function| 4dm1r11545242527 object| $OPHI_GN function| sophiTag object| Snowplow object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data object| idl object| teads_analytics string| bcHostname object| pArray function| adiGetLotameValue number| times function| waitFor object| lotameSegments object| atsScript boolean| isOriginalIDL undefined| revgenDebug string| bcAffiliateProp string| logStyle function| handleProfileProperties function| debouncedHandleProfileProperties function| loadValuesFromBlueConic function| debounce function| storeIDLInfo function| setOriginalIDL function| retry function| retryGetProfileProps function| emitIDLInfo function| retryEmitIDLInfo function| setLiveRampsIDL function| waitForBcPageView function| waitForATS function| waitForAuth0 function| waitForWall function| waitForBC function| pathValue object| IDLExists object| isIDLReportingPending object| isProfileUpdatePending object| atsPromise object| profilePromise object| loginAuth0Promise object| emailWallPromise object| pianoScript string| GoogleAnalyticsObject function| ga object| PARSELY object| ntv undefined| debug function| removeHash function| debugLog function| backfillNativo object| clientScript object| _comscore function| rdt function| fbq function| _fbq string| meterContentType function| kwa object| se object| fs function| twq object| _linkedin_data_partner_ids boolean| _already_called_lintrk object| scrEm function| BOOMR_check_doc_domain object| ErrorStackParser object| UserTimingCompression function| lotameIsCompatible function| lt965_ba function| lt965_b undefined| lt965_c undefined| lt965_ca undefined| lt965_da function| lt965_ea object| lt965_e function| lt965_fa function| lt965_g function| lt965_ha object| lt965_ object| lt965_na object| lt965_oa object| lt965_Na object| lt965_Xa object| lt965_Ya object| lt965_7 function| lt965_aa function| lt965_a function| lt965_d function| lt965_f function| lt965_h function| lt965_ga function| lt965_ia function| lt965_i function| lt965_ja function| lt965_j function| lt965_k function| lt965_l function| lt965_m function| lt965_n function| lt965_la function| lt965_ka function| lt965_o function| lt965_p function| lt965_ma function| lt965_q function| lt965_r function| lt965_s function| lt965_t function| lt965_u function| lt965_sa function| lt965_pa function| lt965_qa function| lt965_w function| lt965_ra function| lt965_x function| lt965_y function| lt965_z function| lt965_A function| lt965_v function| lt965_B function| lt965_C function| lt965_ta function| lt965_D function| lt965_E function| lt965_ua function| lt965_F function| lt965_G function| lt965_va function| lt965_H function| lt965_I function| lt965_J function| lt965_L function| lt965_M function| lt965_N function| lt965_K function| lt965_wa function| lt965_xa function| lt965_O function| lt965_ya function| lt965_za function| lt965_Aa function| lt965_Ba function| lt965_Ca function| lt965_Da function| lt965_Ea function| lt965_Ia function| lt965_Fa function| lt965_Ga function| lt965_Ha function| lt965_Ja function| lt965_La function| lt965_Ka function| lt965_Ma function| lt965_P function| lt965_Oa function| lt965_Pa function| lt965_Qa function| lt965_Ra function| lt965_Sa function| lt965_Ta function| lt965_Ua function| lt965_Va function| lt965_Wa function| lt965_Q function| lt965_Za function| lt965__a function| lt965_0a function| lt965_R function| lt965_S function| lt965_1a function| lt965_T function| lt965_U function| lt965_2a function| lt965_3a function| lt965_4a function| lt965_V function| lt965_W function| lt965_X function| lt965_Y function| lt965_5a function| lt965_8a function| lt965_7a function| lt965_6a function| lt965_Z function| lt965__ function| lt965_0 function| lt965_1 function| lt965_4 function| lt965_$a function| lt965_bb function| lt965_ab function| lt965_db function| lt965_cb function| lt965_2 function| lt965_fb function| lt965_hb function| lt965_gb function| lt965_3 function| lt965_9a function| lt965_eb function| lt965_ib function| lt965_jb function| lt965_kb function| lt965_lb function| lt965_5 function| lt965_6 function| lt965_mb function| lt965_nb function| lt965_ob function| lt965_pb function| lt965_qb function| lt965_rb function| lt965_sb function| lt965_tb function| lt965_ub function| lt965_vb function| lt965_8 function| lt965_yb function| lt965_zb function| lt965_xb function| lt965_wb function| lt965_Bb function| lt965_Ab function| lt965_Db function| lt965_Cb function| lt965_Eb function| lt965_Fb function| lt965_Gb function| lt965_Hb function| lt965_Ib function| lt965_Jb function| lt965_Lb function| lt965_Ob function| lt965_Nb function| lt965_Kb function| lt965_Rb function| lt965_Mb function| lt965_Pb function| lt965_Tb function| lt965_Sb function| lt965_Ub function| lt965_Qb function| lt965_Vb function| lt965_Wb function| lt965_Xb function| lt965_9 function| lt965_Yb function| lt965_Zb function| lt965__b function| lt965_0b function| lt965_1b function| lt965_$ function| lt965_2b function| lt965_3b function| lt965_4b function| lt965_5b function| lt965_6b function| lt965_7b function| lt965_8b function| lt965_9b function| lt965_ac function| lt965_bc function| lt965_cc function| lt965_$b object| __otccpaooLocation object| _aps boolean| apstagLOADED object| apscustom function| onYouTubeIframeAPIReady object| gaGlobal object| ggeac object| google_js_reporting_queue object| TRC object| taboolaEvents object| _tblConsole number| trc_debug_level object| TRCImpl undefined| __startEngine boolean| __tblTrecsInit function| __trcDebug function| __trcError function| __trcInfo function| __trcWarn string| pm_pgtp string| OnetrustActiveGroups string| OptanonActiveGroups function| __gpp object| otStubData object| lotame_sync_16576 object| blueConicPreListeners function| BCClass object| blueConicClient object| pbjsChunk object| _pbjsGlobals object| mnet object| liQ_instances object| default_gsi object| google object| closure_lm_519476 object| __G_ID_CLIENT__ object| atsenvelopemodule object| fbcapimodule object| ats function| sync16576_aa function| sync16576_c undefined| sync16576_d undefined| sync16576_ba undefined| sync16576_e function| sync16576_f object| sync16576_h function| sync16576_ca function| sync16576_j function| sync16576_da object| sync16576_ object| sync16576_ga object| sync16576_v object| sync16576_na object| sync16576_wa object| sync16576_xa function| sync16576_a function| sync16576_b function| sync16576_g function| sync16576_i function| sync16576_k function| sync16576_l function| sync16576_m function| sync16576_n function| sync16576_o function| sync16576_p function| sync16576_q function| sync16576_r function| sync16576_fa function| sync16576_ea function| sync16576_s function| sync16576_t function| sync16576_u function| sync16576_w function| sync16576_ha function| sync16576_ia function| sync16576_y function| sync16576_ja function| sync16576_z function| sync16576_A function| sync16576_x function| sync16576_B function| sync16576_ka function| sync16576_C function| sync16576_D function| sync16576_E function| sync16576_F function| sync16576_G function| sync16576_H function| sync16576_I function| sync16576_K function| sync16576_L function| sync16576_M function| sync16576_J function| sync16576_la function| sync16576_ma function| sync16576_N function| sync16576_O function| sync16576_oa function| sync16576_P function| sync16576_pa function| sync16576_qa function| sync16576_ra function| sync16576_Q function| sync16576_sa function| sync16576_ta function| sync16576_ua function| sync16576_va function| sync16576_R function| sync16576_S