urlscan.io logo urlscan.io
SecurityTrails logo

nypost.com Open in urlscan Pro
192.0.66.32  Public Scan

Go To Rescan Add Verdict Report
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Submission: On August 14 via manual from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 236 IPs in 12 countries across 213 domains to perform 1320 HTTP transactions. The main IP is 192.0.66.32, located in San Francisco, United States and belongs to AUTOMATTIC, US. The main domain is nypost.com. The Cisco Umbrella rank of the primary domain is 9522.
TLS certificate: Issued by R3 on July 22nd 2023. Valid for: 3 months.
This is the only time nypost.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
97 192.0.66.32 2635 (AUTOMATTIC)
10 2606:4700::68... 13335 (CLOUDFLAR...)
8 108.139.29.97 16509 (AMAZON-02)
3 9 13.225.63.36 16509 (AMAZON-02)
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 13.35.93.126 16509 (AMAZON-02)
2 44.197.65.5 14618 (AMAZON-AES)
2 2606:4700::68... 13335 (CLOUDFLAR...)
9 2600:141b:13:... 20940 (AKAMAI-ASN1)
2 151.101.66.217 54113 (FASTLY)
3 2600:1901:0:7... 15169 (GOOGLE)
3 2600:9000:26f... ()
2 13.35.93.5 16509 (AMAZON-02)
3 2607:f8b0:400... 15169 (GOOGLE)
1 18.164.131.120 16509 (AMAZON-02)
3 6 2600:9000:21d... 16509 (AMAZON-02)
2 192.0.76.3 2635 (AUTOMATTIC)
1 142.250.80.66 15169 (GOOGLE)
1 192.0.66.184 2635 (AUTOMATTIC)
8 2607:f8b0:400... 15169 (GOOGLE)
2 11 184.24.36.23 16625 (AKAMAI-AS)
4 108.138.128.91 16509 (AMAZON-02)
31 18.173.219.66 ()
2 18.164.116.114 16509 (AMAZON-02)
1 13.225.223.23 16509 (AMAZON-02)
3 6 18.164.96.43 16509 (AMAZON-02)
2 151.139.128.10 20446 (STACKPATH...)
17 2a04:4e42::626 54113 (FASTLY)
15 2607:f8b0:400... 15169 (GOOGLE)
1 18.164.101.60 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
1 2600:9000:23c... 16509 (AMAZON-02)
3 130.211.23.194 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
4 142.251.40.166 15169 (GOOGLE)
2 2600:9000:23c... 16509 (AMAZON-02)
1 2a03:2880:f11... 32934 (FACEBOOK)
1 152.199.5.228 15133 (EDGECAST)
2 2607:f8b0:400... 15169 (GOOGLE)
1 54.144.144.142 14618 (AMAZON-AES)
8 2607:f8b0:400... 15169 (GOOGLE)
3 108.138.107.138 16509 (AMAZON-02)
1 34.120.253.250 396982 (GOOGLE-CL...)
1 108.139.29.120 16509 (AMAZON-02)
1 54.165.119.46 14618 (AMAZON-AES)
27 23.220.189.76 16625 (AKAMAI-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
13 54.230.163.92 16509 (AMAZON-02)
14 2607:f8b0:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 54.210.73.124 14618 (AMAZON-AES)
2 52.205.55.225 14618 (AMAZON-AES)
1 34.110.220.19 396982 (GOOGLE-CL...)
3 34.107.148.139 396982 (GOOGLE-CL...)
1 13.226.34.38 16509 (AMAZON-02)
3 13.225.63.91 16509 (AMAZON-02)
2 13.225.63.10 16509 (AMAZON-02)
2 34.102.180.215 396982 (GOOGLE-CL...)
21 18.164.96.22 16509 (AMAZON-02)
2 199.127.204.162 26120 (RHYTHMONE)
21 31 68.67.160.132 29990 (ASN-APPNEX)
3 35.207.44.74 15169 (GOOGLE)
9 69.173.151.96 26667 (RUBICONPR...)
3 104.18.24.185 13335 (CLOUDFLAR...)
4 54.84.197.253 14618 (AMAZON-AES)
7 108.139.54.32 16509 (AMAZON-02)
7 34.98.72.95 396982 (GOOGLE-CL...)
2 18.164.96.8 16509 (AMAZON-02)
3 35.201.67.47 396982 (GOOGLE-CL...)
2 35.190.91.160 15169 (GOOGLE)
6 2600:1402:b80... 20940 (AKAMAI-ASN1)
1 199.127.206.102 26120 (RHYTHMONE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 1 2600:1f18:730... 14618 (AMAZON-AES)
1 44.213.233.180 14618 (AMAZON-AES)
1 35.241.9.51 15169 (GOOGLE)
1 35.190.59.101 15169 (GOOGLE)
2 22 52.46.151.131 16509 (AMAZON-02)
2 35.172.4.172 14618 (AMAZON-AES)
4 146.75.30.132 54113 (FASTLY)
1 104.19.150.54 13335 (CLOUDFLAR...)
9 34.107.254.252 396982 (GOOGLE-CL...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
7 44.206.193.111 14618 (AMAZON-AES)
1 2600:9000:251... 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 108.138.128.34 16509 (AMAZON-02)
1 34.96.70.87 396982 (GOOGLE-CL...)
1 2a04:4e42:200... 54113 (FASTLY)
3 2620:100:a001::4 19750 (AS-CRITEO)
1 104.18.25.112 13335 (CLOUDFLAR...)
1 34.102.146.192 396982 (GOOGLE-CL...)
34 2607:f8b0:400... 15169 (GOOGLE)
4 8 23.23.70.212 14618 (AMAZON-AES)
1 2600:9000:23c... 16509 (AMAZON-02)
2 34.120.117.212 396982 (GOOGLE-CL...)
1 2607:f8b0:400... 15169 (GOOGLE)
21 52.22.181.173 14618 (AMAZON-AES)
5 2602:803:c002... 26667 (RUBICONPR...)
7 104.18.6.50 13335 (CLOUDFLAR...)
5 3.92.156.8 14618 (AMAZON-AES)
3 2620:100:a001... 19750 (AS-CRITEO)
1 54.175.87.143 14618 (AMAZON-AES)
2 199.250.161.129 26459 (TTD-ASN-01)
6 42 64.202.112.255 23352 (SERVERCEN...)
16 184.24.37.207 16625 (AKAMAI-AS)
3 50.17.205.49 14618 (AMAZON-AES)
1 2 34.120.107.143 396982 (GOOGLE-CL...)
4 6 162.19.138.120 16276 (OVH)
1 34.149.2.25 15169 (GOOGLE)
1 35.244.216.63 15169 (GOOGLE)
1 35.227.254.22 15169 (GOOGLE)
1 35.190.39.111 15169 (GOOGLE)
1 3 2620:100:a001::c 19750 (AS-CRITEO)
2 2 108.138.106.17 16509 (AMAZON-02)
6 6 199.38.167.130 54312 (ROCKETFUEL)
2 3 107.178.254.65 15169 (GOOGLE)
1 1 2620:112:f002... 6336 (TURN-US-ASN)
7 7 74.119.119.150 19750 (AS-CRITEO)
2 2600:1f18:ed:... 14618 (AMAZON-AES)
21 22 15.197.193.217 16509 (AMAZON-02)
22 25 35.211.178.172 15169 (GOOGLE)
2 3 216.200.232.249 30419 (MEDIAMATH...)
14 14 50.31.142.95 23352 (SERVERCEN...)
8 9 104.126.112.185 16625 (AKAMAI-AS)
2 54.236.116.166 14618 (AMAZON-AES)
1 5 34.205.126.51 14618 (AMAZON-AES)
8 11 69.173.151.100 26667 (RUBICONPR...)
5 9 35.190.60.146 15169 (GOOGLE)
1 5 2620:1ec:21::14 8068 (MICROSOFT...)
1 2 44.195.135.11 14618 (AMAZON-AES)
1 104.126.116.66 20940 (AKAMAI-ASN1)
2 3.220.99.217 14618 (AMAZON-AES)
2 108.138.106.37 16509 (AMAZON-02)
5 5 35.207.24.140 15169 (GOOGLE)
26 39 142.251.41.2 15169 (GOOGLE)
4 5 69.166.1.34 27630 (AS-XFERNET)
3 3 85.114.159.93 24961 (MYLOC-AS ...)
1 2 52.55.144.0 14618 (AMAZON-AES)
5 5 185.184.8.90 204995 (RTB-HOUSE...)
8 8 8.43.72.98 26667 (RUBICONPR...)
2 3 52.0.156.250 14618 (AMAZON-AES)
8 49 192.40.39.223 27381 (CASALE-MEDIA)
15 31 162.248.18.32 62713 (AS-PUBMATIC)
4 11 2600:1f18:4e9... 14618 (AMAZON-AES)
8 18 34.98.64.218 396982 (GOOGLE-CL...)
12 13 34.200.65.202 14618 (AMAZON-AES)
6 6 44.212.249.199 14618 (AMAZON-AES)
2 2 2600:9000:251... 16509 (AMAZON-02)
6 8 216.22.16.5 30633 (LEASEWEB-...)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
7 7 207.198.113.204 13768 (COGECO-PEER1)
3 3 2620:116:800b... 14618 (AMAZON-AES)
9 12 198.148.27.131 19189 (PULSEPOINT)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2600:1402:b80... 20940 (AKAMAI-ASN1)
9 13 18.214.20.208 14618 (AMAZON-AES)
12 23.220.188.195 16625 (AKAMAI-AS)
6 13.225.214.57 16509 (AMAZON-02)
27 104.126.114.69 16625 (AKAMAI-AS)
1 2607:f8b0:400... 15169 (GOOGLE)
2 25 52.207.45.55 14618 (AMAZON-AES)
4 6 54.198.143.1 14618 (AMAZON-AES)
3 3 52.207.126.75 14618 (AMAZON-AES)
6 6 2603:c020:400... 31898 (ORACLE-BM...)
2 3 169.197.150.7 398989 (DEEPINTENT)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 108.138.128.37 16509 (AMAZON-02)
1 74.119.119.139 19750 (AS-CRITEO)
4 4 151.101.66.49 54113 (FASTLY)
3 3 124.146.215.52 2514 (INFOSPHER...)
9 33 35.71.139.29 16509 (AMAZON-02)
3 80.77.87.166 46636 (NATCOWEB)
13 13 72.247.65.83 16625 (AKAMAI-AS)
2 4 2606:4700::68... 13335 (CLOUDFLAR...)
4 10 63.251.28.233 26558 (FREEWHEEL)
1 1 34.96.71.22 396982 (GOOGLE-CL...)
1 2 52.201.180.243 14618 (AMAZON-AES)
14 14 2606:ae80:145... 25751 (VALUECLICK)
24 28 199.127.204.171 26120 (RHYTHMONE)
2 13 104.36.115.113 62713 (AS-PUBMATIC)
12 12 2620:112:f002... 6336 (TURN-US-ASN)
2 34.233.157.77 14618 (AMAZON-AES)
4 5 185.167.164.43 198622 (ADFORM)
2 8 23.105.12.137 30633 (LEASEWEB-...)
13 13 52.3.206.23 14618 (AMAZON-AES)
5 2607:f8b0:400... 15169 (GOOGLE)
3 5 34.111.113.62 396982 (GOOGLE-CL...)
1 40.76.134.238 8075 (MICROSOFT...)
10 14 8.28.7.83 62713 (AS-PUBMATIC)
7 10 8.28.7.84 62713 (AS-PUBMATIC)
4 4 35.236.220.17 396982 (GOOGLE-CL...)
17 26 162.248.18.37 62713 (AS-PUBMATIC)
2 23.220.188.182 16625 (AKAMAI-AS)
1 18.164.116.122 16509 (AMAZON-02)
2 104.18.10.47 13335 (CLOUDFLAR...)
12 104.126.112.26 16625 (AKAMAI-AS)
1 1 54.85.70.234 14618 (AMAZON-AES)
1 52.95.126.160 16509 (AMAZON-02)
2 2 35.211.233.246 19527 (GOOGLE-2)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 18.164.124.41 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
4 23.227.139.243 55081 (24SHELLS)
1 34.107.140.17 396982 (GOOGLE-CL...)
1 34.107.191.194 396982 (GOOGLE-CL...)
12 12 67.202.105.23 32748 (STEADFAST)
1 2 67.202.105.32 32748 (STEADFAST)
1 67.202.105.34 32748 (STEADFAST)
2 54.230.163.10 16509 (AMAZON-02)
1 54.88.169.209 14618 (AMAZON-AES)
8 51.222.39.185 16276 (OVH)
1 2600:9000:21d... 16509 (AMAZON-02)
3 174.137.133.32 27257 (WEBAIR-IN...)
20 35.169.215.20 14618 (AMAZON-AES)
2 2 50.17.85.25 14618 (AMAZON-AES)
6 6 23.92.190.69 10913 (INTERNAP-BLK)
6 11 147.28.129.37 54825 (PACKET)
1 1 37.157.2.234 198622 (ADFORM)
5 5 52.4.169.33 14618 (AMAZON-AES)
2 2 8.2.110.24 46636 (NATCOWEB)
2 3 54.156.202.94 14618 (AMAZON-AES)
4 4 52.23.49.153 14618 (AMAZON-AES)
4 4 52.206.103.177 14618 (AMAZON-AES)
1 34.199.73.116 14618 (AMAZON-AES)
12 2607:f8b0:400... 15169 (GOOGLE)
5 32 104.18.1.32 13335 (CLOUDFLAR...)
1 1 192.132.33.46 18568 (BIDTELLECT)
3 3 141.226.224.48 200478 (TABOOLA-AS)
3 3 52.22.194.176 14618 (AMAZON-AES)
5 5 35.214.225.72 15169 (GOOGLE)
22 34.194.30.69 14618 (AMAZON-AES)
2 2 35.190.90.30 15169 (GOOGLE)
3 3 96.46.186.57 7979 (SERVERS-COM)
2 2 8.2.110.134 46636 (NATCOWEB)
1 1 195.244.31.10 63140 (IGUANA-WO...)
10 2600:9000:251... 16509 (AMAZON-02)
4 2606:4700::68... 13335 (CLOUDFLAR...)
4 2600:9000:251... 16509 (AMAZON-02)
10 45.133.44.3 39572 (ADVANCEDH...)
2 104.18.11.47 13335 (CLOUDFLAR...)
2 2 2604:9e00:1:1... 27257 (WEBAIR-IN...)
1 1 174.137.133.49 27257 (WEBAIR-IN...)
1 1 35.208.249.213 15169 (GOOGLE)
6 34.117.239.71 396982 (GOOGLE-CL...)
1 2 34.149.254.212 396982 (GOOGLE-CL...)
1 34.149.130.207 15169 (GOOGLE)
1 34.111.8.32 396982 (GOOGLE-CL...)
1 15 172.98.26.245 399668 (E-PLANNING-)
10 2606:4700:10:... 13335 (CLOUDFLAR...)
1 1 207.198.113.205 13768 (COGECO-PEER1)
2 172.98.26.241 399668 (E-PLANNING-)
1 1 35.227.252.103 15169 (GOOGLE)
1 1 3.223.58.25 14618 (AMAZON-AES)
2 64.225.0.15 14061 (DIGITALOC...)
1 205.234.175.175 23352 (SERVERCEN...)
2 3.215.50.168 14618 (AMAZON-AES)
1 2 23.205.56.163 16625 (AKAMAI-AS)
1 2 2600:1f18:612... 14618 (AMAZON-AES)
2 3.94.23.46 14618 (AMAZON-AES)
1 2600:1f18:61c... 14618 (AMAZON-AES)
8 142.251.35.162 15169 (GOOGLE)
1 3 35.186.193.173 15169 (GOOGLE)
1 1 172.240.219.212 7979 (SERVERS-COM)
2 2 54.204.170.28 14618 (AMAZON-AES)
1 1 143.244.222.249 14061 (DIGITALOC...)
1 2 54.225.185.242 14618 (AMAZON-AES)
1 54.229.167.103 16509 (AMAZON-02)
1 2 38.68.201.140 174 (COGENT-174)
2 2607:f8b0:400... 15169 (GOOGLE)
2 104.18.0.32 13335 (CLOUDFLAR...)
1 3.232.39.216 14618 (AMAZON-AES)
1 1 173.231.178.115 32475 (SINGLEHOP...)
1 2 23.23.38.193 14618 (AMAZON-AES)
1 52.201.165.221 14618 (AMAZON-AES)
2 45.133.44.4 39572 (ADVANCEDH...)
2 2 34.102.163.6 396982 (GOOGLE-CL...)
2 2 69.90.254.78 13768 (COGECO-PEER1)
2 2 82.145.213.8 39832 (NO-OPERA)
2 2 172.104.121.22 63949 (AKAMAI-LI...)
2 2 20.85.134.6 8075 (MICROSOFT...)
2 23.88.86.2 24940 (HETZNER-AS)
2 195.5.165.20 44968 (IPROM-AS)
3 3 23.76.43.24 16625 (AKAMAI-AS)
2 3.216.187.16 14618 (AMAZON-AES)
2 4 54.158.247.65 14618 (AMAZON-AES)
1 1 64.227.64.62 14061 (DIGITALOC...)
1 18.206.138.177 14618 (AMAZON-AES)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 2 68.67.160.184 29990 (ASN-APPNEX)
7 18.208.125.34 14618 (AMAZON-AES)
1 2a02:6ea0:c40... 60068 (CDN77 ^_^)
1 54.204.231.42 14618 (AMAZON-AES)
4 2620:100:a001... 19750 (AS-CRITEO)
1320 236
97    192.0.66.32 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
nypost.com
pagesix.com
10    2606:4700::6812:aa72 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
8    108.139.29.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-29-97.jfk50.r.cloudfront.net
zephr-v4.nypost.com
9    13.225.63.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-63-36.ewr53.r.cloudfront.net
us.tags.newscgp.com
tags.realtor.com
tags.mansionglobal.com
tags.penews.com
tags.nypost.com
1    2606:4700:20::ac43:4acf (United States)