function| sync16576_ya function| sync16576_T function| sync16576_U function| sync16576_V function| sync16576_W function| sync16576_za function| sync16576_X function| sync16576_Y function| sync16576_Z function| sync16576__ function| sync16576_0 function| sync16576_Da function| sync16576_Aa function| sync16576_1 function| sync16576_Ca function| sync16576_Ba function| sync16576_2 function| sync16576_3 function| sync16576_4 function| sync16576_5 function| sync16576_Fa function| sync16576_Ga function| sync16576_Ia function| sync16576_Ea function| sync16576_7 function| sync16576_Ha function| sync16576_Ka function| sync16576_Ja function| sync16576_8 function| sync16576_6 function| sync16576_9 function| sync16576_La function| sync16576_Ma function| sync16576_Na function| sync16576_Oa function| sync16576_$ function| sync16576_Pa function| sync16576_Qa function| sync16576_Ra function| sync16576_Sa function| get_real_link object| __SKIM_JS_GLOBAL__ object| skimlinksAPI object| currentSegments object| segmentWhiteList object| filteredSegments object| filteredAudGov object| filteredAudIndividual object| filteredAudVoter object| filteredAudMVD object| filteredAudMayoral object| filteredAudMidterm2022 undefined| google_measure_js_timing number| google_unique_id object| otIabModule object| Optanon object| OneTrust function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam string| trc_article_id string| trc_item_url string| trc_map_url object| trc number| taboola_view_id function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_na object| sync16589_wa object| sync16589_xa function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_K function| sync16589_L function| sync16589_M function| sync16589_J function| sync16589_la function| sync16589_ma function| sync16589_N function| sync16589_O function| sync16589_oa function| sync16589_P function| sync16589_pa function| sync16589_qa function| sync16589_ra function| sync16589_Q function| sync16589_sa function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_R function| sync16589_S function| sync16589_ya function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_W function| sync16589_za function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Da function| sync16589_Aa function| sync16589_1 function| sync16589_Ca function| sync16589_Ba function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Fa function| sync16589_Ga function| sync16589_Ia function| sync16589_Ea function| sync16589_7 function| sync16589_Ha function| sync16589_Ka function| sync16589_Ja function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_La function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_$ function| sync16589_Pa function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa object| lotame_sync_16589 number| BOOMR_configt object| COMSCORE object| ns_p object| gaplugins undefined| ct undefined| et undefined| hourElapsed undefined| msg undefined| pixelDomain undefined| isDomless undefined| documentReferrer undefined| isBeta undefined| viewHash undefined| tagType undefined| pxSrc undefined| moat_px object| Moat#G26 object| MoatSuperV26 object| Moat#PML#26#1.2 boolean| Moat#EVA function| __moatSlotTagLoadedadvanceddigitalheader640552616592 object| SUBSCRIPTIONS object| twttr object| configArgs number| pixelRatio number| width number| height object| screenSize object| labels boolean| _tb_dis string| pm_ppy string| _pmep string| _pmep_geo string| _pmpmk boolean| _pmasync boolean| _pmoptimization boolean| _pmoptimizationmanipulation boolean| _pmhp boolean| _pmsb object| pmk object| pmglb object| pmfa object| pmad object| pmdebug_c object| _pmenv object| _pma undefined| _tb_d undefined| _tb_rand object| _pm_ecd string| _tb_vpx boolean| _tb_vautop function| _pmloadfile function| pmws_request_done function| _tb_getUrlParameter object| Sailthru function| lintrk string| nam object| placementData undefined| nQuery number| ntvLoadStart object| prdom object| onFocusEvents function| ntvjQueryInit function| ntvExtends function| ntvAppendStylesheet function| ntvAppendScript function| ntvGetElementViewability function| ntvArticleTracker function| ntvViewableImpressionTracker object| PostRelease object| ntvToutAds boolean| onFocus object| _mather number| _zid object| _matherq object| tid function| _33AcrossIdMappingsProvider object| trx function| md5 object| GlobalSnowplowNamespace function| snowplowKW object| _33across function| _typeof boolean| pnFullTPVersion number| pnInitPerformance boolean| pnHasPolyfilled object| pn string| __tpVersion function| ___tp object| ox_esp object| ID5 object| __id5_instances function| isAnExcludedLink object| PublisherCommonId function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray object| signal_decrypted object| bc_json1072 object| _pmk function| TBWidgetFacebook function| TBVideoElem function| TBVideoEvents function| TBOptimizationAutoPlayInfoFromXPathAndURL function| TBWidgetVideoPlayer function| TBGenericVideoModule function| TBOtherPlayer function| TBVideoMetaData function| TBVideo function| TBVideoDetectionYoutubeAPI function| TBOptimizationTouchAndClickEventTracker function| TBWidgetStorage object| PMFileLoader object| PMPage object| PMTemplate function| PMTracking function| PMUniversalGA function| PMMdotLabs function| PMComScore function| PMPublisher function| TBOptimization function| PMGlobal function| pmws_getlocation_done object| pmdebug object| pmws object| pi object| _pm_mcg object| image string| url string| ptitle object| gaData object| cmTag object| __uid2SecureSignalProvider object| __uid2 object| _cm_wfCounters string| lastWfUrl function| $ function| RuleService object| _bcp function| BlueConicEngagement object| justDetectAdblock object| bcConnectionUtil function| BlueConicDataLayerUtility string| _contentURL string| _title object| bcSegmentsArray number| bcchunkSize number| num string| chunkString object| bcGASegment string| bcGASegmentName undefined| dcrSegmentsMI object| bc_json1073 function| webpackHotUpdate function| startCMTagMain string| category function| OvaMediaPlayer object| PianoESPConfig object| tbopt number| BOOMR_onload object| GoogleGcLKhOms

235 Cookies

Domain/Path Name / Value
.taboola.com/advance-oregon/ Name: taboola_session_id
Value: v2_e780921c3729fbeefa438098fd7f1e99_03c40802-bf26-4dca-babc-6267fa98b8c5-tuctbd8813c_1692335036_1692335036_CNawjgYQrf0-GImtnbigMSABKAEw4QE4kaQOQNWmD0jX7NwDUKsEWABgAGjxg5HW9JH9uAVwAQ
a051.oregonlive.com/DG/DEFAULT Name: BCSessionID
Value: fd19278e-918a-4958-b72b-880844952999
advancelocal.blueconic.net/DG/DEFAULT Name: BCSessionID
Value: fd19278e-918a-4958-b72b-880844952999
.oregonlive.com/ Name: sophiTagses.32f5
Value: *
.oregonlive.com/ Name: sophiTagid.32f5
Value: 7b3ef3e4-2e61-41f4-8176-840e5638f711.1755495234329.1.1692335034.1755495234329.05cb294c-a664-4ca9-8128-44cb9ff443e7
.oregonlive.com/ Name: _sp_duid
Value: 7b3ef3e4-2e61-41f4-8176-840e5638f711
.oregonlive.com/ Name: _gcl_au
Value: 1.1.668963677.1692335035
.oregonlive.com/ Name: utag_vnum
Value: 1694927034856&vn=1
.oregonlive.com/ Name: utag_invisit
Value: true
.oregonlive.com/ Name: utag_dslv_s
Value: Less than 1 day
cdn.taboola.com/ Name: abLdr
Value: 25
.oregonlive.com/ Name: _cc_id
Value: 4d9a01da34958f70238a20be8a904041
.crwdcntrl.net/ Name: _cc_dc
Value: 2
.crwdcntrl.net/ Name: _cc_domain
Value: .cc.oregonlive.com
.crwdcntrl.net/ Name: _cc_id
Value: 4d9a01da34958f70238a20be8a904041
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQMEmxTDQwTEk0NrE0tUgzNzAytkg0MkhKtUi0NDAxMDFkAIKUe793g2gI4F%2FU3czJeJSd4T8jI8O%2FGe1KMPb%2FBz0sMPadawj2nFcfdWHil049YoOxzx09xAxj%2F9g4Ba53977LAjDxDw334ezDi%2BfA1bxbgmCfPqkOU75oyy5DGPvT5hdwawERyEhx"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBIufd7N5CCACYGBiV2MFPRH0gAAFIfA5Q%3D"
.oregonlive.com/ Name: _cc_cc
Value: ACZ4XmNQMEmxTDQwTEk0NrE0tUgzNzAytkg0MkhKtUi0NDAxMDFkAIKUe793g2gI4F%2FU3czJeJSd4T8jI8O%2FGe1KMPb%2FBz0sMPadawj2nFcfdWHil049YoOxzx09xAxj%2F9g4Ba53977LAjDxDw334ezDi%2BfA1bxbgmCfPqkOU75oyy5DGPvT5hdwawERyEhx
.oregonlive.com/ Name: _cc_aud
Value: ABR4XmNgYGBIufd7N5CCACYGBiV2MFPRH0gAAFIfA5Q%3D
.oregonlive.com/ Name: panoramaId_expiry
Value: 1692939835386
.oregonlive.com/ Name: panoramaId
Value: 081c00a15d0180ed94e248888e4916d53938e9716699b50234e936fa923fae2a
.oregonlive.com/ Name: panoramaIdType
Value: panoIndiv
www.oregonlive.com/ Name: last_visit_bc
Value: 1692335035608
www.oregonlive.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.oregonlive.com/ Name: _li_dcdm_c
Value: .oregonlive.com
.oregonlive.com/ Name: _lc2_fpi
Value: 4ba582fb2221--01h83gen8xktc15tdqmhqd5kny
.oregonlive.com/ Name: pbjs_pubcommonID
Value: d25bbde6-9cd0-4d60-ba6e-eb63292e1da0
www.oregonlive.com/ Name: authsource_origin
Value: false
.oregonlive.com/ Name: OTGPPConsent
Value: DBABLA~BVQqAAAACgA.QA
www.oregonlive.com/ Name: usprivacy
Value: 1---
www.oregonlive.com/ Name: _tfpvi
Value: NzYyYTc2MTQtODg1OS00MTIxLTgxOGUtMDg4YjI1NWMxZTA2IzEtOA%3D%3D
.oregonlive.com/ Name: _awl
Value: 2.1692335036.5-88c9a400b9005a9167b8b249b02acc64-6763652d617369612d6561737431-0
.oregonlive.com/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Fri+Aug+18+2023+13%3A03%3A56+GMT%2B0800+(Australian+Western+Standard+Time)&version=202307.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&landingPath=https%3A%2F%2Fwww.oregonlive.com%2Fnews%2F2020%2F01%2Fcomputers-still-down-in-oregon-county-hit-by-cyberattack.html&GPPCookiesCount=1&groups=1912%3A1%2CC0001%3A1%2CC0002%3A1%2CC0004%3A1%2CC0003%3A1
.oregonlive.com/ Name: __gads
Value: ID=fabd93a9ae838625:T=1692335036:RT=1692335036:S=ALNI_Mbp2_jo7kH0WASVH9oxJJVNA8yqxg
.oregonlive.com/ Name: __gpi
Value: UID=00000c2e31194702:T=1692335036:RT=1692335036:S=ALNI_MbJqFZN7yREljxQspT74V5V5s_kow
.ml314.com/ Name: pi
Value: 3637882567607189508
www.oregonlive.com/ Name: _lr_geo_location_state
Value: NSW
www.oregonlive.com/ Name: _lr_geo_location
Value: AU
.scorecardresearch.com/ Name: UID
Value: 1522c082ac64351de8d98bf1692335036
.oregonlive.com/ Name: _rdt_uuid
Value: 1692335036686.e055f00a-46e6-40b3-903c-dabcdff0f676
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 551EE106-756F-4E51-B29D-5D3D95B38A23
.postrelease.com/ Name: visitor
Value: 41a191d8-5ae5-4a33-94c3-903e4621595e
.postrelease.com/ Name: status
Value: 1
.bluekai.com/ Name: bku
Value: Whz99npflZHPgSQy
www.oregonlive.com/ Name: sailthru_pageviews
Value: 1
.taboola.com/ Name: t_gid
Value: 03c40802-bf26-4dca-babc-6267fa98b8c5-tuctbd8813c
www.oregonlive.com/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D03c40802-bf26-4dca-babc-6267fa98b8c5-tuctbd8813c
www.oregonlive.com/ Name: ntv_as_us_privacy
Value: 1---
.oregonlive.com/ Name: _ml_ses
Value: *
.thrtle.com/ Name: mc
Value: eyJpZCI6IjhmMGNiNDUyLTk0NWItNDYzNS05MjBhLWEwMGU2ZTVkZGFhOCIsImwiOjE2OTIzMzUwMzcwNTEsInQiOjF9
.oregonlive.com/ Name: kw.session_ts
Value: 1692335037300
.oregonlive.com/ Name: kw.pv_session
Value: 1
.liadm.com/ Name: lidid
Value: ddb36995-71ec-4c86-adec-1b55b9b2e327
.postrelease.com/ Name: ver
Value: 1
www.oregonlive.com/ Name: ntvSession
Value: {"id":3608894,"placementID":1095377,"lastInteraction":1692335037411,"sessionStart":1692335037411,"sessionEndDate":1692374400000,"experiment":""}
www.oregonlive.com/ Name: _ntv_uid
Value: 41a191d8-5ae5-4a33-94c3-903e4621595e
.oregonlive.com/ Name: _sp_ses.e142
Value: *
.oregonlive.com/ Name: _sp_id.e142
Value: 41e64ae9-ddd0-43d4-8518-606a3c601131.1692335038.1.1692335038.1692335038.45cb4b4a-9427-4dde-8e1a-740180713e93
www.oregonlive.com/ Name: ln_or
Value: eyIzMjUyMzc4IjoiZCJ9
.doubleclick.net/ Name: IDE
Value: AHWqTUm060UEhOP1k4hQL30Fl5cWvuam8m1_O8dIm3g01HRcWreHKfpKL83uxQPu9p8
.openx.net/ Name: i
Value: d62ff140-5b77-45b3-8983-bff1692756e2|1692335037
.oregonlive.com/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://www.oregonlive.com/news/2020/01/computers-still-down-in-oregon-county-hit-by-cyberattack.html%22%2C%22sref%22:%22%22%2C%22sts%22:1692335038008%2C%22slts%22:0}
.oregonlive.com/ Name: _parsely_visitor
Value: {%22id%22:%22pid=d8065c50c6270700dcc030dc64edf27a%22%2C%22session_count%22:1%2C%22last_session_ts%22:1692335038008}
.oregonlive.com/ Name: _fbp
Value: fb.1.1692335038030.1551754179
.oregonlive.com/ Name: AMP_TOKEN
Value: %24NOT_FOUND
.oregonlive.com/ Name: _ga
Value: GA1.2.858605516.1692335035
.oregonlive.com/ Name: _gid
Value: GA1.2.1376214605.1692335038
.oregonlive.com/ Name: _gat_UA-16643585-5
Value: 1
www.oregonlive.com/ Name: sailthru_content
Value: 89e0e07a5de54d39b6c4e4b560ddbfa5
www.oregonlive.com/ Name: sailthru_visitor
Value: 4ae79e9d-8099-4ce2-9574-ef151cc00c1a
.t.co/ Name: muc_ads
Value: d2b6f750-1469-453a-853b-ede0e63c4204
.amazon-adsystem.com/ Name: ad-id
Value: A8P83CU2fkNwgvVYo3WF1PU
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.twitter.com/ Name: guest_id_marketing
Value: v1%3A169233503806780484
.twitter.com/ Name: guest_id_ads
Value: v1%3A169233503806780484
.twitter.com/ Name: personalization_id
Value: "v1_3f3dMTo4Hr0RYncqTo5lNw=="
.twitter.com/ Name: guest_id
Value: v1%3A169233503806780484
.linkedin.com/ Name: li_sugr
Value: 5eab7dc7-5aee-495b-ade0-2886c02582ed
.linkedin.com/ Name: bcookie
Value: "v=2&08ef07ac-fb7b-408f-849d-0aa3f8094ca2"
.linkedin.com/ Name: lidc
Value: "b=VGST07:s=V:r=V:a=V:p=V:g=2696:u=1:x=1:i=1692335038:t=1692421438:v=2:sig=AQG2E-HkZbHBXilKCtfr3PGA24Zfh_g4"
.openx.net/ Name: pd
Value: v2|1692335038|jElYiuvOhI
.smartadserver.com/ Name: pid
Value: 4530681814726889376
.linkedin.com/ Name: UserMatchHistory
Value: AQIo_2rlwhU-wQAAAYoHB2CWgYUXYbSFx74fe0TDgneaYlcKLZHzAhL1B0Wz7R8i4ya3aeAzDnXa8g
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQJYxbhVbCZzUQAAAYoHB2CWUTZJGtDQKO0hY95PFp_ZQtlHwinzINA-M6iWL24rhUq1XnNdrD9ixkvZOx4ozg
.socdm.com/ Name: SOC
Value: ZN77vsCo8YkAAOVljagAAAAA
.adsrvr.org/ Name: TDID
Value: 8b999cfa-351b-4b8b-9198-9c822931a478
.www.linkedin.com/ Name: bscookie
Value: "v=1&20230818050358e13fd01a-6da1-44d8-8a23-b8e3ba19bbdbAQFJSgHAHKxTnsqizOYRYX_3FwBO4x8o"
.socdm.com/ Name: SOSYNC
Value: anNvbjp7Im9wZW54IjoxNjkyMzM1MDM5fQ
.adnxs.com/ Name: uuid2
Value: 7863576873242556398
.rubiconproject.com/ Name: khaos
Value: LLG4L5CG-H-2N2O
.yahoo.com/ Name: A3
Value: d=AQABBL_73mQCEJkYn7042XraujTF9I5l1zAFEgEBAQFN4GToZNwu0iMA_eMAAA&S=AQAAAu4ZJfMEn4ymc8ZEI8lXXXQ
.openx.net/ Name: univ_id
Value: 537072971|03fe9b01-43dc-4fda-ad2d-91fffd659144|1692335039132562
.ladsp.com/ Name: cr
Value: 1
.lijit.com/ Name: ljt_reader
Value: HK3PCQZHXnXF9NZ_SEyDRNsl
.ladsp.com/ Name: smn_uid
Value: Z7x-UBBFpVkz0yu2qB_7Pg-yJf-CMD4
.ladsp.com/ Name: lum
Value: CPvHnbigMRIFCAMQ0AU
.contextweb.com/ Name: V
Value: oHUxQ8S7vp57
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: de59d89ef36a2b22
www.oregonlive.com/ Name: BCSessionID
Value: fd19278e-918a-4958-b72b-880844952999
.smartadserver.com/ Name: csync
Value: 107:03c40802-bf26-4dca-babc-6267fa98b8c5-tuctbd8813c
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-8b999cfa-351b-4b8b-9198-9c822931a478&KRTB&22918-8b999cfa-351b-4b8b-9198-9c822931a478&KRTB&23031-8b999cfa-351b-4b8b-9198-9c822931a478
.lijit.com/ Name: _ljtrtb_42
Value: 03c40802-bf26-4dca-babc-6267fa98b8c5-tuctbd8813c
.criteo.com/ Name: uid
Value: 00ba0101-218e-463a-b0f2-54fd1550533a