ASN13335 (CLOUDFLARENET, US)
nypost-com.videoplayerhub.com
1    2606:4700:20::681a:78b (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
1    13.35.93.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-93-126.jfk50.r.cloudfront.net
ak.sail-horizon.com
2    44.197.65.5 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-197-65-5.compute-1.amazonaws.com
platform.datazoom.io
2    2606:4700::6812:1d26 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
9    2600:141b:13::17d7:8252 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
p.typekit.net
2    151.101.66.217 (United States)

ASN54113 (FASTLY, US)
cdn.speedcurve.com
3    2600:1901:0:7416::1 (Kansas City, United States)

ASN15169 (GOOGLE, US)
rebelhen.com
3    2600:9000:26fa:de00:e:5a70:ca40:93a1 (United States)

ASN- ()
cdn.flipboard.com
2    13.35.93.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-93-5.jfk50.r.cloudfront.net
launcher.spot.im
3    2607:f8b0:4006:820::2008 (Stony Point, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    18.164.131.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-131-120.jfk50.r.cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
6    2600:9000:21da:7600:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.jwplayer.com
2    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
1    142.250.80.66 (Staten Island, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f2.1e100.net
www.googleadservices.com
1    192.0.66.184 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
decider.com
8    2607:f8b0:4006:80f::2004 (Stony Point, United States)

ASN15169 (GOOGLE, US)
www.google.com
11    184.24.36.23 (Lithia Springs, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-24-36-23.deploy.static.akamaitechnologies.com
warp.media.net
cs.media.net
hbx.media.net
hblg.media.net
c21lg-d.media.net
4    108.138.128.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-91.jfk50.r.cloudfront.net
direct-events-collector.spot.im
pix.spot.im
31    18.173.219.66 (United States)

ASN- ()
PTR: server-18-173-219-66.jfk52.r.cloudfront.net
static-cdn.spot.im
2    18.164.116.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-116-114.jfk50.r.cloudfront.net
publisher-assets.spot.im
1    13.225.223.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-223-23.jfk51.r.cloudfront.net
open-api.spot.im
6    18.164.96.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-43.jfk50.r.cloudfront.net
sb.scorecardresearch.com
2    151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net
cdn.watchingthat.net
s.skimresources.com
17    2a04:4e42::626 (United States)

ASN54113 (FASTLY, US)
ssl.p.jwpcdn.com
assets-jpcust.jwpsrv.com
prd.jwpltx.com
ping-meta-prd.jwpltx.com
15    2607:f8b0:4006:80e::2002 (Stony Point, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
www.googletagservices.com
1    18.164.101.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-101-60.jfk50.r.cloudfront.net
cdn.parsely.com
1    2607:f8b0:4006:81d::2010 (Stony Point, United States)

ASN15169 (GOOGLE, US)
storage.googleapis.com
4    2607:f8b0:4006:821::2003 (Stony Point, United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2600:9000:23ca:400:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
3    130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
2    2606:4700:20::681a:346 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
4    142.251.40.166 (Newark, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f6.1e100.net
ad.doubleclick.net
s0.2mdn.net
2    2600:9000:23cb:a000:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)
b-code.liadm.com
1    2a03:2880:f112:182:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    152.199.5.228 (United States)

ASN15133 (EDGECAST, US)
entitlements.jwplayer.com
2    2607:f8b0:4006:81c::200a (Stony Point, United States)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    54.144.144.142 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-144-144-142.compute-1.amazonaws.com
p1.parsely.com
8    2607:f8b0:4006:822::200e (Stony Point, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    108.138.107.138 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-107-138.jfk50.r.cloudfront.net
c.amazon-adsystem.com
1    34.120.253.250 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 250.253.120.34.bc.googleusercontent.com
tag.bounceexchange.com
1    108.139.29.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-29-120.jfk50.r.cloudfront.net
cdn.p-n.io
1    54.165.119.46 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-165-119-46.compute-1.amazonaws.com
segment-data.zqtk.net
27    23.220.189.76 (Lithia Springs, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-220-189-76.deploy.static.akamaitechnologies.com
widgets.outbrain.com
widget-pixels.outbrain.com
libs.outbrain.com
amplify.outbrain.com
wave.outbrain.com
1    2606:4700::6812:1a98 (United States)

ASN13335 (CLOUDFLARENET, US)
0cf17917-395b-4f25-91cc-db3bdd6044b0.edge.permutive.app
13    54.230.163.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-163-92.ewr53.r.cloudfront.net
tagan.adlightning.com
14    2607:f8b0:4006:80d::2002 (Stony Point, United States)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
2    2606:4700::6812:184e (United States)

ASN13335 (CLOUDFLARENET, US)
video.unrulymedia.com
2    54.210.73.124 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-210-73-124.compute-1.amazonaws.com
www.zergnet.com
2    52.205.55.225 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-55-225.compute-1.amazonaws.com
broker.datazoom.io
1    34.110.220.19 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 19.220.110.34.bc.googleusercontent.com
sac.nypost.com
3    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
1    13.226.34.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-34-38.ewr53.r.cloudfront.net
www.ncaudienceexchange.com
3    13.225.63.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-63-91.ewr53.r.cloudfront.net
tags.barrons.com
tags.marketwatch.com
tags.wsj.com
2    13.225.63.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-63-10.ewr53.r.cloudfront.net
tags.decider.com
tags.pagesix.com
2    34.102.180.215 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 215.180.102.34.bc.googleusercontent.com
v2.pixel.newscgp.com
21    18.164.96.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-22.jfk50.r.cloudfront.net
api-2-0.spot.im
2    199.127.204.162 (United States)

ASN26120 (RHYTHMONE, US)
targeting.unrulymedia.com
31    68.67.160.132 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
secure.adnxs.com
3    35.207.44.74 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 74.44.207.35.bc.googleusercontent.com
grid.bidswitch.net
9    69.173.151.96 (United States)

ASN26667 (RUBICONPROJECT, US)
prebid-server.rubiconproject.com
pg-prebid-server.rubiconproject.com
3    104.18.24.185 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
4    54.84.197.253 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-197-253.compute-1.amazonaws.com
tlx.3lift.com
7    108.139.54.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-54-32.jfk50.r.cloudfront.net
aax.amazon-adsystem.com
7    34.98.72.95 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 95.72.98.34.bc.googleusercontent.com
assets.bounceexchange.com
2    18.164.96.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-8.jfk50.r.cloudfront.net
t.nypost.com
3    35.201.67.47 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 47.67.201.35.bc.googleusercontent.com
t.skimresources.com
2    35.190.91.160 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 160.91.190.35.bc.googleusercontent.com
p.skimresources.com
6    2600:1402:b800:78d::2c79 (Atlanta, United States)

ASN20940 (AKAMAI-ASN1, NL)
player.aniview.com
1    199.127.206.102 (United States)

ASN26120 (RHYTHMONE, US)
aniview-diag-server.1rx.io
1    2607:f8b0:4006:81e::200e (Stony Point, United States)

ASN15169 (GOOGLE, US)
ampcid.google.com
1    2600:1f18:730:b150:499a:567e:57a7:91ad (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rp.liadm.com
1    44.213.233.180 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-213-233-180.compute-1.amazonaws.com
rp4.liadm.com
1    35.241.9.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.9.241.35.bc.googleusercontent.com
0cf17917-395b-4f25-91cc-db3bdd6044b0.prmutv.co
1    35.190.59.101 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 101.59.190.35.bc.googleusercontent.com
r.skimresources.com
22    52.46.151.131 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
2    35.172.4.172 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-172-4-172.compute-1.amazonaws.com
api.nypdev.com
4    146.75.30.132 (Ashburn, United States)

ASN54113 (FASTLY, US)
mv.outbrain.com
1    104.19.150.54 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.permutive.com
9    34.107.254.252 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 252.254.107.34.bc.googleusercontent.com
api.permutive.com
2    2607:f8b0:4006:81c::2003 (Stony Point, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2607:f8b0:4004:c17::9b (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
7    44.206.193.111 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-206-193-111.compute-1.amazonaws.com
track1.aniview.com
1    2600:9000:2511:3800:a:e047:753:6381 (United States)

ASN16509 (AMAZON-02, US)
cdn.prod.uidapi.com
1    2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
2    108.138.128.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-34.jfk50.r.cloudfront.net
tags.crwdcntrl.net
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
1    2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
3    2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
1    104.18.25.112 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
34    2607:f8b0:4006:81d::2002 (Stony Point, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
8    23.23.70.212 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-23-70-212.compute-1.amazonaws.com
i.liadm.com
1    2600:9000:23ca:fe00:9:41bd:8d00:93a1 (United States)

ASN16509 (AMAZON-02, US)
sli.nypost.com
2    34.120.117.212 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 212.117.120.34.bc.googleusercontent.com
ls.skimresources.com
1    2607:f8b0:4006:820::200a (Stony Point, United States)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
21    52.22.181.173 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-181-173.compute-1.amazonaws.com
ads.servenobid.com
5    2602:803:c002:200::43 (United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
7    104.18.6.50 (None, )

ASN13335 (CLOUDFLARENET, US)
elb.the-ozone-project.com
5    3.92.156.8 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-92-156-8.compute-1.amazonaws.com
c2shb.ssp.yahoo.com
3    2620:100:a001::18 (United States)

ASN19750 (AS-CRITEO, US)
bidder.criteo.com
1    54.175.87.143 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-87-143.compute-1.amazonaws.com
krk.kargo.com
2    199.250.161.129 (United States)

ASN26459 (TTD-ASN-01, US)
direct.adsrvr.org
42    64.202.112.255 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
mcdp-nydc1.outbrain.com
sync.outbrain.com
eventlog.outbrain.com
tr.outbrain.com
16    184.24.37.207 (Lithia Springs, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-24-37-207.deploy.static.akamaitechnologies.com
images.outbrainimg.com
3    50.17.205.49 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-17-205-49.compute-1.amazonaws.com
us.q2s15.com
2    34.120.107.143 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com
oajs.openx.net
6    162.19.138.120 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu
id5-sync.com
1    34.149.2.25 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 25.2.149.34.bc.googleusercontent.com
data.cdnbasket.net
1    35.244.216.63 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 63.216.244.35.bc.googleusercontent.com
page.cdnbasket.net
1    35.227.254.22 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 22.254.227.35.bc.googleusercontent.com
view.cdnbasket.net
1    35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com
esp.rtbhouse.com
3    2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
2    108.138.106.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-17.jfk50.r.cloudfront.net
live.rezync.com
6    199.38.167.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
3    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
1    2620:112:f002:bbbb::23 (United States)

ASN6336 (TURN-US-ASN, US)
d.turn.com
7    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
2    2600:1f18:ed:550a:fdb3:b355:1994:e0eb (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
i6.liadm.com
22    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
25    35.211.178.172 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
3    216.200.232.249 (Frederick, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
14    50.31.142.95 (Plainfield, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
9    104.126.112.185 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-126-112-185.deploy.static.akamaitechnologies.com
stags.bluekai.com
x.dlx.addthis.com
2    54.236.116.166 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-116-166.compute-1.amazonaws.com
rtb.gumgum.com
5    34.205.126.51 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-205-126-51.compute-1.amazonaws.com
bcp.crwdcntrl.net
sync.crwdcntrl.net
11    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
9    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
idsync.rlcdn.com
id.rlcdn.com
5    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
2    44.195.135.11 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-195-135-11.compute-1.amazonaws.com
dpm.demdex.net
1    104.126.116.66 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-126-116-66.deploy.static.akamaitechnologies.com
sync-jp.im-apps.net
2    3.220.99.217 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-220-99-217.compute-1.amazonaws.com
beacon.krxd.net
2    108.138.106.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-37.jfk50.r.cloudfront.net
aa.agkn.com
5    35.207.24.140 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com
rtb.mfadsrvr.com
39    142.251.41.2 (Marriottsville, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f2.1e100.net
cm.g.doubleclick.net
5    69.166.1.34 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
3    85.114.159.93 (Bad Durrheim, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    52.55.144.0 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-55-144-0.compute-1.amazonaws.com
ps.eyeota.net
5    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
8    8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
3    52.0.156.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-156-250.compute-1.amazonaws.com
loadus.exelator.com
49    192.40.39.223 (Canada)

ASN27381 (CASALE-MEDIA, CA)
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
ssum.casalemedia.com
dsum.casalemedia.com
r.casalemedia.com
31    162.248.18.32 (United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
11    2600:1f18:4e9:5a02:d83a:9713:23f4:8b03 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
18    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
u.openx.net
us-u.openx.net
google-bidout-d.openx.net
13    34.200.65.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-65-202.compute-1.amazonaws.com
ups.analytics.yahoo.com
pixel.advertising.com
6    44.212.249.199 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-212-249-199.compute-1.amazonaws.com
ice.360yield.com
ad.360yield.com
2    2600:9000:2511:3a00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
8    216.22.16.5 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ssbsync.smartadserver.com
ssbsync-global.smartadserver.com
3    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
7    207.198.113.204 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
3    2620:116:800b:21:4cb8:1820:80ca:50f7 (United States)

ASN14618 (AMAZON-AES, US)
cms.quantserve.com
12    198.148.27.131 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    2606:4700:3035::ac43:bfac (United States)

ASN13335 (CLOUDFLARENET, US)
cm.rtbsystem.com
1    2600:1402:b800:38::1701:2198 (Atlanta, United States)

ASN20940 (AKAMAI-ASN1, NL)
tg1.unrulyvideo.com
13    18.214.20.208 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-20-208.compute-1.amazonaws.com
match.sharethrough.com
12    23.220.188.195 (Lithia Springs, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-220-188-195.deploy.static.akamaitechnologies.com
ads.pubmatic.com
6    13.225.214.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-57.ewr50.r.cloudfront.net
ms-cookie-sync.presage.io
27    104.126.114.69 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-126-114-69.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    2607:f8b0:4006:80b::2002 (Stony Point, United States)

ASN15169 (GOOGLE, US)
adservice.google.com
25    52.207.45.55 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-207-45-55.compute-1.amazonaws.com
usersync.gumgum.com
6    54.198.143.1 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-198-143-1.compute-1.amazonaws.com
sync.srv.stackadapt.com
3    52.207.126.75 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-207-126-75.compute-1.amazonaws.com
sync.ipredictive.com
6    2603:c020:400d:3000:bf17:cd18:9a23:846c (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
3    169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
1    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
4    108.138.128.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-37.jfk50.r.cloudfront.net
media.sailthru.com
1    74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)
mug.criteo.com
4    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
3    124.146.215.52 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
33    35.71.139.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
3    80.77.87.166 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
13    72.247.65.83 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a72-247-65-83.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
4    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
10    63.251.28.233 (Secaucus, United States)

ASN26558 (FREEWHEEL, US)
ads.stickyadstv.com
1    34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com
s.company-target.com
2    52.201.180.243 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-201-180-243.compute-1.amazonaws.com
rtb.adentifi.com
14    2606:ae80:1451:20::1720 (United States)

ASN25751 (VALUECLICK, US)
pulsepoint-match.dotomi.com
medianet-match.dotomi.com
pubmatic-match.dotomi.com
33across-match.dotomi.com
prebid-match.dotomi.com
casale-match.dotomi.com
28    199.127.204.171 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
13    104.36.115.113 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
12    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
2    34.233.157.77 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-233-157-77.compute-1.amazonaws.com
servt.unrulyvideo.com
5    185.167.164.43 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
8    23.105.12.137 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
rtb-csync.smartadserver.com
13    52.3.206.23 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-206-23.compute-1.amazonaws.com
match.prod.bidr.io
5    2607:f8b0:4006:821::2001 (Stony Point, United States)

ASN15169 (GOOGLE, US)
0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com
5    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
1    40.76.134.238 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
us01.z.antigena.com
14    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
10    8.28.7.84 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
4    35.236.220.17 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 17.220.236.35.bc.googleusercontent.com
um.simpli.fi
26    162.248.18.37 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
2    23.220.188.182 (Lithia Springs, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-220-188-182.deploy.static.akamaitechnologies.com
acdn.adnxs.com
1    18.164.116.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-116-122.jfk50.r.cloudfront.net
public.servenobid.com
2    104.18.10.47 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
12    104.126.112.26 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-126-112-26.deploy.static.akamaitechnologies.com
contextual.media.net
1    54.85.70.234 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-70-234.compute-1.amazonaws.com
usermatch.krxd.net
1    52.95.126.160 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
2    35.211.233.246 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 246.233.211.35.bc.googleusercontent.com
a.sportradarserving.com
1    2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
1    18.164.124.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-124-41.jfk50.r.cloudfront.net
cm.smadex.com
1    2a00:1450:4009:821::2003 (London, United Kingdom)

ASN15169 (GOOGLE, US)
csi.gstatic.com
4    23.227.139.243 (Piscataway, United States)

ASN55081 (24SHELLS, US)
sync.spotim.market
sync.adtelligent.com
1    34.107.140.17 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 17.140.107.34.bc.googleusercontent.com
di.rlcdn.com
1    34.107.191.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.191.107.34.bc.googleusercontent.com
ids.cdnwidget.com
12    67.202.105.23 (United States)

ASN32748 (STEADFAST, US)
PTR: ip23.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
2    67.202.105.32 (United States)

ASN32748 (STEADFAST, US)
PTR: ip32.67-202-105.static.steadfastdns.net
de.tynt.com
1    67.202.105.34 (United States)

ASN32748 (STEADFAST, US)
PTR: ip34.67-202-105.static.steadfastdns.net
hde.tynt.com
2    54.230.163.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-163-10.ewr53.r.cloudfront.net
ib.3lift.com
1    54.88.169.209 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-88-169-209.compute-1.amazonaws.com
g2.gumgum.com
8    51.222.39.185 (Canada)

ASN16276 (OVH, FR)
PTR: ip185.ip-51-222-39.net
onetag-sys.com
1    2600:9000:21dd:9c00:1f:4c18:bd40:93a1 (United States)

ASN16509 (AMAZON-02, US)
cs-rtb.minutemedia-prebid.com
3    174.137.133.32 (United States)

ASN27257 (WEBAIR-INTERNET, US)
sync.adkernel.com
20    35.169.215.20 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-169-215-20.compute-1.amazonaws.com
cs-server-s2s.yellowblue.io
cs.yellowblue.io
2    50.17.85.25 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-17-85-25.compute-1.amazonaws.com
ce.lijit.com
6    23.92.190.69 (Houston, United States)

ASN10913 (INTERNAP-BLK, US)
ap.lijit.com
11    147.28.129.37 (Ashburn, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    37.157.2.234 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
5    52.4.169.33 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-169-33.compute-1.amazonaws.com
ssp.disqus.com
2    8.2.110.24 (United States)

ASN46636 (NATCOWEB, US)
sync.admanmedia.com
3    54.156.202.94 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-202-94.compute-1.amazonaws.com
crb.kargo.com
4    52.23.49.153 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-23-49-153.compute-1.amazonaws.com
pm.w55c.net
4    52.206.103.177 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-103-177.compute-1.amazonaws.com
ads.avct.cloud
1    34.199.73.116 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-73-116.compute-1.amazonaws.com
dmp.adblade.com
12    2607:f8b0:4006:816::2001 (Stony Point, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
32    104.18.1.32 (None, )

ASN13335 (CLOUDFLARENET, US)
cd.connatix.com
cds.connatix.com
capi.connatix.com
cks.connatix.com
1    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: NET-33-132-192.46.bidtellect.com
bttrack.com
3    141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)
sync.taboola.com
3    52.22.194.176 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-194-176.compute-1.amazonaws.com
ads.yieldmo.com
5    35.214.225.72 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 72.225.214.35.bc.googleusercontent.com
csync.loopme.me
22    34.194.30.69 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-30-69.compute-1.amazonaws.com
cs.minutemedia-prebid.com
2    35.190.90.30 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 30.90.190.35.bc.googleusercontent.com
odr.mookie1.com
3    96.46.186.57 (United States)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
2    8.2.110.134 (United States)

ASN46636 (NATCOWEB, US)
cs.krushmedia.com
1    195.244.31.10 (Newark, United States)

ASN63140 (IGUANA-WORLDWIDE, US)
visitor.omnitagjs.com
10    2600:9000:2511:a00:2:cecb:23c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
videos-cloudfront-usp.jwpsrv.com
4    2606:4700::6812:651 (United States)

ASN13335 (CLOUDFLARENET, US)
static.vidazoo.com
4    2600:9000:2511:cc00:4:b37b:9440:93a1 (United States)

ASN16509 (AMAZON-02, US)
rumcdn.geoedge.be
10    45.133.44.3 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
player.spotim.market
p.jcontentcdn.com
p.astarcdn.com
2    104.18.11.47 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.indexww.com
2    2604:9e00:1:129::2:a01 (United States)

ASN27257 (WEBAIR-INTERNET, US)
rtb2-useast.marketiq.com
1    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
dsp.adkernel.com
1    35.208.249.213 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 213.249.208.35.bc.googleusercontent.com
trace.mediago.io
6    34.117.239.71 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 71.239.117.34.bc.googleusercontent.com
events-ssc.33across.com
2    34.149.254.212 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 212.254.149.34.bc.googleusercontent.com
pix.cdnwidget.com
1    34.149.130.207 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 207.130.149.34.bc.googleusercontent.com
idr.cdnwidget.com
1    34.111.8.32 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 32.8.111.34.bc.googleusercontent.com
events.bouncex.net
15    172.98.26.245 (Ashburn, United States)

ASN399668 (E-PLANNING-, US)
PTR: ads.us.e-planning.net
ads.us.e-planning.net
u-iad04.e-planning.net
sync.e-planning.net
10    2606:4700:10::6816:2460 (United States)

ASN13335 (CLOUDFLARENET, US)
sync.quantumdex.io
1    207.198.113.205 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel.sitescout.com
2    172.98.26.241 (Ashburn, United States)

ASN399668 (E-PLANNING-, US)
PTR: s.e-planning.net
s.e-planning.net
1    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
1    3.223.58.25 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-223-58-25.compute-1.amazonaws.com
cookies.nextmillmedia.com
2    64.225.0.15 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
server3.vidazoo.com
1    205.234.175.175 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: vip1.G-anycast1.cachefly.net
i.e-planning.net
2    3.215.50.168 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-215-50-168.compute-1.amazonaws.com
sync.springserve.com
2    23.205.56.163 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-56-163.deploy.static.akamaitechnologies.com
sync.teads.tv
2    2600:1f18:612b:4232:6fb3:e7b4:1fbc:46fc (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
partners.tremorhub.com
connatix-supply-partners.tremorhub.com
2    3.94.23.46 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-94-23-46.compute-1.amazonaws.com
k.p-n.io
1    2600:1f18:61c0:2204:dc96:d78f:7c5:6b8d (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
d.adroll.com
8    142.251.35.162 (Marriottsville, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s78-in-f2.1e100.net
googleads4.g.doubleclick.net
3    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
i.ctnsnet.com
ipac.ctnsnet.com
1    172.240.219.212 (United States)

ASN7979 (SERVERS-COM, US)
sync.colossusssp.com
2    54.204.170.28 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-204-170-28.compute-1.amazonaws.com
vop.sundaysky.com
1    143.244.222.249 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
sync.resetdigital.co
2    54.225.185.242 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-225-185-242.compute-1.amazonaws.com
beacon.lynx.cognitivlabs.com
1    54.229.167.103 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-167-103.eu-west-1.compute.amazonaws.com
synchroscript.deliveryengine.adswizz.com
2    38.68.201.140 (Levittown, United States)

ASN174 (COGENT-174, US)
pmp.mxptint.net
2    2607:f8b0:4006:821::2006 (Stony Point, United States)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    104.18.0.32 (None, )

ASN13335 (CLOUDFLARENET, US)
vid.connatix.com
ins.connatix.com
1    3.232.39.216 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-232-39-216.compute-1.amazonaws.com
observe.aniview.com
1    173.231.178.115 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: lga-delivery-7.sys.adgear.com
cm.adgrx.com
2    23.23.38.193 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-23-38-193.compute-1.amazonaws.com
thrtle.com
1    52.201.165.221 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-201-165-221.compute-1.amazonaws.com
sync.bfmio.com
2    45.133.44.4 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
player.adtelligent.com
2    34.102.163.6 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 6.163.102.34.bc.googleusercontent.com
ad.mrtnsvr.com
2    69.90.254.78 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
ums.acuityplatform.com
2    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
2    172.104.121.22 (Tokyo, Japan)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1731-22.members.linode.com
gocm.c.appier.net
2    20.85.134.6 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
mweb.ck.inmobi.com
2    23.88.86.2 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.2.86.88.23.clients.your-server.de
matching.truffle.bid
2    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
3    23.76.43.24 (Lithia Springs, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-76-43-24.deploy.static.akamaitechnologies.com
px.owneriq.net
2    3.216.187.16 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-216-187-16.compute-1.amazonaws.com
bpi.rtactivate.com
4    54.158.247.65 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-158-247-65.compute-1.amazonaws.com
io.narrative.io
1    64.227.64.62 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    18.206.138.177 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-206-138-177.compute-1.amazonaws.com
sync.crwdcntrl.net
4    2606:4700::6813:9e13 (United States)

ASN13335 (CLOUDFLARENET, US)
assets.a-mo.net
2    68.67.160.184 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
7    18.208.125.34 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-208-125-34.compute-1.amazonaws.com
sync.aniview.com
1    2a02:6ea0:c400::12 (New York, United States)

ASN60068 (CDN77 ^_^, GB)
vid.vidoomy.com
1    54.204.231.42 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-204-231-42.compute-1.amazonaws.com
metrics-logger.spot.im
4    2620:100:a001::1d (United States)