.3lift.com/ Name: tluid
Value: 4559900598254341168894
.tapad.com/ Name: TapAd_TS
Value: 1692335039806
.tapad.com/ Name: TapAd_DID
Value: 3642a27d-858e-4c26-b54a-6e8c703ac9d3
.bidswitch.net/ Name: c
Value: 1692335039
advancelocal.blueconic.net/ Name: AWSALBCORS
Value: fEjR2H/512JrTmo/r4RV9wMj0wxc3hlrqgWhYrjtgnaFRUxImsK/2ImXP+Qqp8JKm3epUcXb2cxUeWtukdl0KXN61rGGzcAuvZZxPQIj4ZS2SuduBcL22Lemvz6X
.oregonlive.com/ Name: utag_vs
Value: 5
.oregonlive.com/ Name: utag_dslv
Value: 1692335040037
.oregonlive.com/ Name: _ga_PWR1T65GXN
Value: GS1.1.1692335035.1.0.1692335040.0.0.0
www.oregonlive.com/ Name: _lr_sampling_rate
Value: 100
.doubleclick.net/ Name: DSID
Value: NO_DATA
.simpli.fi/ Name: suid
Value: F0A81E0D1BBC488EBBC038DE7AB08D2B
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEJ-16_erUMgiz3hKaz0y4_k&KRTB&23025-CAESEJ-16_erUMgiz3hKaz0y4_k&KRTB&23386-CAESEJ-16_erUMgiz3hKaz0y4_k
.bidswitch.net/ Name: tuuid_lu
Value: 1692335040
.bidswitch.net/ Name: tuuid
Value: 85d455f1-a9cd-401c-b4a8-2f85f780b33b
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:F0A81E0D1BBC488EBBC038DE7AB08D2B&KRTB&23489-uid:F0A81E0D1BBC488EBBC038DE7AB08D2B
.adx.opera.com/ Name: UID
Value: OPUc166af47755d431da875e2ed02f2fa1f
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!5525
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-4f924675-93a1-596c-7da8-efeb2dbc1690.8S6NTx51zXfmrng2kA7Gz1FHLMWcmx3RD44TlEbytLo
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-4f924675-93a1-596c-7da8-efeb2dbc1690.8S6NTx51zXfmrng2kA7Gz1FHLMWcmx3RD44TlEbytLo
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AT5JGdZOhWWx9qO_rLbwWkELLcKE.aLAJ5k7N9KWx0YwG8MGLGFm8427KGOqlyLZu7oHttao
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AT5JGdZOhWWx9qO_rLbwWkELLcKE.aLAJ5k7N9KWx0YwG8MGLGFm8427KGOqlyLZu7oHttao
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKILovhLiGAgKAdc7qBYyU4ubRjw4vi41nWfuYi8SK06g0EHwYBCDA9_umBjABOgTa3nmDQgQH8iER.mz5VCYQQK23dw82dCyBYA1fp%2F9kzPrzNh6XOBoeb%2BDY
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKILovhLiGAgKAdc7qBYyU4ubRjw4vi41nWfuYi8SK06g0EHwYBCDA9_umBjABOgTa3nmDQgQH8iER.mz5VCYQQK23dw82dCyBYA1fp%2F9kzPrzNh6XOBoeb%2BDY
.google.com/ Name: NID
Value: 511=akgjOgo95XlEC4PX9l1gQmc9VKMF4LQCFb9QTwjZSqIS9t0b3ilMSME55MQdF-N6fNivV8B8X8vyk3uzbVO-vtCMG0rIEdzKoki5rp1p74X4Qv9C78uvTs3WGgE3Mliv6soh2PmN7-p4k5jhyt6O6kjYglYRH8ozoF2kNQPJAlg
.sitescout.com/ Name: ssi
Value: e4314d07-0d11-48d6-99a3-aa5b810dead3#1692335040544
.mfadsrvr.com/ Name: tuuid
Value: b891cd1a-f4d0-4056-8fe1-6a338fe37346
.mfadsrvr.com/ Name: c
Value: 1692335040
.mfadsrvr.com/ Name: tuuid_lu
Value: 1692335040
.sitescout.com/ Name: _ssuma
Value: eyI3NyI6MTY5MjMzNTA0MDg3OX0
.oregonlive.com/ Name: _pcid
Value: %7B%22browserId%22%3A%22llg4l41ay6vccpo8%22%7D
.oregonlive.com/ Name: _pcus
Value: eyJ1c2VyU2VnbWVudHMiOm51bGx9
a051.oregonlive.com/ Name: AWSALB
Value: BMFyp1aK2z1YIK93NSf/J5h0V4IJvUpu9Zp//R5cnxWT2f9kcuthU51sBCBjM37S35mHQGnyp3/U9vsv66q8Y+QETkeWXVJInKaSYQZ43ZSixCv4PYsO25ZzGTik
a051.oregonlive.com/ Name: AWSALBCORS
Value: BMFyp1aK2z1YIK93NSf/J5h0V4IJvUpu9Zp//R5cnxWT2f9kcuthU51sBCBjM37S35mHQGnyp3/U9vsv66q8Y+QETkeWXVJInKaSYQZ43ZSixCv4PYsO25ZzGTik
.id5-sync.com/ Name: callback
Value:
.admixer.net/ Name: am-uid
Value: 542863e733184c42bdcf045574989afa
.nrich.ai/ Name: _nauid
Value: 7edfd391-d5a6-42c6-90bb-c48894b916f4
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-85d455f1-a9cd-401c-b4a8-2f85f780b33b
.piano.io/ Name: __cf_bm
Value: qGiIy0iqPMRoqpit9QAy0agLxg7JwgDLy0ussU6Bnao-1692335042-0-AXESk5QtZ9n7mip9mPsLU23nSlBSsEJF036CNSglykePLr5ckHeQMWYpJx96wS93vOEwMMJznwjxwHY9+8nU158=
www.oregonlive.com/ Name: _lr_retry_request
Value: true
www.oregonlive.com/ Name: _lr_env_src_ats
Value: false
.oregonlive.com/ Name: __tbc
Value: %7Bkpex%7DO7gM28_j5dAdxYkz0cefPiAO-sGCbp8qlh8wE36aoizgw9AgvQEGpkWwkoeI4d0y
.oregonlive.com/ Name: __pat
Value: -14400000
.oregonlive.com/ Name: __pvi
Value: eyJpZCI6InYtMjAyMy0wOC0xOC0xMy0wMy01Ny0zNjctV0tIRjRBdkh5ZkY0TVNjRS1iYjgyZGExYWUwZjkwODQzODZjZDQ4NTcyYzEwZTI5NSIsImRvbWFpbiI6Ii5vcmVnb25saXZlLmNvbSIsInRpbWUiOjE2OTIzMzUwNDIxMjF9
.oregonlive.com/ Name: _pctx
Value: %7Bu%7DN4IgrgzgpgThIC4B2YA2qA05owMoBcBDfSREQpAeyRCwgEt8oBJAE0RXQF8g
.oregonlive.com/ Name: xbc
Value: %7Bkpex%7Doo4OG9i2nMBBqU-Wg0mNwSE0JbVafgNim2x3CxR2cdnbA8_xTJKY90cBhIyv-gX-Q9jYjh2sKN_NTS0mKUXMsouW0xCjpFTLYOzMU147MWASvloyc_zrjZPIPgMY9dLhrRgP1J-PDfVF5eJyXrQw-YPc11X9YAdwSZzV4XgFwrlN7AvG7dnoGdRrabw334wqc31NSW-J9_ZAQWC5ADYwpBDBTdk3ui7O8B2oWtDIRD7817BA7W7qrVC5YNIxm3Zqj94VM0q-eS8rtpAEWuf7QpGDrd5j67sloZZh55fM40rV-fJJsYpEunap0ISkHpy3Ygz3SvIYYyu6AYOAzInMG7g5VgahoWKNQgPFTnzm5tvKp9L0Kh05FE-ZHbWbLMs6T39MSu3xFTgKrYvIfJQoBXpn3sFoeUwFVzHi5LEv30eUXk69Ej-OhXJehqk1KAnheJUJnobMoHfhRS0BcowJf3HUw4m_9I77Ut9Vo9GoZojhDPRe5BiVw7X4zLXOQ778-LskccpaOP3bdHD1rANwU_Djqxyx1vCo53vwmaVLJ45BmznQ949ZBsALm-rDT4yB15sjGX7u0hqdBeLLqaQQJT6enBX-07R25DjqwyXHbZLqeT5G3e8aYf8GJyZNUePothdIMKWFk2f53SgGQEVAOod8RLPsDe6RQR8qwZnTB1c-HkflYozURmfu5f5rp9dLtMjX9iZAAYbW_Kia_8aj7QN7DWFSo5Crn5vB9QlIiDcfQowyjVmtSKvzktRF_Wq2KNXnhurIrIfZWcoZKxctdt8JjKx9Otl5J69ZyBia-yLXhwWgejae4SMX8AEId-YTV9VfsqWYpQTH0YxNAO26VDJHf7Zuq9h-aIQnnllCgtgamQtLj7AVQlFbNITSEzAu1jcLyzqp-aH-ndy9M8VKdbpafzzdqaqshDIG5eX1VedfmROdewhXAyoaP0Qf256YuhakwgsMveIHhj2T8eS55a9J3YutqoY2ghpyn8iXudzFxXSgU_JX5KOC4Xqs5Mz2-XIkHsKMT2Rk64FBcvdQ8o2lKNoA36PDpt6TvrsWD0dRslEO9U2FsaqTyFOjuC0VbS1ENsY_tk5GFiBJ_-5Qx4O-TfCG7oST-8u_bphz9Flq-MAPCyJvAC1PIu9MeTF4dzsw5hB3vG_ke6p1whZpu9jWcjX2uDgTv93i1jaXC5Qh6imeLorQqcZfwdswwOLgD1w9-47elR2q8YjJahJ16wwg1YiC3WU-Yq9O6F-irjI
.www.oregonlive.com/ Name: _pc_sup_support_acq-sup1
Value: 10
.semasio.net/ Name: SEUNCY
Value: 934F23FD2378EBFB
.googleadservices.com/ Name: ar_debug
Value: 1
.pubmatic.com/ Name: DPSync3
Value: 1693526400%3A201_245_226_197%7C1692403200%3A248%7C1692921600%3A164
.analytics.yahoo.com/ Name: IDSYNC
Value: "19cx~2det:18z8~2det"
.rlcdn.com/ Name: pxrc
Value: CML3+6YGEgYIuOsBEAA=
.ads.stickyadstv.com/ Name: UID
Value: 42e4c623bb801e1484f732704e29e096
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-7863576873242556398&KRTB&23339-7863576873242556398
.oregonlive.com/ Name: __li_idex_cache_e30
Value: %7B%7D
www.oregonlive.com/ Name: pbjs_li_nonid
Value: %7B%7D
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-T5JGdZOhWWx9qO_rLbwWkELLcKE&KRTB&23334-T5JGdZOhWWx9qO_rLbwWkELLcKE&KRTB&23417-T5JGdZOhWWx9qO_rLbwWkELLcKE&KRTB&23426-T5JGdZOhWWx9qO_rLbwWkELLcKE
.casalemedia.com/ Name: CMID
Value: ZN77wm-kt8ryulzCHlnBYwAA
.casalemedia.com/ Name: CMPS
Value: 4715
.casalemedia.com/ Name: CMPRO
Value: 4715
.ambientdsp.com/ Name: _aGeoIp
Value: AU-Sydney
.mathtag.com/ Name: uuid
Value: 37a564de-fbc3-4a00-9e7e-2bfe50407375
.gammaplatform.com/ Name: _aGeoIp
Value: MX|Mexico_City
.gammaplatform.com/ Name: _aUID
Value: afej6twsv6tr
.ambientdsp.com/ Name: _aUID
Value: 118o1bwworz4
.adform.net/ Name: C
Value: 1
.pippio.com/ Name: did
Value: iekAZ82UZ51ABHzS
.pippio.com/ Name: didts
Value: 1692335043
.pippio.com/ Name: nnls
Value:
.pubmatic.com/ Name: KRTBCOOKIE_1310
Value: 23431-afej6twsv6tr&KRTB&23446-afej6twsv6tr&KRTB&23465-afej6twsv6tr
.pubmatic.com/ Name: KRTBCOOKIE_1290
Value: 23368-118o1bwworz4
.quantserve.com/ Name: mc
Value: 64defbc3-54f44-17ca6-ebc59
.adform.net/ Name: uid
Value: 1908309046779791046
.media.net/ Name: visitor-id
Value: 3353366432889778000V10
.turn.com/ Name: uid
Value: 3716523809623638564
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-MgzvSGJa6B4pDb9LMAymHDNb6hspXelOMQHlTC5E&KRTB&19420-MgzvSGJa6B4pDb9LMAymHDNb6hspXelOMQHlTC5E&KRTB&22979-MgzvSGJa6B4pDb9LMAymHDNb6hspXelOMQHlTC5E&KRTB&23403-MgzvSGJa6B4pDb9LMAymHDNb6hspXelOMQHlTC5E
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZN77wwAJZreGIgAN
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-3716523809623638564&KRTB&23150-3716523809623638564
.pippio.com/ Name: pxrc
Value: CMP3+6YGEgQIAhAAEgYI7OsBEAA=
.mfadsrvr.com/ Name: ssh
Value: !medianet,1692335043!taboola,1692335040
.id5-sync.com/ Name: id5
Value: 20ed9d8a-e4ac-782f-8bf5-e5d2c757b0a1#1692335039745#4
.quantserve.com/ Name: d
Value: EJABEgHeKfijD9r7EA
.media.net/ Name: data-c
Value: 00ba0101-218e-463a-b0f2-54fd1550533a~~1
.media.net/ Name: data-c-ts
Value: 1692335043
.media.net/ Name: data-mf
Value: b891cd1a-f4d0-4056-8fe1-6a338fe37346~~1
.linksynergy.com/ Name: rmuid
Value: a0a6e585-e542-4f7b-8599-bf6bda753f75
.linksynergy.com/ Name: icts
Value: 2023-08-18T05:04:04Z
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNrQ0NzcxNjKwNDY2tzA0sjAwNRfiM9QtDcxJTnJ1ycg29Y0EADCXsv8lAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNrQ0NzcxNjKwNDY2tzA0sjAwNRfiM9QtDcxJTnJ1ycg29Y0EADCXsv8lAAAA
.w55c.net/ Name: wfivefivec
Value: EPncLZo91QwREw5
.csync.loopme.me/ Name: viewer_token
Value: f3a24a65-2fb7-4df6-8a6e-a73cc0302135
.media.net/ Name: data-bs
Value: 85d455f1-a9cd-401c-b4a8-2f85f780b33b~~1
.rlcdn.com/ Name: rlas3
Value: dNc6jbcXoa9y9zWh5oLBXNPTZksCUKRNdTcWE8Irhmk=
.w55c.net/ Name: matchmedianet
Value: 5
.media.net/ Name: data-rk
Value: 1977432093378128057~~8
.creativecdn.com/ Name: u
Value: kbhJOymLa2OtKuhbL3so
.creativecdn.com/ Name: ts
Value: 1692335044
.zemanta.com/ Name: zuid
Value: 53I2OPE7Joc9Vv-EHxBm
.media.net/ Name: data-ttd
Value: 8b999cfa-351b-4b8b-9198-9c822931a478~~1
.media.net/ Name: data-g
Value: CAESEG-HGEgg_t0nFKFow_rQB3I~~8
.media.net/ Name: data-xu
Value: EPncLZo91QwREw5~~8
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-bf7e7654-3a31-4510-adb4-9e67b63e59de-004%22%7D
.ads.stickyadstv.com/ Name: pxId
Value: 1425
.media.net/ Name: data-rbh
Value: kbhJOymLa2OtKuhbL3so~~1
.media.net/ Name: data-co
Value: AAAJrVUv6KOD8QM6wH7KAAAAAAA~~8
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 3
.pubmatic.com/ Name: pi
Value: 159879:4
.pubmatic.com/ Name: SyncRTB3
Value: 1692921600%3A2_15_223%7C1693180800%3A63%7C1693612800%3A35%7C1693526400%3A56_254_214_21_233_209_264_3_96_8_71_220_247_22_107_13_54
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-bf7e7654-3a31-4510-adb4-9e67b63e59de-004%22%7D
.rubiconproject.com/ Name: audit
Value: 1|4uTvZtGYmXp8zFS9nMxJLzJU3RnXR7mhfqJNygy0XwD6DZ3dTM5nwcLGB+hVrX9wanhtMiDE2f5CqQ3+tQhlLHMDvubSxZCGZ60cWpGl5GR/GuxdKCOxK0p6V9Sqzm2l/Vtt7hKIOSQ=
.media.net/ Name: data-r1
Value: RX-bf7e7654-3a31-4510-adb4-9e67b63e59de-004~~8
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-1908309046779791046&KRTB&23263-1908309046779791046&KRTB&23481-1908309046779791046
.ctnsnet.com/ Name: cid_57005a7695b446b5853cb83e8d4b03e1
Value: 1
.ctnsnet.com/ Name: cid_7665fa5896fc4041a02edd47b9750c21
Value: 1
.pubmatic.com/ Name: PugT
Value: 1692335046
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAJrVUv6KOElwMjFL35AAAAAAA&KRTB&22713-AAAJrVUv6KOElwMjFL35AAAAAAA&KRTB&22715-AAAJrVUv6KOElwMjFL35AAAAAAA
.c.appier.net/ Name: _auid
Value: yozjjDr8BI6V_7FNxvveZA
.pubmatic.com/ Name: KRTBCOOKIE_1159
Value: 23138-7665fa5896fc4041a02edd47b9750c21&KRTB&23328-7665fa5896fc4041a02edd47b9750c21&KRTB&23427-7665fa5896fc4041a02edd47b9750c21&KRTB&23445-7665fa5896fc4041a02edd47b9750c21
.pubmatic.com/ Name: KRTBCOOKIE_904
Value: 16787-yozjjDr8BI6V_7FNxvveZA
.dotomi.com/ Name: DotomiTest
Value: 2141ce61f1162281
.fwmrm.net/ Name: _uid
Value: "w8a9c_7268523676445433364"
.id5-sync.com/ Name: 3pi
Value: 464#1692335040253#-2004026333#03c40802-bf26-4dca-babc-6267fa98b8c5-tuctbd8813c|112#1692335042352#-964804890#934F23FD2378EBFB|2#1692335044476#-1404652658#7863576873242556398|3#1692335043322#1293669950#37a564de-fbc3-4a00-9e7e-2bfe50407375|822#1692335046913#277734240|264#1692335044939#1692711482#8b999cfa-351b-4b8b-9198-9c822931a478|10#1692335045522#-2130688458#1908309046779791046|108#1692335043924#-419109010|285#1692335046077#-1614469647#LLG4L5CG-H-2N2O
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.oregonlive.com/ Name: _ml_id
Value: b6882e90c4294ffd.1692335037.1.1692335047.1692335037
.adsrvr.org/ Name: TDCPM
Value: CAESFwoIcHVibWF0aWMSCwj6z9aL0uyPPBAFEhYKB3J1Ymljb24SCwja0r-P0uyPPBAFEhQKBXRhcGFkEgsIsJWXk9LsjzwQBRIVCgZjYXNhbGUSCwjA0NCv0uyPPBAFGAEgASgCMgsIur2YgensjzwQBTgBWglzdGlja3lhZHNgAg..
.pubmatic.com/ Name: SPugT
Value: 1692335047
.bidr.io/ Name: bito
Value: AAEUCU7JvfgAACRKRN-VbQ
.bidr.io/ Name: bitoIsSecure
Value: ok
.www.oregonlive.com/ Name: RT
Value: "z=1&dm=www.oregonlive.com&si=90835bce-2a33-4f6c-8337-d5337ba83b18&ss=llg4kyki&sl=1&tt=iu7&rl=1&ld=iu8"

6 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-form-factor'.
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
security error URL: https://234794022749f960a58f52c6b5002407.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15)
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/18337494240101138432/index.html".
network error URL: https://ih.adscale.de/su?gdpr=0&gdpr_consent=&tpid=22688&cburl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstroerrtbeur-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__STROEER_USER_ID__
Message:
Failed to load resource: the server responded with a status of 500 ()
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=115
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

234794022749f960a58f52c6b5002407.safeframe.googlesyndication.com
a.teads.tv
a051.oregonlive.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
accounts.google.com
ad.turn.com
ads.pubmatic.com
ads.rubiconproject.com
ads.stickyadstv.com
advancelocal.blueconic.net
ak.sail-horizon.com
alb.reddit.com
ampcid.google.com
ampcid.google.com.au
analytics.twitter.com
api-v3.tinypass.com
api.rlcdn.com
api.sail-personalize.com
app.matheranalytics.com
apps.sophi.io
assoc-na.associates-amazon.com
at.teads.tv
ats-wrapper.privacymanager.io
b1sync.zemanta.com
bcp.crwdcntrl.net
bh.contextweb.com
buy.tinypass.com
c.amazon-adsystem.com
c.go-mpulse.net
c1.adform.net
c2.piano.io
c21lg-d.media.net
cdn-ima.33across.com
cdn-magiclinks.trackonomics.net
cdn.cookielaw.org
cdn.id5-sync.com
cdn.indexww.com
cdn.keywee.co
cdn.linkedin.oribi.io
cdn.parsely.com
cdn.prod.uidapi.com
cdn.sophi.io
cdn.stickyadstv.com
cdn.taboola.com
cdn.tinypass.com
cdnjs.cloudflare.com
cds.taboola.com
ce.lijit.com
ch-match.taboola.com
ch-trc-events.taboola.com
ch-vid-events.taboola.com
ch-wf.taboola.com
check.analytics.rlcdn.com
cm-supply-web.gammaplatform.com
cm.ambientdsp.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
contextual.media.net
cr-p3.ladsp.com
creativecdn.com
cs.media.net
csync.loopme.me
d1z2jf7jlzjs58.cloudfront.net
dis.criteo.com
display.bidder.taboola.com
dmp.adblade.com
dsp.nrich.ai
dsum-sec.casalemedia.com
dsum.casalemedia.com
ead.oregonlive.com
eb2.3lift.com
ecollector-us-east.sophi.io
esp.rtbhouse.com
eus.rubiconproject.com
exchange.postrelease.com
experience.tinypass.com
fastlane.rubiconproject.com
fonts.advance.net
geo.privacymanager.io
geolocation.onetrust.com
gocm.c.appier.net
google-bidout-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
hbx.media.net
htlb.casalemedia.com
ib.adnxs.com
id.rlcdn.com
id5-sync.com
idsync.rlcdn.com
idx.liadm.com
ih.adscale.de
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
images.taboola.com
imprchmp.taboola.com
inmobi-match.dotomi.com
inv-nets.admixer.net
invstatic101.creativecdn.com
ipac.ctnsnet.com
jadserve.postrelease.com
jp-u.openx.net
js-sec.indexww.com
js.matheranalytics.com
lb.eu-1-id5-sync.com