ASN19750 (AS-CRITEO, US)
ssp-sync.criteo.com
Apex Domain
Subdomains		 Transfer
110 nypost.com
nypost.com — Cisco Umbrella Rank: 9522
zephr-v4.nypost.com — Cisco Umbrella Rank: 18840
sac.nypost.com — Cisco Umbrella Rank: 17542
tags.nypost.com — Cisco Umbrella Rank: 15352
t.nypost.com — Cisco Umbrella Rank: 16707
sli.nypost.com — Cisco Umbrella Rank: 23902
1 MB
106 pubmatic.com
image8.pubmatic.com — Cisco Umbrella Rank: 686
ads.pubmatic.com — Cisco Umbrella Rank: 553
image6.pubmatic.com — Cisco Umbrella Rank: 809
image2.pubmatic.com — Cisco Umbrella Rank: 938
image4.pubmatic.com — Cisco Umbrella Rank: 1279
simage2.pubmatic.com — Cisco Umbrella Rank: 786
simage4.pubmatic.com — Cisco Umbrella Rank: 1265
98 KB
73 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 997
pg-prebid-server.rubiconproject.com — Cisco Umbrella Rank: 13545
fastlane.rubiconproject.com — Cisco Umbrella Rank: 572
pixel.rubiconproject.com — Cisco Umbrella Rank: 361
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1225
eus.rubiconproject.com — Cisco Umbrella Rank: 636
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1187
token.rubiconproject.com — Cisco Umbrella Rank: 632
155 KB
73 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 1432
widget-pixels.outbrain.com — Cisco Umbrella Rank: 3525
mv.outbrain.com — Cisco Umbrella Rank: 1833
mcdp-nydc1.outbrain.com — Cisco Umbrella Rank: 5590
sync.outbrain.com — Cisco Umbrella Rank: 750
libs.outbrain.com — Cisco Umbrella Rank: 2488
eventlog.outbrain.com — Cisco Umbrella Rank: 4111
amplify.outbrain.com — Cisco Umbrella Rank: 3298
tr.outbrain.com — Cisco Umbrella Rank: 3062
wave.outbrain.com — Cisco Umbrella Rank: 3349
236 KB
72 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 55
ad.doubleclick.net — Cisco Umbrella Rank: 194
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 206
stats.g.doubleclick.net — Cisco Umbrella Rank: 114
cm.g.doubleclick.net — Cisco Umbrella Rank: 239
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 366
692 KB
62 spot.im
launcher.spot.im — Cisco Umbrella Rank: 4951
direct-events-collector.spot.im — Cisco Umbrella Rank: 4085
static-cdn.spot.im — Cisco Umbrella Rank: 4075
publisher-assets.spot.im — Cisco Umbrella Rank: 4333
open-api.spot.im — Cisco Umbrella Rank: 9015
api-2-0.spot.im — Cisco Umbrella Rank: 2702
pix.spot.im — Cisco Umbrella Rank: 4351
metrics-logger.spot.im — Cisco Umbrella Rank: 14578
721 KB
52 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 662
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 478
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 623
ssum.casalemedia.com — Cisco Umbrella Rank: 1401
dsum.casalemedia.com — Cisco Umbrella Rank: 1532
r.casalemedia.com — Cisco Umbrella Rank: 1561
45 KB
51 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 130
0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 151
266 KB
39 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 640
eb2.3lift.com — Cisco Umbrella Rank: 406
ib.3lift.com — Cisco Umbrella Rank: 1566
83 KB
35 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 221
secure.adnxs.com — Cisco Umbrella Rank: 464
acdn.adnxs.com — Cisco Umbrella Rank: 573
59 KB
34 connatix.com
cd.connatix.com — Cisco Umbrella Rank: 3301
cds.connatix.com — Cisco Umbrella Rank: 3503
capi.connatix.com — Cisco Umbrella Rank: 1560
cks.connatix.com — Cisco Umbrella Rank: 6484
vid.connatix.com — Cisco Umbrella Rank: 4026
ins.connatix.com — Cisco Umbrella Rank: 4425
pl.connatix.com Failed
356 KB
33 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 357
aax.amazon-adsystem.com — Cisco Umbrella Rank: 441
s.amazon-adsystem.com — Cisco Umbrella Rank: 317
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1131
82 KB
28 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 1627
usersync.gumgum.com — Cisco Umbrella Rank: 1877
g2.gumgum.com — Cisco Umbrella Rank: 1750
8 KB
28 yahoo.com
c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 1905
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 465
ups.analytics.yahoo.com — Cisco Umbrella Rank: 320
12 KB
28 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1171
x.bidswitch.net — Cisco Umbrella Rank: 354
11 KB
26 media.net
warp.media.net — Cisco Umbrella Rank: 2699
prebid.media.net — Cisco Umbrella Rank: 1373
cs.media.net — Cisco Umbrella Rank: 1558
contextual.media.net — Cisco Umbrella Rank: 649
hbx.media.net — Cisco Umbrella Rank: 1274
hblg.media.net — Cisco Umbrella Rank: 2148
c21lg-d.media.net — Cisco Umbrella Rank: 2495
77 KB
24 adsrvr.org
direct.adsrvr.org — Cisco Umbrella Rank: 3702
match.adsrvr.org — Cisco Umbrella Rank: 363
13 KB
23 minutemedia-prebid.com
cs-rtb.minutemedia-prebid.com — Cisco Umbrella Rank: 4855
cs.minutemedia-prebid.com — Cisco Umbrella Rank: 4144
12 KB
22 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 2573
public.servenobid.com — Cisco Umbrella Rank: 4869
14 KB
21 openx.net
oajs.openx.net — Cisco Umbrella Rank: 1497
u.openx.net — Cisco Umbrella Rank: 759
us-u.openx.net — Cisco Umbrella Rank: 482
google-bidout-d.openx.net — Cisco Umbrella Rank: 1496
rtb.openx.net — Cisco Umbrella Rank: 833
3 KB
21 aniview.com
player.aniview.com — Cisco Umbrella Rank: 1702
track1.aniview.com — Cisco Umbrella Rank: 1814
observe.aniview.com — Cisco Umbrella Rank: 2909
sync.aniview.com — Cisco Umbrella Rank: 1808
302 KB
20 yellowblue.io
cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 2242
cs.yellowblue.io — Cisco Umbrella Rank: 3084
11 KB
20 1rx.io
aniview-diag-server.1rx.io — Cisco Umbrella Rank: 19263
sync.1rx.io — Cisco Umbrella Rank: 601
12 KB
19 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1378
ssc-cms.33across.com — Cisco Umbrella Rank: 1204
events-ssc.33across.com — Cisco Umbrella Rank: 2429
17 KB
18 e-planning.net
ads.us.e-planning.net — Cisco Umbrella Rank: 2420
u-iad04.e-planning.net — Cisco Umbrella Rank: 7335
s.e-planning.net — Cisco Umbrella Rank: 6287
sync.e-planning.net — Cisco Umbrella Rank: 5012
i.e-planning.net — Cisco Umbrella Rank: 5533
6 KB
18 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 772
gum.criteo.com — Cisco Umbrella Rank: 425
dis.criteo.com — Cisco Umbrella Rank: 608
mug.criteo.com — Cisco Umbrella Rank: 2553
ssp-sync.criteo.com — Cisco Umbrella Rank: 1243
14 KB
16 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 861
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 693
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1707
6 KB
16 outbrainimg.com
images.outbrainimg.com — Cisco Umbrella Rank: 2017
666 KB
15 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1006
assets.a-mo.net — Cisco Umbrella Rank: 2113
20 KB
14 dotomi.com
pulsepoint-match.dotomi.com — Cisco Umbrella Rank: 8334
medianet-match.dotomi.com — Cisco Umbrella Rank: 12624
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 4074
33across-match.dotomi.com — Cisco Umbrella Rank: 4027
prebid-match.dotomi.com — Cisco Umbrella Rank: 2443
casale-match.dotomi.com — Cisco Umbrella Rank: 3762
triplelift-match.dotomi.com — Cisco Umbrella Rank: 4453 Failed
dclk-match.dotomi.com Failed
5 KB
14 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 557
9 KB
14 liadm.com
b-code.liadm.com — Cisco Umbrella Rank: 3074
rp.liadm.com — Cisco Umbrella Rank: 1622
rp4.liadm.com — Cisco Umbrella Rank: 6696
i.liadm.com — Cisco Umbrella Rank: 650
i6.liadm.com — Cisco Umbrella Rank: 2141
26 KB
13 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 615
7 KB
13 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 566
4 KB
13 turn.com
d.turn.com — Cisco Umbrella Rank: 1514
ad.turn.com — Cisco Umbrella Rank: 921
6 KB
13 jwpsrv.com
assets-jpcust.jwpsrv.com — Cisco Umbrella Rank: 4009
videos-cloudfront-usp.jwpsrv.com — Cisco Umbrella Rank: 5725
3 MB
13 unrulymedia.com
video.unrulymedia.com — Cisco Umbrella Rank: 16584
targeting.unrulymedia.com — Cisco Umbrella Rank: 856
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1376
13 KB
13 adlightning.com
tagan.adlightning.com — Cisco Umbrella Rank: 2462
378 KB
12 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 558
11 KB
11 spotim.market
sync.spotim.market — Cisco Umbrella Rank: 2594
player.spotim.market — Cisco Umbrella Rank: 7894
ghb.spotim.market Failed
395 KB
10 quantumdex.io
sync.quantumdex.io — Cisco Umbrella Rank: 3039
2 KB
10 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 556
5 KB
10 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 410
id.rlcdn.com — Cisco Umbrella Rank: 814
di.rlcdn.com — Cisco Umbrella Rank: 2106
2 KB
10 permutive.com
cdn.permutive.com — Cisco Umbrella Rank: 2852
api.permutive.com — Cisco Umbrella Rank: 2095
7 KB
10 google.com
www.google.com — Cisco Umbrella Rank: 3
ampcid.google.com — Cisco Umbrella Rank: 2411
adservice.google.com — Cisco Umbrella Rank: 116
32 KB
10 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 377
246 KB
9 skimresources.com
s.skimresources.com — Cisco Umbrella Rank: 3807
t.skimresources.com — Cisco Umbrella Rank: 3806
p.skimresources.com — Cisco Umbrella Rank: 4863
r.skimresources.com — Cisco Umbrella Rank: 3636
ls.skimresources.com — Cisco Umbrella Rank: 11237
17 KB
9 typekit.net
use.typekit.net — Cisco Umbrella Rank: 541
p.typekit.net — Cisco Umbrella Rank: 664
114 KB
8 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 996
ap.lijit.com — Cisco Umbrella Rank: 757
4 KB
8 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 812
6 KB
8 jwpltx.com
prd.jwpltx.com — Cisco Umbrella Rank: 3295
ping-meta-prd.jwpltx.com — Cisco Umbrella Rank: 7101
302 B
8 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 763
pixel.sitescout.com — Cisco Umbrella Rank: 3582
6 KB
8 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1034
bcp.crwdcntrl.net — Cisco Umbrella Rank: 886
sync.crwdcntrl.net — Cisco Umbrella Rank: 851
32 KB
8 bounceexchange.com
tag.bounceexchange.com — Cisco Umbrella Rank: 3189
assets.bounceexchange.com — Cisco Umbrella Rank: 2241
203 KB
8 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 54
22 KB
7 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 603
3 KB
7 the-ozone-project.com
elb.the-ozone-project.com — Cisco Umbrella Rank: 6258
10 KB
7 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 887
id5-sync.com — Cisco Umbrella Rank: 423
32 KB
7 gstatic.com
www.gstatic.com
fonts.gstatic.com
csi.gstatic.com
410 KB
7 jwplayer.com
cdn.jwplayer.com — Cisco Umbrella Rank: 2957
entitlements.jwplayer.com — Cisco Umbrella Rank: 3877
66 KB
6 vidazoo.com
static.vidazoo.com — Cisco Umbrella Rank: 2634
server3.vidazoo.com — Cisco Umbrella Rank: 6377
185 KB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 214
338 KB
6 adform.net
c1.adform.net — Cisco Umbrella Rank: 604
cm.adform.net — Cisco Umbrella Rank: 1264
3 KB
6 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1398
6 KB
6 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 791
2 KB
6 presage.io
ms-cookie-sync.presage.io — Cisco Umbrella Rank: 9725
4 KB
6 360yield.com
ice.360yield.com — Cisco Umbrella Rank: 2458
ad.360yield.com — Cisco Umbrella Rank: 670
2 KB
6 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 891
5 KB
6 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 1539
creativecdn.com — Cisco Umbrella Rank: 509
us.creativecdn.com Failed
3 KB
6 jwpcdn.com
ssl.p.jwpcdn.com — Cisco Umbrella Rank: 3018
274 KB
6 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 155
57 KB
6 newscgp.com
us.tags.newscgp.com — Cisco Umbrella Rank: 9370
v2.pixel.newscgp.com — Cisco Umbrella Rank: 9756
247 KB
5 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1056
1 KB
5 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 1437
941 B
5 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 499
1 KB
5 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 1077
sync.admanmedia.com — Cisco Umbrella Rank: 3533
942 B
5 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 1134
3 KB
5 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 1194
2 KB
5 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 368
1 KB
5 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 318
296 KB
4 narrative.io
io.narrative.io — Cisco Umbrella Rank: 4892
1 KB
4 geoedge.be
rumcdn.geoedge.be — Cisco Umbrella Rank: 1898
268 KB
4 avct.cloud
ads.avct.cloud — Cisco Umbrella Rank: 4913
2 KB
4 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 977
3 KB
4 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 1694
dsp.adkernel.com — Cisco Umbrella Rank: 6926
2 KB
4 cdnwidget.com
ids.cdnwidget.com — Cisco Umbrella Rank: 3434
pix.cdnwidget.com — Cisco Umbrella Rank: 4787
idr.cdnwidget.com — Cisco Umbrella Rank: 3788
2 KB
4 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 709
cdn.indexww.com — Cisco Umbrella Rank: 1671
3 KB
4 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 818
2 KB
4 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 841
s.tribalfusion.com — Cisco Umbrella Rank: 1914
1 KB
4 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 777
881 B
4 sailthru.com
media.sailthru.com — Cisco Umbrella Rank: 12028
443 KB
4 kargo.com
krk.kargo.com — Cisco Umbrella Rank: 4584
crb.kargo.com — Cisco Umbrella Rank: 1611
2 KB
4 googleapis.com
storage.googleapis.com — Cisco Umbrella Rank: 463
imasdk.googleapis.com — Cisco Umbrella Rank: 520
ajax.googleapis.com — Cisco Umbrella Rank: 392
453 KB
4 datazoom.io
platform.datazoom.io — Cisco Umbrella Rank: 15561
broker.datazoom.io — Cisco Umbrella Rank: 15241
64 KB
4 btloader.com
btloader.com — Cisco Umbrella Rank: 1116
api.btloader.com — Cisco Umbrella Rank: 1172
7 KB
3 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 1745
2 KB
3 ctnsnet.com
i.ctnsnet.com — Cisco Umbrella Rank: 5516
ipac.ctnsnet.com — Cisco Umbrella Rank: 6307
ius.ctnsnet.com Failed
453 B
3 adtelligent.com
sync.adtelligent.com — Cisco Umbrella Rank: 3520
player.adtelligent.com — Cisco Umbrella Rank: 6936
3 KB
3 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1634
2 KB
3 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 672
2 KB
3 taboola.com
sync.taboola.com — Cisco Umbrella Rank: 1102
981 B
3 tynt.com
de.tynt.com — Cisco Umbrella Rank: 1654
hde.tynt.com — Cisco Umbrella Rank: 4091
7 KB
3 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1157
3 KB
3 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1148
936 B
3 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1093
1 KB
3 unrulyvideo.com
tg1.unrulyvideo.com — Cisco Umbrella Rank: 18881
servt.unrulyvideo.com — Cisco Umbrella Rank: 18509
7 KB
3 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 857
1 KB
3 bing.com
c.bing.com — Cisco Umbrella Rank: 226
1 KB
3 exelator.com
loadus.exelator.com — Cisco Umbrella Rank: 1473
3 KB
3 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1661
1 KB
3 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 638
usermatch.krxd.net — Cisco Umbrella Rank: 1494
908 B
3 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 1190
2 KB
3 pippio.com
pippio.com — Cisco Umbrella Rank: 806
852 B
3 cdnbasket.net
data.cdnbasket.net — Cisco Umbrella Rank: 4570
page.cdnbasket.net — Cisco Umbrella Rank: 4571
view.cdnbasket.net — Cisco Umbrella Rank: 4572
1014 B
3 q2s15.com
us.q2s15.com — Cisco Umbrella Rank: 22823
511 B
3 criteo.net
static.criteo.net — Cisco Umbrella Rank: 617
csm.va.us.criteo.net Failed
73 KB
3 p-n.io
cdn.p-n.io — Cisco Umbrella Rank: 4596
k.p-n.io — Cisco Umbrella Rank: 3058
58 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 65
250 KB
3 flipboard.com
cdn.flipboard.com — Cisco Umbrella Rank: 8843
8 KB
3 rebelhen.com
rebelhen.com — Cisco Umbrella Rank: 18311
25 KB
2 rtactivate.com
bpi.rtactivate.com — Cisco Umbrella Rank: 1628
217 B
2 iprom.net
core.iprom.net — Cisco Umbrella Rank: 6681
2 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 7705
2 inmobi.com
mweb.ck.inmobi.com — Cisco Umbrella Rank: 4401
694 B
2 appier.net
gocm.c.appier.net — Cisco Umbrella Rank: 2564
871 B
2 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1462
1 KB
2 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1381
1 KB
2 mrtnsvr.com
ad.mrtnsvr.com — Cisco Umbrella Rank: 3316
324 B
2 thrtle.com
thrtle.com — Cisco Umbrella Rank: 1364
682 B
2 mxptint.net
pmp.mxptint.net — Cisco Umbrella Rank: 5983
aep.mxptint.net Failed
967 B
2 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1616
833 B
2 sundaysky.com
vop.sundaysky.com — Cisco Umbrella Rank: 2785
1 KB
2 tremorhub.com
partners.tremorhub.com — Cisco Umbrella Rank: 1250
connatix-supply-partners.tremorhub.com — Cisco Umbrella Rank: 10793
599 B
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1405
514 B
2 springserve.com
sync.springserve.com — Cisco Umbrella Rank: 1215
411 B
2 marketiq.com
rtb2-useast.marketiq.com — Cisco Umbrella Rank: 5233
760 B
2 krushmedia.com
cs.krushmedia.com — Cisco Umbrella Rank: 4181
1 KB
2 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 1321
1 KB
2 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 2801
969 B
2 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1356
448 B
2 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 760
977 B
2 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 1156
1 KB
2 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 533
1 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 212
2 KB
2 addthis.com
x.dlx.addthis.com — Cisco Umbrella Rank: 1620
1 KB
2 rezync.com
live.rezync.com — Cisco Umbrella Rank: 1668
2 KB
2 nypdev.com
api.nypdev.com — Cisco Umbrella Rank: 17919
437 B
2 zergnet.com
www.zergnet.com — Cisco Umbrella Rank: 13390
5 KB
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1192
1 KB
2 parsely.com
cdn.parsely.com — Cisco Umbrella Rank: 3020
p1.parsely.com — Cisco Umbrella Rank: 2210
29 KB
2 decider.com
decider.com — Cisco Umbrella Rank: 14745
tags.decider.com — Cisco Umbrella Rank: 18621
23 KB
2 pagesix.com
pagesix.com — Cisco Umbrella Rank: 12358
tags.pagesix.com — Cisco Umbrella Rank: 17773
77 KB
2 wp.com
stats.wp.com — Cisco Umbrella Rank: 2614
pixel.wp.com — Cisco Umbrella Rank: 2513
3 KB
2 speedcurve.com
cdn.speedcurve.com — Cisco Umbrella Rank: 6156
16 KB
2 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 641
552 B
1 vidoomy.com
vid.vidoomy.com — Cisco Umbrella Rank: 2194
1 astarcdn.com
p.astarcdn.com — Cisco Umbrella Rank: 81766
1 jcontentcdn.com
p.jcontentcdn.com — Cisco Umbrella Rank: 25765
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2793
555 B
1 bfmio.com
sync.bfmio.com — Cisco Umbrella Rank: 1684
425 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1517
592 B
1 adswizz.com
synchroscript.deliveryengine.adswizz.com — Cisco Umbrella Rank: 2954
397 B
1 resetdigital.co
sync.resetdigital.co — Cisco Umbrella Rank: 2728
418 B
1 colossusssp.com
sync.colossusssp.com — Cisco Umbrella Rank: 1567
697 B
1 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1440
181 B
1 nextmillmedia.com
cookies.nextmillmedia.com — Cisco Umbrella Rank: 3604
189 B
1 bouncex.net
events.bouncex.net — Cisco Umbrella Rank: 2132
279 B
1 mediago.io
trace.mediago.io — Cisco Umbrella Rank: 1071
191 B
1 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 968
352 B
1 bttrack.com
bttrack.com — Cisco Umbrella Rank: 958
351 B
1 adblade.com
dmp.adblade.com — Cisco Umbrella Rank: 7919
229 B
1 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 1528
296 B
1 smadex.com
cm.smadex.com — Cisco Umbrella Rank: 3175
615 B
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1175
7 KB
1 antigena.com
us01.z.antigena.com — Cisco Umbrella Rank: 3334
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 1787
424 B
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 986
7 KB
1 rtbsystem.com
cm.rtbsystem.com — Cisco Umbrella Rank: 4129
1 KB
1 im-apps.net
sync-jp.im-apps.net — Cisco Umbrella Rank: 4137
740 B
1 rtbhouse.com
esp.rtbhouse.com — Cisco Umbrella Rank: 3396
539 B
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1617
8 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 356
901 B
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 1676
2 KB
1 prmutv.co
0cf17917-395b-4f25-91cc-db3bdd6044b0.prmutv.co — Cisco Umbrella Rank: 12511
388 B
1 penews.com
tags.penews.com — Cisco Umbrella Rank: 18647
3 KB
1 wsj.com
tags.wsj.com — Cisco Umbrella Rank: 14201
3 KB
1 marketwatch.com
tags.marketwatch.com — Cisco Umbrella Rank: 16687
3 KB
1 mansionglobal.com
tags.mansionglobal.com — Cisco Umbrella Rank: 18652
3 KB
1 barrons.com
tags.barrons.com — Cisco Umbrella Rank: 18218
3 KB
1 realtor.com
tags.realtor.com — Cisco Umbrella Rank: 13581
3 KB
1 ncaudienceexchange.com
www.ncaudienceexchange.com — Cisco Umbrella Rank: 11891
3 KB
1 permutive.app
0cf17917-395b-4f25-91cc-db3bdd6044b0.edge.permutive.app — Cisco Umbrella Rank: 8332
110 KB
1 zqtk.net
segment-data.zqtk.net — Cisco Umbrella Rank: 10075
330 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
185 B
1 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 644
481 B
1 watchingthat.net
cdn.watchingthat.net — Cisco Umbrella Rank: 10359
7 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 150
18 KB
1 cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
1 KB
1 sail-horizon.com
ak.sail-horizon.com — Cisco Umbrella Rank: 3326
33 KB
1 videoplayerhub.com
nypost-com.videoplayerhub.com — Cisco Umbrella Rank: 18455
450 B
0 datadoghq.com Failed
browser-http-intake.logs.datadoghq.com Failed
0 admixer.net Failed
inv-nets.admixer.net Failed
0 yandex.ru Failed
an.yandex.ru Failed
0 clickagy.com Failed
aorta.clickagy.com Failed
0 media6degrees.com Failed
idpix.media6degrees.com Failed
0 intentiq.com Failed
sync.intentiq.com Failed
0 mobtrakk.com Failed
sync-dmp.mobtrakk.com Failed
0 semasio.net Failed
uipglob.semasio.net — Cisco Umbrella Rank: 1251 Failed
0 richaudience.com Failed
sync.richaudience.com — Cisco Umbrella Rank: 1928 Failed
0 brand-display.com Failed
dmp.brand-display.com Failed
0 spotxchange.com Failed
sync.search.spotxchange.com Failed
0 geistm.com Failed
id.geistm.com Failed