lexicon.33across.com
match.adsrvr.org
match.prod.bidr.io
match.taboola.com
medianet-match.dotomi.com
micro.rubiconproject.com
ml314.com
news.google.com
oa.openxcdn.net
oajs.openx.net
optimized-by.rubiconproject.com
p.rfihub.com
p.skimresources.com
p1.parsely.com
pagead2.googlesyndication.com
pippio.com
pips.taboola.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.keywee.co
pixel.rubiconproject.com
pixel.tapad.com
play.google.com
pm-widget.taboola.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-a.rubiconproject.com
prebid.media.net
privacy.crwdcntrl.net
pubmatic-match.dotomi.com
px.ads.linkedin.com
px.moatads.com
r.skimresources.com
rp.liadm.com
rtb-csync.smartadserver.com
rtb.mfadsrvr.com
s.amazon-adsystem.com
s.go-mpulse.net
s.ntv.io
s.skimresources.com
satisfycork.com
sb.scorecardresearch.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
snap.licdn.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.ads-twitter.com
static.adsafeprotected.com
static.advance.net
stats.g.doubleclick.net
sync-dsp.ad-m.asia
sync-t1.taboola.com
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.mathtag.com
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
t.adx.opera.com
t.co
t.skimresources.com
tag.targeting.unrulymedia.com
tags.bluekai.com
tags.crwdcntrl.net
tags.rd.linksynergy.com
tg.socdm.com
thrtle.com
token.rubiconproject.com
tpc.googlesyndication.com
trace.mediago.io
trc.taboola.com
trx-hub.com
u.openx.net
uipapac.semasio.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
vidanalytics.taboola.com
video-ads.rubiconproject.com
vidstat.taboola.com
vidstatb.taboola.com
wf.taboola.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.i.matheranalytics.com
www.linkedin.com
www.oregonlive.com
www.redditstatic.com
x.bidswitch.net
z-na.associates-amazon.com
z.moatads.com
cdn.stickyadstv.com
display.bidder.taboola.com
exchange.postrelease.com
fastlane.rubiconproject.com
lexicon.33across.com
match.prod.bidr.io
vidanalytics.taboola.com
103.229.10.180
103.229.206.241
103.43.90.54
104.16.240.21
104.17.182.177
104.17.183.177
104.17.25.14
104.18.11.47
104.18.170.114
104.18.24.185
104.18.25.112
104.18.29.38
104.22.53.86
104.244.42.195
104.244.42.69
104.69.166.9
104.83.196.24
104.89.118.131
107.178.250.234
107.178.254.65
119.9.108.191
124.146.215.50
13.107.42.14
13.224.249.34
13.224.249.98
13.227.249.127
13.227.254.75
13.227.254.80
13.227.255.71
13.228.126.19
13.250.69.77
13.33.88.32
13.33.88.64
13.33.92.130
13.33.96.216
13.35.18.49
139.162.23.100
139.5.84.243
141.226.124.48
141.226.224.32
141.226.229.48
141.95.98.64
142.250.4.139
142.250.4.84
142.251.12.102
146.0.227.110
151.101.108.157
151.101.193.140
151.101.194.133
151.101.194.49
151.101.65.140
151.101.65.44
151.101.66.133
151.139.128.10
157.240.235.1
157.240.235.35
162.19.138.116
172.217.194.102
172.217.194.154
172.217.194.155
172.217.194.157
18.138.18.111
18.139.77.230
18.155.66.79
18.155.68.125
18.155.68.32
18.155.68.88
182.161.73.136
182.161.73.146
184.51.136.140
184.51.137.72
184.51.138.68
184.51.240.213
184.51.241.170
184.51.241.81
185.184.8.90
185.84.60.20
198.8.71.130
207.65.33.76
207.65.33.78
207.65.33.82
209.191.163.208
220.150.223.50
23.106.127.165
23.106.127.39
23.36.48.24
23.76.212.194
23.76.217.151
23.76.223.160
3.120.23.80
3.222.18.142
3.33.220.150
34.102.146.192
34.107.148.139
34.111.113.62
34.111.234.236
34.120.135.53
34.120.155.137
34.160.169.226
34.199.73.116
34.206.250.88
34.83.125.63
34.96.70.87
34.98.64.218
34.98.67.3
35.158.65.41
35.186.154.107
35.186.193.173
35.186.255.72
35.190.39.111
35.190.59.101
35.190.60.146
35.190.91.160
35.201.67.47
35.208.249.213
35.213.12.39
35.214.148.104
35.244.159.8
35.71.130.31
42.99.140.176
42.99.140.177
42.99.140.192
44.215.116.28
50.116.239.135
50.57.31.206
51.68.39.188
52.1.99.83
52.223.2.229
52.46.130.91
52.55.0.114
52.71.184.108
52.74.67.35
52.76.217.203
52.84.251.112
52.84.251.128
52.84.251.129
52.84.251.44
52.84.251.52
52.84.251.74
52.84.251.94
52.95.115.196
54.149.208.24
54.169.66.86
54.64.50.102
54.87.117.119
54.88.250.216
63.34.81.234
64.233.170.132
64.233.170.154
64.74.236.191
67.199.150.81
67.199.150.86
69.173.158.64
74.118.186.106
74.118.186.107
74.125.130.154
74.125.130.155
74.125.200.101
74.125.24.132
74.125.68.139
74.125.68.156
74.125.68.94
74.125.68.97
74.125.68.99
74.214.196.131
8.43.72.97
82.145.213.8
89.207.22.105
96.17.188.24
96.17.190.68
98.98.134.243
99.83.154.140
0043eab00893c94eda0188c1771212fa934b755f7d7e4a325d2085426084979b
01f15425e65ab41c7510bc5108cdd9c76928488fe6463e24e8b3f25e26f3dba3
01fd9c87ffa9fb58c3fb0467e6ec1f5a7ffbf5d7295c7b65d7279d15f2c8c1f5
025e3bee82d067a6dc7c93d3458425c3c64417ddf0937d16001be40ca9c70fdb
025e4422eb9dfd019608fd72ccbdfdfbb6212ad35b28d4754b6a0f83ce72ecd8
04142857a43c3bf04f03b182ac95d7a519e9c85ec50f44247edd23f951232d98
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07275140ea3f47293d4f8a51d785a766eb1c94e4ae087f7c60c5bd611328ac86
09df9a62d101d9c0b6db0515d7d5c66378e56135f9eec0759bafd4d8c9728d25
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0a4ab1dd16d5540e47bf0f752df56a0b928bfa95d911e767db1c1a542f93b94a
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b73551c88d4f5b0cc444200144cd27f03b964ede84adeaed07eadfd2cad9d28
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c34dc4de2a524e93b1315788f03ba101b99e22ff50082945e84a00368d73e16
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
0d998f38ddcf4b8763fabd1d755e9411f4bf19e90efbb2ab2ebb316ea3a40a2e
0ddd6223a4ba17c8fdae3468fd6ca65c9efc2a7967c8dc38b4af2323266cf94f
11af697c6177a3d3d7eb75bd52ce0d16b72abd39a3120414f03ec6aa480818dd
11f08bc0ed24c4b85ca08b55c13b3b3aa2ca53f67c6fd98041f05246380c0779
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4
1688c3ca6b072079c18c4247337add064da97faee17a23ec3425bbe1efba5de4
17511c84143c0badb282351d6c240238f1963a73821c468f13bec5eba1711d3b
17e3b4c4f0092cffc0426f5e8dbf54a594ac2ae1a9c90e0bef2c8a900c06bb1a
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
19321dec5dedc43260a72c8d0e06619c6ae9b0ddea7620d355f6f37663da3ed8
19c592819d340656421a0ca296e9564cbfbcb69228f56cef708c529fc16217ad
1a35cf5e4b5ff09bf9fd0740b270d9ce23b8dfb79af554c7ae2e476d190ad8ba
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
1cedd7a6a65f327bfa7dfa176c5d4c63a9f27605ea5de2985fde5cd5a6e5d5c8
1d89405054b0eccfd66baa763bf4781b8dff83824636284b79800ecdc25579f1
1f552d1e06b3c5750ec6d77833864d18c63a360b482b5bb2b15712d37de2f9d7
220f8e3e669171faa9238f7c50ade4aac8ab931226f2d5b9a8290dc4f4572b42
22b95f2e160d8ec135358ce824808f0fe21b7f4dbc59ade7cc46bba981244990
241cc539efeafa635ba1a698f1da28ca0d8ea246fae233b30e27084cad155509
2587c21e92433883573fb9a7d23f3219f7263fb61cc36e0cedc4dec4a3841b6b
267e3a2203571c2cc40b3ac7d7cc77dd00ef3673896af1244df949968280be42
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
269c614f28c2a9470a6f1c3642a1734986a949f9272a0ce52e1c9d7eb888028f
28168f094d3633fec225e7ecd9982c5405b51f2fceae610016b6ec9cc10606a9
28c0e9315f065aa2c5e5be720a9f82a6857298b3cb087ab5ef21357a90536629
293375f65666d51bd1356489abafa609e5a47750829b0956ae23ea60a47a60b3
2ab287922952332e11c86964b99d9b82bab8f35f3ab95dd32f13be8e06618342
2cde01f5fc4501e4c4f2c58e784d5929a2572895e30ba2b6ae5d7cdcc21727e4
2d199b9d8dc7886837cbfd12c9e8ddae7e28f5c375d564b31bf732a320921435
2dee998e7045ad38a6895ce9f809d4dbbc5b8eb144e12af9f63db2d1cb4be43d
2f46926d81be4472495e6dc6a8789d7fc9ffb6acb270b4f6462720e0332fe718
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30e382a9546c4b436b0568f463e7c3274696c3c59f7aa871af91a33a967f05c4
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
322f142ce35a13ac012bf711dc8cbeaceb71ec8412210b78d35551400e901c33