0 knewz.com Failed
tags.knewz.com Failed
1320 213
Domain Requested by
96 nypost.com nypost.com
cdn.jwplayer.com
cdn.cookielaw.org
39 cm.g.doubleclick.net 26 redirects rtb.gumgum.com
u.openx.net
eus.rubiconproject.com
eb2.3lift.com
g2.gumgum.com
googleads.g.doubleclick.net
public.servenobid.com
0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com
34 pagead2.googlesyndication.com imasdk.googleapis.com
0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com
tagan.adlightning.com
pagead2.googlesyndication.com
33 eb2.3lift.com 9 redirects s.amazon-adsystem.com
us.tags.newscgp.com
eb2.3lift.com
sync.quantumdex.io
nypost.com
ads.us.e-planning.net
31 image8.pubmatic.com 15 redirects cs-rtb.minutemedia-prebid.com
ads.pubmatic.com
s.amazon-adsystem.com
31 sync.outbrain.com 6 redirects widgets.outbrain.com
rtb.gumgum.com
s.amazon-adsystem.com
g2.gumgum.com
31 static-cdn.spot.im launcher.spot.im
static-cdn.spot.im
tagan.adlightning.com
nypost.com
27 dsum-sec.casalemedia.com 2 redirects ssum-sec.casalemedia.com
googleads.g.doubleclick.net
ssum.casalemedia.com
0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com
27 eus.rubiconproject.com s.amazon-adsystem.com
rtb.gumgum.com
eus.rubiconproject.com
ms-cookie-sync.presage.io
us.tags.newscgp.com
public.servenobid.com
hde.tynt.com
g2.gumgum.com
cs-server-s2s.yellowblue.io
cs-rtb.minutemedia-prebid.com
ads.us.e-planning.net
tagan.adlightning.com
player.aniview.com
26 simage2.pubmatic.com 17 redirects cs-server-s2s.yellowblue.io
cs-rtb.minutemedia-prebid.com
ads.pubmatic.com
s.amazon-adsystem.com
nypost.com
public.servenobid.com
26 ib.adnxs.com 15 redirects us.tags.newscgp.com
0cf17917-395b-4f25-91cc-db3bdd6044b0.edge.permutive.app
acdn.adnxs.com
googleads.g.doubleclick.net
eb2.3lift.com
de.tynt.com
25 usersync.gumgum.com 2 redirects rtb.gumgum.com
eus.rubiconproject.com
g2.gumgum.com
ads.pubmatic.com
25 x.bidswitch.net 22 redirects i.liadm.com
rtb.gumgum.com
nypost.com
s.amazon-adsystem.com
22 cs.minutemedia-prebid.com cs-rtb.minutemedia-prebid.com
eus.rubiconproject.com
22 match.adsrvr.org 21 redirects us.tags.newscgp.com
public.servenobid.com
22 s.amazon-adsystem.com 2 redirects tagan.adlightning.com
s.amazon-adsystem.com
rtb.gumgum.com
match.sharethrough.com
ms-cookie-sync.presage.io
u.openx.net
ssum-sec.casalemedia.com
bh.contextweb.com
eus.rubiconproject.com
ads.pubmatic.com
eb2.3lift.com
21 ads.servenobid.com us.tags.newscgp.com
public.servenobid.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
g2.gumgum.com
cs-server-s2s.yellowblue.io
cs-rtb.minutemedia-prebid.com
eus.rubiconproject.com
ads.pubmatic.com
21 api-2-0.spot.im static-cdn.spot.im
19 sync.1rx.io 19 redirects
18 cks.connatix.com 2 redirects nypost.com
blank
16 images.outbrainimg.com nypost.com
16 widgets.outbrain.com cdn.cookielaw.org
tagan.adlightning.com
nypost.com
widgets.outbrain.com
15 cs-server-s2s.yellowblue.io public.servenobid.com
cs-server-s2s.yellowblue.io
sync.quantumdex.io
tagan.adlightning.com
14 image2.pubmatic.com 10 redirects s.amazon-adsystem.com
ads.pubmatic.com
14 us-u.openx.net 6 redirects u.openx.net
google-bidout-d.openx.net
googleads.g.doubleclick.net
s.amazon-adsystem.com
de.tynt.com
14 ssum-sec.casalemedia.com 4 redirects s.amazon-adsystem.com
rtb.gumgum.com
ssum-sec.casalemedia.com
public.servenobid.com
js-sec.indexww.com
g2.gumgum.com
sync.quantumdex.io
ssum.casalemedia.com
de.tynt.com
14 b1sync.zemanta.com 14 redirects eb2.3lift.com
14 securepubads.g.doubleclick.net cdn.cookielaw.org
tagan.adlightning.com
securepubads.g.doubleclick.net
imasdk.googleapis.com
nypost.com
rumcdn.geoedge.be
13 match.prod.bidr.io 13 redirects eb2.3lift.com
13 image6.pubmatic.com 2 redirects ads.pubmatic.com
13 secure-assets.rubiconproject.com 13 redirects
13 match.sharethrough.com 9 redirects s.amazon-adsystem.com
match.sharethrough.com
13 tagan.adlightning.com cdn.cookielaw.org
tagan.adlightning.com
0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com
12 tpc.googlesyndication.com 0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com
tagan.adlightning.com
12 ssc-cms.33across.com 12 redirects de.tynt.com
12 contextual.media.net us.tags.newscgp.com
contextual.media.net
cs-server-s2s.yellowblue.io
12 ad.turn.com 12 redirects
12 ads.pubmatic.com s.amazon-adsystem.com
rtb.gumgum.com
tagan.adlightning.com
public.servenobid.com
hde.tynt.com
g2.gumgum.com
ads.us.e-planning.net
sync.quantumdex.io
player.aniview.com
12 bh.contextweb.com 9 redirects s.amazon-adsystem.com
bh.contextweb.com
12 ups.analytics.yahoo.com 11 redirects google-bidout-d.openx.net
11 u-iad04.e-planning.net ads.us.e-planning.net
ssum.casalemedia.com
11 capi.connatix.com 2 redirects nypost.com
cd.connatix.com
cs-server-s2s.yellowblue.io
de.tynt.com
11 prebid.a-mo.net 6 redirects ads.pubmatic.com
player.aniview.com
11 pr-bh.ybp.yahoo.com 4 redirects widgets.outbrain.com
u.openx.net
ssum-sec.casalemedia.com
10 sync.quantumdex.io sync.adkernel.com
sync.quantumdex.io
ssum-sec.casalemedia.com
cs-server-s2s.yellowblue.io
10 videos-cloudfront-usp.jwpsrv.com ssl.p.jwpcdn.com
10 ads.stickyadstv.com 4 redirects ssum-sec.casalemedia.com
googleads.g.doubleclick.net
player.aniview.com
10 cdn.cookielaw.org nypost.com
cdn.cookielaw.org
9 image4.pubmatic.com 7 redirects s.amazon-adsystem.com
9 sync.targeting.unrulymedia.com 5 redirects ssbsync.smartadserver.com
cs-server-s2s.yellowblue.io
cs-rtb.minutemedia-prebid.com
9 api.permutive.com 0cf17917-395b-4f25-91cc-db3bdd6044b0.edge.permutive.app
9 googleads.g.doubleclick.net www.googleadservices.com
0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com
tagan.adlightning.com
8 googleads4.g.doubleclick.net tagan.adlightning.com
8 player.spotim.market nypost.com
rumcdn.geoedge.be
8 onetag-sys.com public.servenobid.com
sync.adkernel.com
cs-rtb.minutemedia-prebid.com
cs-server-s2s.yellowblue.io
sync.quantumdex.io
ads.us.e-planning.net
8 rtb-csync.smartadserver.com 2 redirects ssbsync.smartadserver.com
8 libs.outbrain.com tagan.adlightning.com
8 pixel-us-east.rubiconproject.com 8 redirects
8 mcdp-nydc1.outbrain.com widgets.outbrain.com
8 i.liadm.com 4 redirects tagan.adlightning.com
i.liadm.com
nypost.com
ads.pubmatic.com
8 www.google-analytics.com nypost.com
www.google-analytics.com
www.googletagmanager.com
8 www.google.com nypost.com
www.gstatic.com
www.google.com
0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com
8 zephr-v4.nypost.com nypost.com
7 sync.aniview.com player.aniview.com
7 secure.adnxs.com 7 redirects
7 pixel-sync.sitescout.com 7 redirects us-u.openx.net
7 ssbsync.smartadserver.com 5 redirects ms-cookie-sync.presage.io
public.servenobid.com
rtb.gumgum.com
0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com
7 pixel.rubiconproject.com 4 redirects eus.rubiconproject.com
7 stags.bluekai.com 7 redirects us-u.openx.net
7 dis.criteo.com 7 redirects
7 elb.the-ozone-project.com us.tags.newscgp.com
elb.the-ozone-project.com
static.cloudflareinsights.com
7 track1.aniview.com nypost.com
player.aniview.com
7 assets.bounceexchange.com tag.bounceexchange.com
tagan.adlightning.com
assets.bounceexchange.com
7 aax.amazon-adsystem.com c.amazon-adsystem.com
7 use.typekit.net nypost.com
use.typekit.net
6 events-ssc.33across.com hde.tynt.com
eus.rubiconproject.com
us-u.openx.net
ads.pubmatic.com
6 ap.lijit.com 6 redirects
6 www.googletagservices.com tagan.adlightning.com
0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com
6 sync.technoratimedia.com 6 redirects
6 sync.srv.stackadapt.com 4 redirects eb2.3lift.com
0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com
6 ms-cookie-sync.presage.io s.amazon-adsystem.com
ms-cookie-sync.presage.io
ssbsync.smartadserver.com
eus.rubiconproject.com
6 p.rfihub.com 6 redirects
6 id5-sync.com 4 redirects cdn.id5-sync.com
widgets.outbrain.com
ssbsync.smartadserver.com
6 player.aniview.com video.unrulymedia.com
tagan.adlightning.com
player.aniview.com
6 prebid-server.rubiconproject.com us.tags.newscgp.com
nypost.com
hde.tynt.com
blank
6 ssl.p.jwpcdn.com cdn.jwplayer.com
tagan.adlightning.com
6 sb.scorecardresearch.com 3 redirects nypost.com
6 cdn.jwplayer.com 3 redirects nypost.com
cdn.jwplayer.com
ssl.p.jwpcdn.com
5 csync.loopme.me 5 redirects
5 cs.yellowblue.io contextual.media.net
cs-server-s2s.yellowblue.io
eus.rubiconproject.com
5 ssp.disqus.com 5 redirects
5 pixel.tapad.com 3 redirects s.amazon-adsystem.com
us-u.openx.net
5 0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com securepubads.g.doubleclick.net
tagan.adlightning.com
5 c1.adform.net 4 redirects ads.pubmatic.com
5 prd.jwpltx.com nypost.com
5 creativecdn.com 5 redirects
5 sync.go.sonobi.com 4 redirects widgets.outbrain.com
5 rtb.mfadsrvr.com 5 redirects eb2.3lift.com
5 px.ads.linkedin.com 1 redirects widgets.outbrain.com
eus.rubiconproject.com
eb2.3lift.com
5 idsync.rlcdn.com 3 redirects google-bidout-d.openx.net
s.amazon-adsystem.com
5 c2shb.ssp.yahoo.com us.tags.newscgp.com
5 fastlane.rubiconproject.com us.tags.newscgp.com
5 s0.2mdn.net imasdk.googleapis.com
0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com
tagan.adlightning.com
4 ssp-sync.criteo.com static.criteo.net
blank
4 assets.a-mo.net prebid.a-mo.net
4 io.narrative.io 2 redirects nypost.com
public.servenobid.com
4 rumcdn.geoedge.be static-cdn.spot.im
rumcdn.geoedge.be
player.spotim.market
4 static.vidazoo.com tagan.adlightning.com
blank
4 pubmatic-match.dotomi.com 4 redirects
4 ads.avct.cloud 4 redirects
4 pm.w55c.net 4 redirects eb2.3lift.com
4 token.rubiconproject.com 4 redirects
4 um.simpli.fi 4 redirects eb2.3lift.com
0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com
4 sync-tm.everesttech.net 4 redirects ads.pubmatic.com
eb2.3lift.com
4 media.sailthru.com nypost.com
4 ad.360yield.com 4 redirects
4 id.rlcdn.com 2 redirects contextual.media.net
tagan.adlightning.com
us-u.openx.net
4 sync.crwdcntrl.net 1 redirects widgets.outbrain.com
nypost.com
ads.pubmatic.com
4 mv.outbrain.com tagan.adlightning.com
4 tlx.3lift.com us.tags.newscgp.com
tagan.adlightning.com
4 www.gstatic.com www.google.com
www.gstatic.com
4 us.tags.newscgp.com 2 redirects nypost.com
3 px.owneriq.net 3 redirects
3 hblg.media.net nypost.com
blank
3 pix.spot.im static-cdn.spot.im
3 ads.betweendigital.com 3 redirects
3 ads.yieldmo.com 3 redirects
3 sync.taboola.com 3 redirects
3 dsum.casalemedia.com ssum-sec.casalemedia.com
3 crb.kargo.com 2 redirects s.amazon-adsystem.com
3 ssum.casalemedia.com 2 redirects ads.us.e-planning.net
3 sync.adkernel.com public.servenobid.com
sync.adkernel.com
ads.us.e-planning.net
3 sync.spotim.market nypost.com
ads.pubmatic.com
3 ping-meta-prd.jwpltx.com nypost.com
3 a.tribalfusion.com 1 redirects ads.pubmatic.com
0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com
3 cs.admanmedia.com rtb.gumgum.com
cs-rtb.minutemedia-prebid.com
g2.gumgum.com
player.aniview.com
3 tg.socdm.com 3 redirects
3 match.deepintent.com 2 redirects rtb.gumgum.com
3 sync.ipredictive.com 3 redirects us-u.openx.net
3 cms.quantserve.com 3 redirects 0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com
3 c.bing.com widgets.outbrain.com
eb2.3lift.com
3 u.openx.net 2 redirects s.amazon-adsystem.com
3 loadus.exelator.com 2 redirects widgets.outbrain.com
3 dsp.adfarm1.adition.com 3 redirects
3 sync.mathtag.com 2 redirects i.liadm.com
eb2.3lift.com
3 pippio.com 2 redirects i.liadm.com
3 gum.criteo.com 1 redirects tagan.adlightning.com
contextual.media.net
3 us.q2s15.com cdn.watchingthat.net
3 cs.media.net 1 redirects contextual.media.net
nypost.com
3 bidder.criteo.com us.tags.newscgp.com
static.criteo.net
3 pg-prebid-server.rubiconproject.com us.tags.newscgp.com
3 assets-jpcust.jwpsrv.com nypost.com
3 static.criteo.net tagan.adlightning.com
us.tags.newscgp.com
static.criteo.net
3 t.skimresources.com nypost.com
s.skimresources.com
3 htlb.casalemedia.com us.tags.newscgp.com
3 grid.bidswitch.net us.tags.newscgp.com
3 prebid.media.net us.tags.newscgp.com
3 c.amazon-adsystem.com nypost.com
c.amazon-adsystem.com
player.spotim.market
3 api.btloader.com nypost-com.videoplayerhub.com
3 www.googletagmanager.com nypost.com
www.googletagmanager.com
cdn.cookielaw.org
3 cdn.flipboard.com nypost.com
3 rebelhen.com nypost.com
rebelhen.com
2 bpi.rtactivate.com nypost.com
ads.pubmatic.com
us-u.openx.net
2 core.iprom.net ads.pubmatic.com
2 matching.truffle.bid ads.pubmatic.com
2 mweb.ck.inmobi.com 2 redirects
2 ipac.ctnsnet.com ads.pubmatic.com
2 gocm.c.appier.net 2 redirects
2 t.adx.opera.com 2 redirects 0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com
2 ums.acuityplatform.com 2 redirects
2 ad.mrtnsvr.com 2 redirects
2 player.adtelligent.com player.spotim.market
2 thrtle.com 1 redirects s.amazon-adsystem.com
2 pmp.mxptint.net 1 redirects s.amazon-adsystem.com
2 beacon.lynx.cognitivlabs.com 1 redirects ads.pubmatic.com
0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com
2 vop.sundaysky.com 2 redirects
2 k.p-n.io cdn.p-n.io
2 sync.teads.tv 1 redirects googleads.g.doubleclick.net
2 sync.springserve.com ssum-sec.casalemedia.com
ssum.casalemedia.com
2 r.casalemedia.com ssum-sec.casalemedia.com
ssum.casalemedia.com
2 casale-match.dotomi.com 2 redirects
2 server3.vidazoo.com static.vidazoo.com
2 sync.e-planning.net ads.us.e-planning.net
eus.rubiconproject.com
rtb.gumgum.com
eb2.3lift.com
2 prebid-match.dotomi.com 2 redirects
2 s.e-planning.net ads.us.e-planning.net
2 c21lg-d.media.net contextual.media.net
2 ads.us.e-planning.net 1 redirects sync.adkernel.com
2 pix.cdnwidget.com 1 redirects nypost.com
2 33across-match.dotomi.com 2 redirects
2 rtb2-useast.marketiq.com 2 redirects
2 cdn.indexww.com ssum-sec.casalemedia.com
2 cs.krushmedia.com 2 redirects
2 odr.mookie1.com 2 redirects
2 cds.connatix.com nypost.com
tagan.adlightning.com
2 tr.outbrain.com amplify.outbrain.com
tagan.adlightning.com
2 medianet-match.dotomi.com 2 redirects
2 sync.admanmedia.com 2 redirects
2 hbx.media.net 1 redirects contextual.media.net
2 ce.lijit.com 2 redirects
2 ib.3lift.com tagan.adlightning.com
2 de.tynt.com 1 redirects tagan.adlightning.com
2 a.sportradarserving.com 2 redirects
2 js-sec.indexww.com us.tags.newscgp.com
2 acdn.adnxs.com us.tags.newscgp.com
2 servt.unrulyvideo.com nypost.com
blank
2 pulsepoint-match.dotomi.com 2 redirects
2 rtb.adentifi.com 1 redirects ssum-sec.casalemedia.com
eb2.3lift.com
2 s.ad.smaato.net 2 redirects sync.quantumdex.io
2 ice.360yield.com 2 redirects
2 ps.eyeota.net 1 redirects widgets.outbrain.com
2 aa.agkn.com widgets.outbrain.com
public.servenobid.com
us-u.openx.net
2 beacon.krxd.net widgets.outbrain.com
nypost.com
2 dpm.demdex.net 1 redirects widgets.outbrain.com
2 bcp.crwdcntrl.net tags.crwdcntrl.net
s.amazon-adsystem.com
2 rtb.gumgum.com s.amazon-adsystem.com
ads.us.e-planning.net
2 x.dlx.addthis.com 1 redirects i.liadm.com
2 i6.liadm.com i.liadm.com
2 live.rezync.com 2 redirects
2 oajs.openx.net 1 redirects nypost.com
2 direct.adsrvr.org us.tags.newscgp.com
2 ls.skimresources.com s.skimresources.com
2 tags.crwdcntrl.net tagan.adlightning.com
s.e-planning.net
2 fonts.gstatic.com www.google.com
2 api.nypdev.com nypost.com
2 p.skimresources.com nypost.com
2 t.nypost.com nypost.com
t.nypost.com
2 targeting.unrulymedia.com us.tags.newscgp.com
2 tags.nypost.com 1 redirects nypost.com
2 v2.pixel.newscgp.com us.tags.newscgp.com
2 broker.datazoom.io platform.datazoom.io
2 www.zergnet.com nypost.com
tagan.adlightning.com
2 video.unrulymedia.com cdn.cookielaw.org
player.aniview.com
2 imasdk.googleapis.com cdn.jwplayer.com
tagan.adlightning.com
2 b-code.liadm.com www.googletagmanager.com
b-code.liadm.com
2 ad-delivery.net nypost.com
2 publisher-assets.spot.im launcher.spot.im
nypost.com
2 p.typekit.net use.typekit.net
2 launcher.spot.im nypost.com
2 cdn.speedcurve.com nypost.com
2 geolocation.onetrust.com cdn.cookielaw.org
2 platform.datazoom.io nypost.com
platform.datazoom.io
1 metrics-logger.spot.im static-cdn.spot.im
1 vid.vidoomy.com player.aniview.com
1 p.astarcdn.com rumcdn.geoedge.be
1 p.jcontentcdn.com rumcdn.geoedge.be
1 match.adsby.bidtheatre.com 1 redirects
1 sync.bfmio.com s.amazon-adsystem.com
1 cm.adgrx.com 1 redirects
1 observe.aniview.com player.aniview.com
1 ins.connatix.com cd.connatix.com
1 vid.connatix.com cd.connatix.com
1 synchroscript.deliveryengine.adswizz.com s.amazon-adsystem.com
1 sync.resetdigital.co 1 redirects
1 sync.colossusssp.com 1 redirects
1 connatix-supply-partners.tremorhub.com 1 redirects
1 i.ctnsnet.com 1 redirects
1 d.adroll.com ssum.casalemedia.com
1 partners.tremorhub.com googleads.g.doubleclick.net
1 i.e-planning.net ads.us.e-planning.net
1 cookies.nextmillmedia.com 1 redirects
1 rtb.openx.net 1 redirects us-u.openx.net
0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com
1 pixel.sitescout.com 1 redirects
1 sync.adtelligent.com sync.quantumdex.io
1 simage4.pubmatic.com ads.pubmatic.com
1 ssbsync-global.smartadserver.com 1 redirects
1 events.bouncex.net nypost.com
1 idr.cdnwidget.com nypost.com
1 trace.mediago.io 1 redirects
1 dsp.adkernel.com 1 redirects
1 visitor.omnitagjs.com 1 redirects
1 bttrack.com 1 redirects
1 cd.connatix.com 1 redirects
1 wave.outbrain.com amplify.outbrain.com
1 dmp.adblade.com contextual.media.net
1 cm.adform.net 1 redirects
1 cs-rtb.minutemedia-prebid.com public.servenobid.com
1 g2.gumgum.com public.servenobid.com
1 hde.tynt.com us.tags.newscgp.com
1 ids.cdnwidget.com assets.bounceexchange.com
1 di.rlcdn.com nypost.com
1 pixel.advertising.com 1 redirects
1 csi.gstatic.com imasdk.googleapis.com
1 cm.smadex.com 1 redirects
1 static.cloudflareinsights.com elb.the-ozone-project.com
1 amplify.outbrain.com widgets.outbrain.com
1 aax-eu.amazon-adsystem.com eus.rubiconproject.com
1 usermatch.krxd.net 1 redirects
1 public.servenobid.com us.tags.newscgp.com
1 us01.z.antigena.com s.amazon-adsystem.com
1 eventlog.outbrain.com widgets.outbrain.com
1 google-bidout-d.openx.net tagan.adlightning.com
1 s.company-target.com 1 redirects
1 s.tribalfusion.com 1 redirects
1 mug.criteo.com nypost.com
1 maxcdn.bootstrapcdn.com nypost.com
1 adservice.google.com tagan.adlightning.com
1 tg1.unrulyvideo.com tagan.adlightning.com
1 cm.rtbsystem.com 1 redirects
1 sync-jp.im-apps.net widgets.outbrain.com
1 d.turn.com 1 redirects
1 esp.rtbhouse.com invstatic101.creativecdn.com
1 view.cdnbasket.net assets.bounceexchange.com
1 page.cdnbasket.net assets.bounceexchange.com
1 data.cdnbasket.net assets.bounceexchange.com
1 krk.kargo.com us.tags.newscgp.com
1 ajax.googleapis.com player.aniview.com
1 sli.nypost.com nypost.com
1 oa.openxcdn.net tagan.adlightning.com
1 cdn-ima.33across.com tagan.adlightning.com
1 cdn.jsdelivr.net tagan.adlightning.com
1 invstatic101.creativecdn.com tagan.adlightning.com
1 cdn.id5-sync.com tagan.adlightning.com
1 cdn.prod.uidapi.com tagan.adlightning.com
1 stats.g.doubleclick.net www.google-analytics.com
1 cdn.permutive.com 0cf17917-395b-4f25-91cc-db3bdd6044b0.edge.permutive.app
1 r.skimresources.com s.skimresources.com
1 0cf17917-395b-4f25-91cc-db3bdd6044b0.prmutv.co 0cf17917-395b-4f25-91cc-db3bdd6044b0.edge.permutive.app
1 rp4.liadm.com nypost.com
1 rp.liadm.com 1 redirects
1 widget-pixels.outbrain.com nypost.com
1 ampcid.google.com www.google-analytics.com
1 aniview-diag-server.1rx.io nypost.com
1 tags.penews.com us.tags.newscgp.com
1 tags.pagesix.com us.tags.newscgp.com
1 tags.decider.com us.tags.newscgp.com
1 tags.wsj.com us.tags.newscgp.com
1 tags.marketwatch.com us.tags.newscgp.com
1 tags.mansionglobal.com us.tags.newscgp.com
1 tags.barrons.com us.tags.newscgp.com
1 tags.realtor.com us.tags.newscgp.com
1 www.ncaudienceexchange.com us.tags.newscgp.com
1 sac.nypost.com storage.googleapis.com
1 0cf17917-395b-4f25-91cc-db3bdd6044b0.edge.permutive.app cdn.cookielaw.org
1 s.skimresources.com cdn.cookielaw.org
1 segment-data.zqtk.net nypost.com
1 cdn.p-n.io cdn.cookielaw.org
1 tag.bounceexchange.com nypost.com
1 p1.parsely.com nypost.com
1 entitlements.jwplayer.com cdn.jwplayer.com
1 www.facebook.com nypost.com
1 pixel.wp.com nypost.com
1 ad.doubleclick.net nypost.com
1 static.adsafeprotected.com nypost.com
1 storage.googleapis.com www.googletagmanager.com
1 cdn.parsely.com d1z2jf7jlzjs58.cloudfront.net
1 cdn.watchingthat.net cdn.jwplayer.com
1 open-api.spot.im nypost.com
1 direct-events-collector.spot.im launcher.spot.im
1 warp.media.net us.tags.newscgp.com
1 decider.com nypost.com
1 pagesix.com nypost.com
1 www.googleadservices.com nypost.com
1 stats.wp.com nypost.com
1 d1z2jf7jlzjs58.cloudfront.net nypost.com
1 ak.sail-horizon.com nypost.com
1 btloader.com nypost.com
1 nypost-com.videoplayerhub.com 1 redirects
0 browser-http-intake.logs.datadoghq.com Failed static-cdn.spot.im
0 csm.va.us.criteo.net Failed gum.criteo.com
0 pl.connatix.com Failed cd.connatix.com
0 inv-nets.admixer.net Failed player.aniview.com
0 an.yandex.ru Failed 0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com
0 ius.ctnsnet.com Failed 0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com
0 dclk-match.dotomi.com Failed 0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com
0 aorta.clickagy.com Failed us-u.openx.net
0 idpix.media6degrees.com Failed us-u.openx.net
0 aep.mxptint.net Failed 0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com
0 sync.intentiq.com Failed nypost.com
0 ghb.spotim.market Failed player.spotim.market
0 us.creativecdn.com Failed eb2.3lift.com
0 triplelift-match.dotomi.com Failed eb2.3lift.com
0 sync-dmp.mobtrakk.com Failed rtb.gumgum.com
0 uipglob.semasio.net Failed public.servenobid.com
0 sync.richaudience.com Failed ads.us.e-planning.net
0 dmp.brand-display.com Failed ssum-sec.casalemedia.com
ssum.casalemedia.com
0 sync.search.spotxchange.com Failed match.sharethrough.com
nypost.com
googleads.g.doubleclick.net
tagan.adlightning.com
0 id.geistm.com Failed widgets.outbrain.com
0 tags.knewz.com Failed us.tags.newscgp.com
1320 378