344e8bfea508c8509165fc8c6db29afcdd520eb7923da25ea779ea8eca13a144
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
36af4d6b8a43be75eed0817eb25ec5058491035a2f4f5d75099a42bd78f781c3
385a7f805b688c9ffe8b59f1e96d9dca64274e928538ddf9e302f96551288f54
38759ef6c32f7fc3c68248fea58e28b5a668a734717b0a7d18f96a0a1c5edb9a
38903147ff1e9dc2a0bbcaca21cf98dae4cb131964fe3e5f33fd04275736ce2f
392c32f20b9f867852a946a6ed1c5e21476df9619083548b6585d80a3b5f9bd4
3b2ce9e63a7f14001e6af32ad0d3b19b045b916cf8073180d25688e4b3f49e40
3bde72d856094eb6cdb54bd6cbf29d59beb9db4fdbdb71aa5aa117ac191c3729
3bec1012d3091b091867c9f622919256f69bcab4fb67256768fb8d9788796fe5
3c249668dec724dea6b993109ec75d09f5370a49616af3f625e752cf6cd280c7
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3e85b40ae2d4eab5be9eb53afdacfc84a9055c5f4bc7e5465a3e9eb156c55761
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f5684bf5aa4a6eb5c9015394c8739dff39377a73adf72c30ba511d0ab5b50f3
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4148184b349e7b92ef422b4df626288f7ac44b983d314c7abb554c2e33009656
41fd4ed5ad93e39cd84d043e905e66e3bbb9dbb50cf2d7bbf68bfeef79f3d3cc
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
42e8aa892f98807c2b3f49f7c83002b605e357c9463e8a3fbaeffa805fae5bcc
4302184dc2fbb5a79ca1d4aff202b3765ca02b66a143330d9b8cda00e8373ad4
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44026785039df91c14b8c331292992e1fd71a23acdd5cb09c40d12d1c8e8aaac
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44499c8739ee606153376700597887f6713fca2575fd495ae61b3a82199fbb59
456929f1221605ea8ed04cd419a22b4aa55a2bfae080cdd05c7153edbf30dbe4
464b98e4ec83bb60ad92bd76656277037d3548e44a7d1dcddec0c0a41ada20e6
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48c6ea174abc24e9f56e4e0045b195f5613da652d7f07f9ff4cee808195407ff
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68
4a248eb901ca3fd75fdecde541e943663591b4c373d9c085883430cd914b2a4b
4a7d32c035ab85e9ac6bb5771e94299170e2e48288c27238266fa7605abef34c
4db37df55d8f1152c4cc550d1696cfbf7923f4e608a621dc8550b7ebfca83095
4def2d299d9f9eede33180e33f85280a37054c22f3d8bf30d23a998a673939e0
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f2b7e987474183ea3293084c5069b7a5227876ed8fa10da3dd3588ee7124c16
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
508da22ff3d9e76f83cb4dd8a6f5c5847ab04308db07e62e6cf08166aac39de4
526a1267222b3951287feaa4c98724477d2e76fa55ddef05605e8a58b2348f0c
52ca34fc9c273f71d2fcc93c8adda31b925f19d6cb87f64ab722d933ffdd5ccf
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
54e623589f5260a5167aafd289740f8aae40ebe6e0d6afe29d28459edb5a4718
552132f88cda8929d4deb1a1ed94c5c6925bf0ed4ec4d415be468a9b0fa17d29
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c81a7b937e08efd7a2e132ddd1fa10c4bb58dcb007f4fe2057ced072b4565e9
5c9dd509a6429abe870804c9489b70278a3534ef1ba4de22df3c477185ab8cb1
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5f05b942929ab03b8d85d83edf23bdd24aa08525250ac258ab7d336a59a7c218
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
6066054d8669e8ca3c9a1ca53af6b3e80dba9361b59f023c82d7b55542b36fb0
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6208aa8234effa94de37dda48574079a60783ea01992b2a27b97f14ee8bed3ac
62b28569a733e072413ed1649ad9fd346e6fa5ee81327522c04dcc409606fc77
62c7189df0974cf0f7bf3d4d02c2d6524639299a7e6a09af250b23004b8f7eef
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27
66028c1458cf7bcb617906fe419b0d01681c847f1db3161974e1ff5f0564bb46
6628b3a60520f7ec8056077154ef2054a337a4e041870018fbfbb2db315c3643
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
66fd57ba72d90085943ad028bb0a99da56ab6daba1a9030929e9504dc8ec12b7
67b40be10ffac90397c104e864d8a6ea43a9f59a441e0576fbf2b16edeea045e
68b5df8a16ee7bbfd4789f8533b7f9882f9095625a8be1f56e352bc10710484d
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6ad04d031b0adba5cdcdc39cfef05f9354e5338fc5f11bfc9e5d1fa1cca41165
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6b87f5f5372a30b741f7f44fff4b0f7743fc948ba7ac1ff8c79dd7f766f18a91
6cc55bf38b57597421b687481531ca4ce960a990f0f2e238635917b0b6420ec1
6dac963ce4b6ea77a29e061f58a5e72b6e16d651dba939be7c3db8761d1fc588
6e91aaec2cb3510b97bb0655abdb08942dbefd617b169d0cd97b23fc48e68b2b
6fa8b9c20d5c4f5711f76f4f4adafafc90e8f89bac2c7b3dfc2c7e63abb55d21
6ff6cf159d19b9bbe64d44941f6f49ef7fa23656d723acac0eb88070e810d5e4
702c805fec65a8cc8c6c40aed34123b021e5ed6107cc6dfdebc4b0fc2e229887
70c0b487552a9a2ea102ed22ae505177c567320390f5136bcef5dd56d48d4f02
71383f87532f79ffe7e588d036b02b521f8a6aabcfd55112bbd9e57a817ec48e
71677a8f1b88554661c2f0a5c7ab260c86e846af1b29c2556d54306f56502c23
71a904ba726ae38a8aa08425bae824e9850452b5c41a182bdc526a139ba3a9bc
71d07479f4b2b809e5769a352f4f55b84690289026ace7ed5395230002551a11
735dee2b2dfd8f5f809fddc1a5319d4bff8686e2661638d2da319d693732bc24
783dd38b44818150ed3d1bac0f1ebff6e6ad671834ad1e4005705ad05a5b7c50
789228062659fc3c5412265a5a836b6c4d79b2ccde24f14952bc7409a267938b
78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7a0abeb2041ae8220bd3d9bc68112383f9a03ab13379db7700834ab98d96e2d9
7a59bc58f3abfde16caeba6a66571f474a48a4e6b70f4f78fb4e2ec77cbc33b4
7a7ef17f65809541b5bad510a5e5c9f420db4e0c85c6a7a5a71e12548cd613e2
7adfac299561b9d5ab03c88e9d582cf76bd31746a4c0564d7d0d428199c943df
7affa24bb93ebbf4c5ede18554378aac1d3483793bf4820887e8b67a8564cac6
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7b48a74fa0f94d83ae6d60c772f5e7aa66e7be1b63ccf223ca14e34d3d7b0d22
7c9bc2f87d1979394f62c69d6ebeb2ff4156ce5db46d5ee555c549a45a14d75c
7e4c31f162892bc4786ca720fd465e5006849710cbef9e2d2aa41bd44d70c472
7e8e0dd52fdad574552c3e7f492becb949de12a2936ddae55844807b3e80e90d
7eee9e000aaabdab2fc4d8b5d7ed31a4253269f090b7be4dca7b3cb0398f2b63
7ff100c907d85bc5b7503e7a88c0a7f256ed2561ee431ffc10fcd7cce517c321
80aef8ca7c0f2e0384b4862dc03f1f4222d61f4179a7031a2180530722db8142
81d96c2c7c2e932a708503820d985a2cec124fb641787b758321ffae78359ce8
81f033d5ee2c8d5d5933e4ad5ef80dbfc94e84fc10c50ee249409d123d27090c
821da8af52f9abd6ed4c5148caee6e2cf2188c9ca01a0008a5a1ce789ce7d99b
822f125136158e6ef24c9a40e7f1fadeba25134851f886e64cd3b6b1abb5dcdf
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
837542c6b69f567cd30739d8999c27f9baada489ea0b869ee8c08c3803a6209f
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec
8528e02fda02ad87cc57314ab89b129461491c72d6bd420b203a682e77d16508
86f4b6a06dff4c2a7c1b01df3818d7aad96bfdbe119f51b154b17b429fd9e0c9
87508a160ad090c4ed36da45d17e48081fae6ee2322896211021cbea380eff93
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335
8ae5b95f24ba3bf0fa5b9b21ffca4ef8a683558ae0a4985abf835f7b71ad0579
8c67d47496a8af1f4c99a350ababf131661cf111a02460c5e9f6d9539db481c3
8da6cd8ebb2600b722aa58f0c47d111b68c2434f69fa30f686fad807a4734cb8
8dbcfe068ad41e21ad7d62745c57ac57c8b7b8caea4ae34ba1ecf9f69baa983e
903ee23b93448e89e41f40bf1ebee58df051d8efb5357f9c2464f51a00be88a3
924e4b297681729162fa238a756db89acf5a1dc0cd23c1204c9a4e4407493822
9398edfa28dac0c90cea66920419165ae96516c589301ef44a09bcf955daf10f
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
959568437a1894bc414600b65e4a3e7f5971e3b5768f8b589650ae99caf8e658
95d826b95c5c75cd83c684dc0fc903cb46275baf257d3821a9349939820a4370
95fcbcaba1f4023d3aea0e4be65673dcd6ee4487cad14b4478e75f29395ab921
9685145fc6691742536e349a2953828a84fd729012f34f00cb09b8a26f713b6f
98036df49f6a65b8ef0e50a001670d30ded9001cb6065ce39597dfd9bc9719f8
989e7134f8b722c049f5553bf85347c9052fe40f7c35915f7d18a348ed4de84b
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98c4cca1205b8a44c4680d22d824c9f004ac1bd61ebfbc1d1ca9dde5e196b964
98c69a3ac88cafb2ca315cfd4e63d9469304247d1c685471f0ad8d8c93004dd4
995bdec44ae607147a98afd2ac56e83666b266d7db6fffe9c11a18473c9fc9c1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99cb275d093bb93c11e635851806ba83ef96f076ab4845fb0355dd475b05d2c1
99f0ad92fcdab1d2820c5e230e10d85252191371102b0d6e50d36ed300d3aaaf
9a2fec935a49dc9b8c69a9867c1762ef4e5d56b52e52b62c70a1fd09b9e67a1d
9a36f13f90ae793f02dc53361f1ed74d0f650daf39db37077bcb5eadd9d1871a
9b230ec1c2023e587cb759104d9173050e4d35fade4afb59993bff57cba41a6e
9c1a3cf6c5fae33a0a2b627a9785b585148970346adbbcc204a4519d05f9a089
9c68b2aacc269439681b9a0d2624d2473595c07e5a2500f191b9517f6a2aac24
9c7e1a4a30f544ac8e5d083f9b9e56d1622186b246bb92bc00d05f0440fc2e47
9d502c34537154b36a83ce2118728102928b1fefc504781787c7d7ce4e6e04eb
9dc153af8e590cd9335969119d0584ff72d6a7536a6ca4966589c37314dc2d54
9e3c7bdc4bfffb58a973062aabf808691f7603416290254b76161cab69952053
9ead871d27f3a0d803f4d6139feb2f2694d3a26c54fd6734f789a06aad0f5303
9ed6388d56fc9f2044791e0559ab4a283381791e359dc2981449955e702de56d
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0c439ee8ceda8ae40446e35eacce09e18f1acf2a09c6252bf93963ddae99253
a108a097da0f3e4c055bc99083a70eed104a8eebad12f65f0464c08c314a5f78
a1b7d071e72234d7479182d42e905ce27a8d372a4961d2f402974d4f58da7e81
a49a954fe04fadea42f0b26580f50540681708f79467b95e7112957283a76d12
a4d450d9f67e06c84c82a9a8c58cfc96fd91795b935201dace82e858732ddea6
a5878621832cf32209ecdacfda8d63767e4badffacc1903afc06f76a4d1141c5
a5ec5adf72c74f642a5177202ef1d351e246230382245ad88825430e6b20cedd
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a69bd03902a192069b0da5ab6dfa0716ae471768a27169daeca4d4862d15070e
a6af62ed047986e026099c3a3ba5135a44e07b3f4f5b84fc4a1ba62ee8b3daed
a87ef79face3a1a1e6562ef5e6c1c180aa81d286778b8b64b668bb7562aabb7f
a93dedd108ae410c46fc75f617609e111581aa7f90720c27ceb5206313758adc
a9aca50019231f85f469a5e0019bf363b41b9886b238a44bb1fe837ca4408da1
aa56a655b6cb77a3c0035819033d02970bba3770850f506e8d61163098ab63a0
abb22177c1f36f82f451ba3b46fd96e4bc0f5b5ad510b15b4d5ec37fc1e9b7f8
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ae4e52f4c497bbc27536b4231a0536cec084aa99d8416184978a8ed6e009d04d
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
b3aa13b4625e73e1443b06c7c203c44c6481d4b663e599f61f2e7edcaab4e178
b460d56dd27b62df333537db25d28e7e5ace33535bf4c7d7d767bdbc687a8dd9
b4893d8c39500f7135b6a34250844d957452ff63d7cf6fbbd6f3afa858b6454e
b5ce50f9a3f94ce9b73fa9a01dc76f2ec8a2ac9c5d4dbaa50db0bcf6fdf21311
b97b49ee323dbccf9a13f15fa3d93188d01681652d52b1ed40ad00c32dfb0513
b9af43d6ace43da63cb76a61b1a0f1c3c00c779fd5b0c98d64e974a45d7d9ef5
b9afeb90db17ffa772a8bbc38f8ae37524ac4c0660dfc228f528cfe36a38d53d
b9f7230a2e07d0f3bcae9b22155a91cb0323bb0dc646d8b6b52a147aead1956c
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bba5cf4bf97f335423ef8083a04d8810370b013c18a623e2aec413075ef82ddc
bc5e1ee4f91ea77550405f603f1031ee4d94d7b37507716478c45275be2696ca
bd2009edb077da99506f61f25109dfd7bfc6eb763059554fdbd90a8f37185a67
beee485eb4cd26ff40efb272d8899ea615a5eaa57f86201a7545c73d75a12eee
c002b1b4f4aacc0c7e2bf806a9efa9263fb5f34826500f0ffb0417238cc7cceb
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7
c13e730af67227371b6b25dbbb6a6f8f1ea677a98e54d4e09ca1486a7d5417a2
c1c2bd2ed95c1ebd589622dbefa12e70745c9cf41e360af9a1549b852b9af297
c1e9510079704b81b083e51700f25a88ddd444272ae498f3b5cd06deb164bfd1
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c25ce818c3c2ab4992bc0b61a60d1822f239a638af59ad63ed2fe2028e3037f8
c364549868409832a77c42223b49a727ec7e8076ff64089043dc1fed0d5ade1d
c462d460eab61de19f36cc384c99666e5bf65eaeba0c12b8f594c5410c01f220
c6dc0f5dee2a67da2df69cadfd63e71250d0112515dc45213917f6ae66293b25
c93f5ea04ed8fed4aaccc962902a3b6b17b68aa591b65c590cc69c6ca48a8a30
c942cb01ca7d8956086518f0315ac0be0374cb0f0a38ffe67a52bc4ae7ff5f6f
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cbea665491448a9bf4ddfe678460ac9ff9773ce5cf9f5b71b2f49e72bf5cfdff
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
ce535d31146840e941ece690cc900e63d75ab73c199cfde4702c413b73f0528c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d1e32ebab2bdf5ce44bbafbc57e6788f5eb0c9ae6b0d499f5038bfa8147a3c51
d29d84e698eb10452f97d8a6f249b73496beb844cef58e920e3832bd321d64a2
d2b28582d25b3aa38daf12c501c7abc9297ae74d035ee343941f0938adec0524
d2b400c65cddf356b9056899cc2e34c1df2964e5437eed73e184634679cbbe77
d33a0d6891aa41d5f9a32d71c5a6ced8a0b817a87ebcfc2c6a37223943bbe2b0
d38e29f69d23c1d50902b89f59c7b777384181f832b1540af2b6482dd79506d7
d55ad3bc35664e6ce9dc3e6a71bb6d3a4c8fddeb6af1a195727c0361ddd92a2e
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
d715b43b2045948f59205ca65b3b6db3e7932a81e88ce0888ec932a5acdae88b
d7a16f294e5c32a2cdeaf6f0964f9029492356bebff4765f5fec6d03781b06a0
d86ce55edee7f570d7fc315f84814e3b1171edef20e3778e10066727092638b9
d916a11c273edc69e2cc3c965ab77bbb3a38144b7e1c32932d30cb438bf0d494
d92c3106afa291abcefd52dd891825af921521fb643b4ce9e432e7d555bba2f8
d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293
daeb21ce50aef0be3424a0b4be2873711521508279e8491676358ee2649136ac
dc92c8999198a51265f009ec6da651581b61a33dcae9f42848c9ce659b6077bd
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df8bf825164bb07b91944cb7cc43bed270db91137b1124dd10d4a348ff7a493f
e102f8fcda630190f1eaccad78339089dbdc4de850ac6bca7bd057db23d36e94
e1132ef1a0e1e66eb253ec8a331ae9b3607499da22a7ed9e4f4a95d07835fd60
e19f6076815240b2afedf8033b0a2ccf200d3851f11df779d05f3c533560504d
e233e12cbd403cd9d72fc958ead1c350d343605eaec4d350df6f6faac7d66432
e2dbdbfc9ef1ab5a177115fa45531f6229974e37ae5ec6562dc7a8d0208bee62
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ed7e4e5f2f685a1357978a36fa8c08d093af6d741757d0e419cc7c553c8668
e4341ccc70b48e406963707f813f3d598e971029a27356fb0c5f55c3941f0bb9
e5e976e53158e2882bfa3426551172686fa8766efbf520a8a77e8ddcc0b5545c
e6b7fa504c979ce53dc80798978eff98214cbcb20b7db259990c0632b7abe248
e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f
e8a4bb6fa3f1e6e95bd0d99442548109c7c30937d9736d43e962cecdcf2989ea
e93981763fee7adb1384f54134ae21113517f9e80febe5d0d80f01a75eb97e90
ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0
ec140ae8baa4b61226d96beba9277a0072e45b805004b8ea983c5d43402aeb66
eda9564c974e50e218b053250d32a0e164218ed2a8b4a17082e864c69de47802
eed05ab2b5a792fc8baf2c20ba0430528960cad9a7e9750f90d128b6a34b791c
eef57151e6646e4f59ca6a1d749631ee2f89bf4d1b736fb4620b784cedbe0de6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2d55e75b04456881144fc6cbad4d12a2c7e2f0e80b06124cc3a6abfd3b6bcb
ef6386f36977a990405917efa18f589568421f4164e020942c79e3346f374b43
ef990e970b20d0ee4d4b4496db200868a93c9f03470805ce14fd159a1385aec1
f0648e82e4c77d04dac47abdae61b19b9a5adb1890fceb13a6d9e89c04c060a8
f1b8adc02a4d09389f6e34a2bffe3d025063a96cacde18c17e5367053276ff53
f257334231a3307b249e7320fac08e8986be227e22333212e7da5933bcf0bb4e
f2c0130a89d182d2b3f58e2a78f58b5af092f542dd884b3db3539ceba7f6c5b7
f313f3a98f38bc782dd5236c21ec84304979077d76b1ff13a4fd87af20199ce5
f4dbc2eae03ca4226fc3d257599eefc3b4867a581725ae4e1d7845a11f784786
f4dc6984751d8119c3e1f269a2e135838c9b4a56f3fd77bb9e8a6805ab0bf817
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f6e49c08a216275180a3a9599b0a2dad341ce94fc6a7209a134bca201f3922a8
f8051f3eb7b146bdfd1156266a2947c7361e2d9546fa39f4c86cc06d869cd877
fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25
fb0721ad92aff052c96e6a1b2cdb18c25c76041897126c03161c969ac2844804
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fb96947492772b410ca9f76eca5676993ff2106479b70b2b8ab2342035d59cc7
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
ff048888d2deed4fd6b3bb53479d76447f4c7ba23295c9f9d40b095741f3fc2b