This site contains no links.

Subject Issuer Validity Valid
nypost.com
R3		 2023-07-22 -
2023-10-20		 3 months crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2023-04-01 -
2024-03-31		 a year crt.sh
zephr-v4.pagesix.com
Amazon RSA 2048 M01		 2023-06-24 -
2024-07-22		 a year crt.sh
us.tags.newscgp.com
Amazon RSA 2048 M02		 2023-04-20 -
2024-05-17		 a year crt.sh
ak.sail-horizon.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-01-16		 a year crt.sh
*.datazoom.io
Amazon RSA 2048 M01		 2023-02-20 -
2024-03-21		 a year crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2022-12-13 -
2023-12-13		 a year crt.sh
use.typekit.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-14 -
2023-10-15		 a year crt.sh
*.speedcurve.com
GlobalSign Atlas R3 DV TLS CA 2023 Q2		 2023-04-19 -
2024-05-20		 a year crt.sh
rebelhen.com
R3		 2023-08-07 -
2023-11-05		 3 months crt.sh
*.flipboard.com
Amazon RSA 2048 M01		 2023-05-15 -
2024-06-12		 a year crt.sh
*.spot.im
Amazon RSA 2048 M01		 2023-02-21 -
2023-11-01		 8 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
jwplayer.com
Amazon RSA 2048 M02		 2023-03-01 -
2023-12-25		 10 months crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA		 2022-11-14 -
2023-12-15		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
pagesix.com
R3		 2023-07-21 -
2023-10-19		 3 months crt.sh
decider.com
R3		 2023-08-14 -
2023-11-12		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
cdn.watchingthat.net
R3		 2023-07-08 -
2023-10-06		 3 months crt.sh
*.jwplayer.com
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-11-26 -
2023-12-28		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
*.parsely.com
Amazon RSA 2048 M02		 2023-05-06 -
2024-06-03		 a year crt.sh
storage.googleapis.com
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
api.btloader.com
GTS CA 1D4		 2023-08-11 -
2023-11-09		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-02-19 -
2024-02-19		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
*.liadm.com
Amazon RSA 2048 M02		 2023-02-28 -
2024-01-30		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-05-23 -
2023-08-21		 3 months crt.sh
entitlements.jwplayer.com
GeoTrust TLS RSA CA G1		 2023-04-11 -
2024-05-11		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
tag.bounceexchange.com
R3		 2023-07-23 -
2023-10-21		 3 months crt.sh
pushlycdn.com
Amazon RSA 2048 M02		 2023-02-27 -
2024-02-13		 a year crt.sh
*.zqtk.net
Amazon RSA 2048 M01		 2023-06-18 -
2024-07-15		 a year crt.sh
*.skimresources.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-25 -
2023-11-08		 a year crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-09 -
2024-02-11		 a year crt.sh
permutive.app
Cloudflare Inc ECC CA-3		 2023-07-09 -
2023-10-07		 3 months crt.sh
*.adlightning.com
Amazon RSA 2048 M01		 2023-07-08 -
2024-08-05		 a year crt.sh
*.zergnet.com
Amazon RSA 2048 M01		 2023-02-11 -
2024-03-11		 a year crt.sh
v2.pixel.nypp.data.newscorp.com
GTS CA 1D4		 2023-06-24 -
2023-09-22		 3 months crt.sh
prebid.media.net
GTS CA 1D4		 2023-07-05 -
2023-10-03		 3 months crt.sh
ncaudienceexchange.com
Amazon RSA 2048 M01		 2023-02-24 -
2023-10-20		 8 months crt.sh
tags.penews.com
Amazon RSA 2048 M02		 2023-04-30 -
2024-05-28		 a year crt.sh
v2.pixel.newscgp.com
GTS CA 1D4		 2023-07-03 -
2023-10-01		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA		 2023-05-10 -
2024-05-10		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
assets.bounceexchange.com
GTS CA 1D4		 2023-07-24 -
2023-10-22		 3 months crt.sh
*.nypost.com
Amazon RSA 2048 M01		 2023-02-24 -
2024-03-24		 a year crt.sh
*.aniview.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-11-09		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2023-07-18 -
2024-06-28		 a year crt.sh
*.prmutv.co
R3		 2023-06-06 -
2023-09-04		 3 months crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
*.nypdev.com
Amazon RSA 2048 M01		 2023-02-25 -
2024-03-25		 a year crt.sh
permutive.com
Cloudflare Inc ECC CA-3		 2023-01-26 -
2024-01-25		 a year crt.sh
api.permutive.com
R3		 2023-06-17 -
2023-09-15		 3 months crt.sh
cdn.prod.uidapi.com
R3		 2023-08-10 -
2023-11-08		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2022-11-07 -
2023-12-06		 a year crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-06-27 -
2023-09-25		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-05 -
2023-10-31		 3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-06 -
2023-09-30		 a year crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-07-27 -
2023-10-25		 3 months crt.sh
sli.nypost.com
Amazon RSA 2048 M01		 2023-03-13 -
2024-04-10		 a year crt.sh
ads.servenobid.com
Amazon RSA 2048 M02		 2023-04-29 -
2024-05-27		 a year crt.sh
the-ozone-project.com
E1		 2023-06-30 -
2023-09-28		 3 months crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-05-23 -
2023-11-15		 6 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-19 -
2023-10-18		 3 months crt.sh
*.app.kargo.com
Amazon RSA 2048 M02		 2023-02-21 -
2024-01-18		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.outbrainimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-02 -
2024-03-02		 a year crt.sh
q2s15.com
Amazon RSA 2048 M02		 2023-01-23 -
2024-02-22		 a year crt.sh
*.id5-sync.com
R3		 2023-07-04 -
2023-10-02		 3 months crt.sh
data.cdnbasket.net
GTS CA 1D4		 2023-07-17 -
2023-10-15		 3 months crt.sh
page.cdnbasket.net
GTS CA 1D4		 2023-07-20 -
2023-10-18		 3 months crt.sh
view.cdnbasket.net
GTS CA 1D4		 2023-07-26 -
2023-10-24		 3 months crt.sh
esp.rtbhouse.com
GTS CA 1D4		 2023-07-14 -
2023-10-12		 3 months crt.sh
*.mathtag.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-30 -
2024-04-29		 a year crt.sh
gumgum.com
Amazon RSA 2048 M02		 2023-06-07 -
2024-07-06		 a year crt.sh
*.im-apps.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-13 -
2024-04-13		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-14 -
2024-04-12		 a year crt.sh
*.agkn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-09-06 -
2023-09-21		 a year crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 05		 2023-07-26 -
2024-01-22		 6 months crt.sh
wl2.aniview.com
R3		 2023-07-24 -
2023-10-22		 3 months crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
*.ogury.co
Amazon RSA 2048 M01		 2023-07-19 -
2024-08-16		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-11-30 -
2024-01-01		 a year crt.sh
*.contextweb.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-10 -
2024-05-09		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
media.sailthru.com
Amazon RSA 2048 M01		 2023-04-05 -
2024-05-03		 a year crt.sh
*.ad-server.k8s.ggops.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-09		 a year crt.sh
*.admanmedia.com
Go Daddy Secure Certificate Authority - G2		 2023-04-20 -
2024-05-21		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-04-04 -
2023-09-27		 6 months crt.sh
*.ads.stickyadstv.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-19 -
2024-05-19		 a year crt.sh
adentifi.com
Amazon RSA 2048 M01		 2023-07-06 -
2024-08-03		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
*.unrulyvideo.com
Amazon RSA 2048 M01		 2023-02-10 -
2024-03-10		 a year crt.sh
*.z.antigena.com
Sectigo ECC Domain Validation Secure Server CA		 2023-04-03 -
2024-04-02		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2022-10-21 -
2023-10-22		 a year crt.sh
*.servenobid.com
Amazon RSA 2048 M02		 2023-02-21 -
2024-02-05		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2023-06-02 -
2023-12-02		 6 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
ids.cdnwidget.com
R3		 2023-07-31 -
2023-10-29		 3 months crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-07 -
2023-09-30		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.minutemedia-prebid.com
Amazon RSA 2048 M01		 2023-05-01 -
2024-05-29		 a year crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G4		 2023-01-03 -
2024-02-04		 a year crt.sh
*.yellowblue.io
Amazon ECDSA 256 M02		 2023-04-18 -
2024-05-16		 a year crt.sh
dmp.adblade.com
R3		 2023-06-29 -
2023-09-27		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
jwpsrv.com
Amazon RSA 2048 M02		 2023-03-20 -
2024-04-16		 a year crt.sh
gw.geoedge.be
Amazon RSA 2048 M01		 2023-08-12 -
2024-09-09		 a year crt.sh
player.spotim.market
R3		 2023-06-17 -
2023-09-15		 3 months crt.sh
idr.cdnwidget.com
R3		 2023-07-16 -
2023-10-14		 3 months crt.sh
*.wunderkind.co
R3		 2023-08-08 -
2023-11-06		 3 months crt.sh
ads.us.e-planning.net
R3		 2023-07-14 -
2023-10-12		 3 months crt.sh
sync.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2023-07-23 -
2023-10-21		 3 months crt.sh
*.e-planning.net
R3		 2023-07-14 -
2023-10-12		 3 months crt.sh
*.connatix.com
Go Daddy Secure Certificate Authority - G2		 2022-08-22 -
2023-09-23		 a year crt.sh
*.vidazoo.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-12 -
2024-04-03		 a year crt.sh
i.e-planning.net
Sectigo RSA Domain Validation Secure Server CA		 2023-01-09 -
2024-02-09		 a year crt.sh
*.springserve.com
Amazon RSA 2048 M02		 2023-08-02 -
2024-08-30		 a year crt.sh
*.p-n.io
Amazon RSA 2048 M01		 2023-02-27 -
2024-01-21		 a year crt.sh
d.adroll.com
Amazon RSA 2048 M01		 2022-11-08 -
2023-12-07		 a year crt.sh
*.srv.stackadapt.com
Amazon RSA 2048 M02		 2023-02-27 -
2023-11-07		 8 months crt.sh
*.a-mo.net
R3		 2023-08-07 -
2023-11-05		 3 months crt.sh
beacon.lynx.cognitivlabs.com
Amazon RSA 2048 M02		 2023-03-31 -
2024-04-28		 a year crt.sh
*.deliveryengine.adswizz.com
Amazon RSA 2048 M02		 2023-02-09 -
2024-02-13		 a year crt.sh
*.tapad.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-14 -
2023-10-15		 a year crt.sh
*.bfmio.com
Amazon RSA 2048 M02		 2023-03-17 -
2024-04-14		 a year crt.sh
player.adtelligent.com
R3		 2023-07-19 -
2023-10-17		 3 months crt.sh
*.ctnsnet.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-04 -
2023-11-06		 10 months crt.sh
truffle.bid
R3		 2023-08-10 -
2023-11-08		 3 months crt.sh
*.iprom.net
R3		 2023-05-23 -
2023-08-21		 3 months crt.sh
sync.spotim.market
ZeroSSL ECC Domain Secure Site CA		 2023-07-23 -
2023-10-21		 3 months crt.sh
rtactivate.com
Amazon RSA 2048 M01		 2023-03-14 -
2024-04-11		 a year crt.sh
p.jcontentcdn.com
R3		 2023-06-16 -
2023-09-14		 3 months crt.sh
p.astarcdn.com
R3		 2023-08-12 -
2023-11-10		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-01 -
2023-10-02		 a year crt.sh
events-ssc.33across.com
GTS CA 1D4		 2023-07-02 -
2023-09-30		 3 months crt.sh

This page contains 203 frames:

Primary Page: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Frame ID: 4F4395DEB30224F5B6B60B1A597A5E1E
Requests: 530 HTTP requests in this frame

Frame: https://www.ncaudienceexchange.com/prod/ncg/cookie.html
Frame ID: C6E9B64BD0BDC2893842C41EA78AE945
Requests: 1 HTTP requests in this frame

Frame: https://tags.realtor.com/prod/ncg/cookie.html
Frame ID: 334C9FBD2D92383B75C568DEC5F8FE79
Requests: 1 HTTP requests in this frame

Frame: https://tags.barrons.com/prod/ncg/cookie.html
Frame ID: F8BCAE239BF0A0ADB76461D654D0687E
Requests: 1 HTTP requests in this frame

Frame: https://tags.mansionglobal.com/prod/ncg/cookie.html
Frame ID: 63CAF04D9018AB3B5D344E01CBAE030E
Requests: 1 HTTP requests in this frame

Frame: https://tags.marketwatch.com/prod/ncg/cookie.html
Frame ID: 14B970688FA7519DC07151444058757A
Requests: 1 HTTP requests in this frame

Frame: https://tags.wsj.com/prod/ncg/cookie.html
Frame ID: AD3DACBFC8F93D54CC4CCE71AE1282D5
Requests: 1 HTTP requests in this frame

Frame: https://tags.decider.com/prod/ncg/cookie.html
Frame ID: 83CB317D51C43C053E06661D4E766D2F
Requests: 1 HTTP requests in this frame

Frame: https://tags.pagesix.com/prod/ncg/cookie.html
Frame ID: 3264051DF51E86E61F88D44A5744CAE9
Requests: 1 HTTP requests in this frame

Frame: https://tags.knewz.com/prod/ncg/cookie.html
Frame ID: 0C0955598EEDA30CC2072A656A987787
Requests: 1 HTTP requests in this frame

Frame: https://tags.penews.com/prod/ncg/cookie.html
Frame ID: 2FF94EF697E47086A75C95C0A5796022
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Leg3vIiAAAAAByX7xhKbJS8ZzblWErZEWeeILD1&co=aHR0cHM6Ly9ueXBvc3QuY29tOjQ0Mw..&hl=en&v=3kTz7WGoZLQTivI-amNftGZO&size=invisible&cb=bwt9h2oraqm2
Frame ID: 503EE0D23E0072E401AB4E0E7AC812AA
Requests: 7 HTTP requests in this frame

Frame: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.4808754495638454
Frame ID: BFB1267AA96D06FA3167206815E8C304
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&dcc=t
Frame ID: 1D153661E70071CF0AECE40585B9F6FC
Requests: 1 HTTP requests in this frame

Frame: https://t.nypost.com/a/ts_.htm?ver=1.1229.65&cid=c057
Frame ID: 4709CE5635444CB262CF84DCB66F14A9
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html
Frame ID: 0C379E63829F313CD4394DF11B54ACF0
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 21B978F18DA6C0E105BE047EAF2ABD5C
Requests: 1 HTTP requests in this frame

Frame: https://i.liadm.com/s/c/a-01qt?s=&cim=&ps=true&ls=true&duid=37577191df7a--01h7t1h0vpksc8abk7zsfr004m&ppid=0&euns=1&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1---&
Frame ID: 4296B04B4FCC816C85B480C7FF116231
Requests: 8 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: 25DDA35316633ED7291E1874F99D2E58
Requests: 2 HTTP requests in this frame

Frame: https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Frame ID: D6F68D8829A01CFD3CA291A8F08FC30E
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Frame ID: 6AFB3BDE321CFBD3F6037B14E08B8F23
Requests: 34 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=nypost.com&us_privacy=1---
Frame ID: 3F7D7E33F5E1F1DAA141A32DE6CE43B0
Requests: 3 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Frame ID: 93CF52805B5193ADA5CDA97332814A60
Requests: 15 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Frame ID: 92A6B4B11AEB07B816BA88BD6AC734BB
Requests: 10 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Frame ID: 589C8DE5344F0F589779DECB3B03AF56
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Frame ID: 01F101238CC9C7E81CD6C8CA469CE91E
Requests: 18 HTTP requests in this frame

Frame: https://ms-cookie-sync.presage.io/amazon/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dogury.com%26id%3D%24UID
Frame ID: 6D9C72690A56FDD094B90720D5D3431D
Requests: 5 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: 7D8D7978D9C810E2C4197C8267036CB3
Requests: 11 HTTP requests in this frame

Frame: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Frame ID: F454C7BE41F8E6EAB31726581CADA413
Requests: 4 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1SX2JHaWZWRTJ1SkJjUkZLRkhQX2RDbnBxTkM5VWJYS35B
Frame ID: 09E2EE0B87DB89729988662087BD18F1
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: 74B7C765E7BEEBA7EBFAF49AE68E23CF
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=6125384915149995829&ex=appnexus.com
Frame ID: 32F33B0778D099E672D32FAE4DEFB7ED
Requests: 1 HTTP requests in this frame

Frame: https://nypost.com/wp-includes/js/jquery/jquery.js
Frame ID: C3216A7F3AD9711F5B2008904F214832
Requests: 9 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=ZNoi9QAIevMY0AAN&gdpr=&gdpr_consent=&_test=ZNoi9QAIevMY0AAN
Frame ID: 32DD11FDD0E0C99AF4BF4A3EE4122C71
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV84NjY3NWEyZS0xZmEzLTRkNGEtOGRmMy03Nzc0ZjJmYzA2OTc=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: B527D8455A72CFF1E1B0FC46D1953098
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: A8B5A12105013F239964E2B18C510283
Requests: 13 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=885e676c-3a70-45fe-acfc-e7ad294a43e8
Frame ID: ECA0BB0BA363A43B32D8BAB7C8162E8C
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZNoi9cCo8X8AAGiFsigAAAAA
Frame ID: 6AD39DE922E0F2784B9513833C3164A9
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=689661242672352996219
Frame ID: A49A5668AB45F428B9EF6666DE9F3023
Requests: 1 HTTP requests in this frame

Frame: https://cs.admanmedia.com/sync/gumgum?puid=u_86675a2e-1fa3-4d4a-8df3-7774f2fc0697&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa=
Frame ID: 783A447502DFF3C6B8856DF3A8B83275
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Frame ID: 06415319D2FC8E36F63EBB4AEBC6F15B
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=nbVMDximHKFhSA45Jmrh&pi=gumgum&tc=1
Frame ID: 9927F03C86F9427A2EDF5035AF2961A4
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 2EA6BE0FEAFDB02E7E93CC372CFF6E66
Requests: 3 HTTP requests in this frame

Frame: https://assets.bounceexchange.com/assets/bounce/local_storage_frame17.min.html
Frame ID: B812FCA76220495249197E8EC82F1DD5
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 3401DC3BC3F9C4779771151E61A5CED2
Requests: 6 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=ogury&endpoint=us-east&gdpr_consent=undefined
Frame ID: C1C01C5C29E1BA2785AC1AE682D7687A
Requests: 3 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=73&gdpr=false&gdpr_consent=undefined
Frame ID: 923A2089826B2770DC8F3D42B06CA885
Requests: 6 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obUserFrame/test.html?lsd=3ebbb7b7-7e3b-46d4-93bf-dc08b9e67ea7
Frame ID: 55A33F71A8FA3290E83CF5D21945FF63
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Frame ID: E59FD9CE2048E642EE7CFD81451C6265
Requests: 2 HTTP requests in this frame

Frame: https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 779A06D5AFB539E9747219829D4CE2B2
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: 37FF7897E29B0B73C96604C306190AC2
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID68531A78-C812-44CF-A2C6-1C611A476111
Frame ID: 23F7C510B8BCFDD30509F76DBF03C31C
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 372901A396998CA38821ED44241D5D48
Requests: 3 HTTP requests in this frame

Frame: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1---&pubcid=e27f856b-b396-4c82-98f1-d0573477e720&publisherId=OZONENYP0001&siteId=1500000033&cb=1692017396666&bidder=ozone
Frame ID: E2263883E641EB2848889D43EF73712C
Requests: 8 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?us_privacy=1---&
Frame ID: EA620068EE21C3EADB1F4175ABE1D6F1
Requests: 11 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Frame ID: 65B4FB93DCB8AB23CBA585884D40CBA6
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?us_privacy=1---&
Frame ID: AC0051D0DE904FF1E628EB406BDBDB08
Requests: 11 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html?usp_consent=1---
Frame ID: 97AD97CDBED15E044825450FE417B440
Requests: 14 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 732C8F2BBD37B056712E7B2B43597BCE
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: E96A5131613054FAA689C695A4AFCF56
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 3D211D5FC19FF39F05F6269268511873
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU3I8M1G&prvid=2033%2C2030%2C2073%2C273%2C2027%2C159%2C2026%2C117%2C238%2C239%2C97%2C99%2C59%2C3012%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C171%2C173%2C294%2C251%2C178%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C459%2C77%2C184%2C261%2C141%2C262%2C461%2C188%2C222%2C345%2C225%2C226%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Frame ID: B8106BA5F3A2D4EC488841CB17630B02
Requests: 17 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: 2B9D70CCCAE0D1F9400EA9A11CE3FD4D
Requests: 9 HTTP requests in this frame

Frame: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1---&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Frame ID: 1A41BE6F66E4BAAC170B089BEA39BB90
Requests: 6 HTTP requests in this frame

Frame: https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 06C00FE0A3570E34952A60D5C548657C
Requests: 21 HTTP requests in this frame

Frame: https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A7614D0220A7C06F16E4D8EA10AB01E9
Requests: 21 HTTP requests in this frame

Frame: https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A17B86675A9EF7D348F6E360ADF30DB5
Requests: 21 HTTP requests in this frame

Frame: https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7F85476F72F76AD65A2A0BCD561A516C
Requests: 20 HTTP requests in this frame

Frame: https://tagan.adlightning.com/nc-nypost/b-e09f10f-a7b8af42.js
Frame ID: 067A2D2714BEAD45A5BC226997055919
Requests: 8 HTTP requests in this frame

Frame: https://tagan.adlightning.com/nc-nypost/b-e09f10f-a7b8af42.js
Frame ID: 4EF7B474D413AEAABD74667458B1EA18
Requests: 8 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 6F540A3B9836AEA013849CC25CEFB161
Requests: 6 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1---&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 7119713697388185CF2B0FC3927E8B60
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: DB39E6E11839A5DCA67482D932BA7AF5
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: D9EDB84A4FEDC802C63FB8D71854BD1F
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: 31AA8DA4E654C43730612412392810AC
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1---&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: 5852E404E31FA66F785D6BBBC12819A5
Requests: 7 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: 860CCD1190EBFBCEFAD59780FD207168
Requests: 27 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1---&
Frame ID: A8E81CE1458F84C3AE69168C92AA0D8A
Requests: 2 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Frame ID: 85EC824BEC7B3F792C5DF37E1B92A640
Requests: 19 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=8&vsid=3350189961523764000V10&type=rkt&refUrl=&vid=20173994373350189961523764000V10&ovsid=969188718189332721
Frame ID: FC60034A1D5CC0740AD667AE3F594106
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: F02F4454795CFD98E36FBC6305A5E3FE
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 1CC2973E48FE975BAAE05FAEAE094335
Requests: 10 HTTP requests in this frame

Frame: https://cds.connatix.com/p/313598/connatix.player.js
Frame ID: 8C8F387FCD8924D8C4BB06EF492F198E
Requests: 15 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Frame ID: 32A4F9875DA4D9A712F7E2827BE83879
Requests: 13 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Frame ID: 465506BF838E4FC3FD2B006DA897742A
Requests: 13 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
Frame ID: DFF7A0D19945D9DD908880BB4B6D08AC
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=1---&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D1---%26bidder_id%3D25%26external_user_id%3D
Frame ID: BEECF2FACD576F1834FA37AF74E61565
Requests: 2 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZNoi9cCo8X8AAGiFsigAAAAA
Frame ID: D6880CE963D4BFBAEAEDDFA8109E464E
Requests: 1 HTTP requests in this frame

Frame: https://cs.admanmedia.com/sync/gumgum?puid=u_86675a2e-1fa3-4d4a-8df3-7774f2fc0697&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Frame ID: A31CA4C19B0A648632C3195A73A3E360
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Frame ID: AE0EAEB462070D60055037EBFA886AF4
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 164CB73082E70D488A796F87F80F7D33
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Frame ID: A9F5BB9EBC943FEA106EF8197CB1BBBE
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5adb88524e24e50&us_privacy=1---
Frame ID: 7AE7533B6AFEF9C164EE86861E334221
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/29f836b1c2dd7f7b?ct=1&ruidm=1&du=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D181225%26dsp%3D629319%26t%3Diframe%26uid%3D%24UID%26us_privacy%3D1---
Frame ID: 08FCC4F86D5056365B79B5F33D57850D
Requests: 16 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/152media
Frame ID: 8ED7BB876667099285044AA9C1329FF1
Requests: 9 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Frame ID: A593B38615CDE8EB2DEDBEA3562AC3B8
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Frame ID: 3CDC6AAA5174D0E0625C6BC85BF20FD0
Requests: 3 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV84NjY3NWEyZS0xZmEzLTRkNGEtOGRmMy03Nzc0ZjJmYzA2OTc=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 10FF652A773053CF262102EAE80C117C
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: F7437BAB513365180763B0C9637737C2
Requests: 8 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Frame ID: 1A392D5B1B0D3A1697C10FA461950FCA
Requests: 1 HTTP requests in this frame

Frame: https://tlx.3lift.com/web/auction?inv_code=NYPost_Sidebar_native_header&referrer=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&rev=bbfe464&fe=0&ft=1&cb=4146567284
Frame ID: 7FD6136AB56D96D7BF36157A9508A80C
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: EFF5F1A77BFE4ECB7A5F6D3691CE70C6
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
Frame ID: CF6D16BCB68A2B2E9FD458D488AEFC77
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ3FExD_0j0Y6_fayQEwAQ&v=APEucNXfJ__NwFlAFnSoFuHaJ9OOrMPyg0BMbuXdRAQhk2d8fk9lLZwwUkaLmv_YY3obT3yM-IqeoVnEwsnQxOLgb0eritgP8Q
Frame ID: 8075518CA96913DFCD59E70C00B718CD
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ3FExD_0j0YtbrPzQEwAQ&v=APEucNXZTA4iTRxY2xwKcS8BgvJj-jYMQF4K8Ui-o40dEJ899l76Bsf7jZSKxWHgH5Eh4yhSSDUhwA6vxclZqNydL90kUbJWkw
Frame ID: 7B88AB9DF38F2922DD1BF4CF6AA51918
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ3FExD_0j0Y6_fayQEwAQ&v=APEucNX_4qPsaqD6xjgLd9L33a5ECzXCAJ14IKt-s-21nKNH-Hm-LIs9VuGTglVKBKJPRkV3JETzJ33F_vQQqxPwKAmbW8Iqew
Frame ID: C2DE02368D54EF681304CACECC010A58
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ3FExD_0j0Y6_fayQEwAQ&v=APEucNUmqZlCbjXlD6fEmfTcV-oqHJJ3OshC6nFDLcnsd-CiFvntuHjULZEk-KL-Olrpg3esgK1OgkWMxdZ8e7EIbi77TuvQsA
Frame ID: 4E72A0835CD076C76939109D7334EE37
Requests: 4 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Frame ID: FCDD04F18485D72228FCC6BD6356EC32
Requests: 4 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 112823BABFB5AB7BF60C4CFD179F95B2
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
Frame ID: EE211E4C03A77B84F04EAF4C668DB0ED
Requests: 1 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Frame ID: 32437CFDB35F9A685173F9E077321D76
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D9e327913d98873c4%26uid%3D
Frame ID: 048C90A5AE9D93CB032FC46CDC789E50
Requests: 1 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D9e327913d98873c4%26uid%3D
Frame ID: 3F0AD070AA309A28777458ADC8CA13CF
Requests: 10 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: 88F59CE2E55CA107E6348FD48B166DCD
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 2CFAFFC50915D1C0CDB37BE804FEA573
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Frame ID: E96EEC97D89E05A7900E55F0FBD205DD
Requests: 11 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Frame ID: EC117860593B84FCBF0AAAFDBC2E5356
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Frame ID: AA764E43E95B1152EF7A427E7FC7AE2E
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east&gdpr=0
Frame ID: 8A818DB6E87C3E2A58FF84C983694097
Requests: 2 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3a%2f%2fcapi.connatix.com%2fcore%2fus%3fDemandPartner%3d37%26UserId%3dfddb0e4239674cab881846b90d9a1b4b%26DemandPartnerName%3d_33Across%26tier%3d1%26DemandPartnerUserId%3d33XUSERID33X&gdpr=0
Frame ID: FD1B8BD0FE25FCA9822C8E6361501696
Requests: 7 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent={gdpr_consent}&redirect=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d24%26ev%3dfddb0e4239674cab881846b90d9a1b4b%26pname%3dIronSource%26api-tier%3d1%26uid%3d{partnerId}%26direct%3D1
Frame ID: CC54AF08B065FA08862E66C86017235A
Requests: 3 HTTP requests in this frame

Frame: https://prebid.a-mo.net/cchain/2/4890?gdpr=0&gdpr_consent=&gpp=&gpp_sid=&us_privacy=&A=50478a03-0398-43f7-86fc-e8df8347d808&bidder=pubmatic&cbx=aHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9&uid=68531A78-C812-44CF-A2C6-1C611A476111
Frame ID: 695E74E03A6BE54F9ED66DCB273315F6
Requests: 2 HTTP requests in this frame

Frame: https://prebid.a-mo.net/cchain/2/4890?gdpr=0&gdpr_consent=&gpp=&gpp_sid=&us_privacy=&A=50478a03-0398-43f7-86fc-e8df8347d808&bidder=pubmatic&cbx=aHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9&uid=68531A78-C812-44CF-A2C6-1C611A476111
Frame ID: A5B2AD17DFF72A90A7639B98D387FCF9
Requests: 2 HTTP requests in this frame

Frame: https://prebid.a-mo.net/cchain/2/4890?gdpr=0&gdpr_consent=&gpp=&gpp_sid=&us_privacy=&A=50478a03-0398-43f7-86fc-e8df8347d808&bidder=pubmatic&cbx=aHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9&uid=68531A78-C812-44CF-A2C6-1C611A476111
Frame ID: 38D608D3C78374EF0230B7125FF13F4B
Requests: 2 HTTP requests in this frame

Frame: https://prebid.a-mo.net/cchain/2/4890?gdpr=0&gdpr_consent=&gpp=&gpp_sid=&us_privacy=&A=50478a03-0398-43f7-86fc-e8df8347d808&bidder=pubmatic&cbx=aHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9&uid=68531A78-C812-44CF-A2C6-1C611A476111
Frame ID: 2355CD228B035CBE9946D8757C96B2DA
Requests: 2 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:b7GxuppY1Qvx1d5&gdpr=0&gdpr_consent=
Frame ID: 7167118A94D1FF397FFE99D7C2AE4899
Requests: 1 HTTP requests in this frame

Frame: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=68531A78-C812-44CF-A2C6-1C611A476111
Frame ID: 63B79DD212F6A761E84305114967619F
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=68531A78-C812-44CF-A2C6-1C611A476111
Frame ID: BB6A3E97F1802859009D09CC36976FAB
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: 672A03F248721A1D7C976541F2596017
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1E18E570E66F417AE433A84BA02C8109
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6A7EEA85228B95A69F53A53ED533EB0A
Requests: 9 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=969188718189332721
Frame ID: 7F22015CB24FB8AC3284A167B3C6647D
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=68531A78-C812-44CF-A2C6-1C611A476111&redir=true&gdpr=0&gdpr_consent=
Frame ID: 2A4B2DAB45DB16A5ACCF023E22635DD9
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: 3F7F2449F11A36F33A0324453356E2CB
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6125384915149995829&gdpr=0&gdpr_consent=
Frame ID: 5645DF9A4B5EC108F0203CA544E85960
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=17c778fa-3aa1-11ee-969c-688d4aa15bb1
Frame ID: C39690EC13700D670ECF0FC93410D8D8
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID68531A78-C812-44CF-A2C6-1C611A476111
Frame ID: 5381A228372569B9D88FC40724436FB2
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D9e327913d98873c4%26uid%3D
Frame ID: 7CE7AFBAF31682364AA894D119263043
Requests: 6 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Frame ID: 68DA45A199E75F55AF6237FC966D8E63
Requests: 12 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181225&dsp=629319&t=iframe&uid=ABW-WjS5792nvVMg&us_privacy=1---
Frame ID: D94F83D53D04FB63F57CC362F7DF99E7
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D6A7C9A182E6037088CD797D375767F2
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: AE2F673AFB83C13E51410B4AE5E2BE2D
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: ADBED63FC9EDFE1C7E5272D535C457A9
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: C080D08D0F276736808670B9FB13B94A
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: F99078AD1DAC3C624D6D87B87DE45476
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: 65F9222858DFAEBC1B5B73FAEC831690
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: 646286E113185361ACF156A97D4EDD8A
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=-DHGulrLAIK8IuaC_yLaZA
Frame ID: C88ABE0B8181B6FEFD489AE04D4F4C86
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 14BC85AE69619CC616A523EDFEFA67EC
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: 6F5FE5CD8B72829B36AD8074149A00C6
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 87DB08C6D5DC24F3A0FC978BE97F37B4
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 50A8F47931004BE23F03E1D642583FA1
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: 96F7C6322B1055F5870B1DAA5F8836D7
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: AEEF2ED37A539BD1B254CAE294F175A9
Requests: 1 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=281178&extuid=68531A78-C812-44CF-A2C6-1C611A476111
Frame ID: 0D2D8BC37BA0B03D286C20004BE413BD
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 69B474F8C9A823513624E1443BBA74FA
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 258103D7991B21390223EE5DBE7D8930
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: 72EB708362AD70A12E774EF38E38C0D0
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: EB05E9D7DF51A9908A75F27A146CB41E
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: 5DD594FC49D83DB8404B81FA836F4999
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: 54218401D131B8B1BB0AE9DD9C2B9B63
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: 779948B200552CC4FD7652C36B93D61A
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=CCqSsgrGBoOSKSzh_yLaZA
Frame ID: 9EDDBF5EDD7A2DC8CA5E14C9C41132A6
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 2EE314A12EC950D714249E468B0A6251
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: 873EBD321741CFB704BA52B92AB6295B
Requests: 1 HTTP requests in this frame

Frame: https://ads.servenobid.com/sync?pid=316&uid=68531A78-C812-44CF-A2C6-1C611A476111
Frame ID: 01971F531DB9EFE91F1AFCE999A56B29
Requests: 1 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Frame ID: BB42885B193D0F00BC849D9CB9ACB6C2
Requests: 1 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Frame ID: 63CCC3208E3F292F024E28362B0F9B05
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 8C89B3990668CE1A8AEF35F8ECA8742E
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 59DEFA356F77C33FD1918D65A6C03A15
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: A3F4A97D1A4774B7001DAE7DD8C7B4C6
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: A4861E11DB71141FAD0975CB99C38EC6
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=68531A78-C812-44CF-A2C6-1C611A476111
Frame ID: D9C247EA79B497C19910643C617F3D2F
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Frame ID: DD4B5A987904ECFE9BADC2B984B6E8D7
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Frame ID: ACAFD4062381D8BBD5EFBEEE2EE0BD0E
Requests: 1 HTTP requests in this frame

Frame: https://p.jcontentcdn.com/prebidlink/19583/j.html?i=11595
Frame ID: 5904231D1991EA374E9716068B80F9AC
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Frame ID: 8101AF656E49DE074201DC0C111A932B
Requests: 12 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZNoi9cCo8X8AAGiFsigAAAAA
Frame ID: E2FD5107E8A949843DBE093FE4F8C9C5
Requests: 1 HTTP requests in this frame

Frame: https://cs.admanmedia.com/sync/gumgum?puid=u_86675a2e-1fa3-4d4a-8df3-7774f2fc0697&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa=
Frame ID: FF52BD94F0185624F93A152430A0D5EA
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Frame ID: 854062D6F8A04592D5E1D76F33DA2C5E
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 3A8CBDE5B130DB225931FCD77E46F577
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV84NjY3NWEyZS0xZmEzLTRkNGEtOGRmMy03Nzc0ZjJmYzA2OTc=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 735AD3102126BEE4A2DD698E3BAB937C
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: D9195EFF88D49EA26F05536CDEBC48BF
Requests: 1 HTTP requests in this frame

Frame: https://p.astarcdn.com/prebidlink/19583/j.html?i=12909
Frame ID: 16A86063C7E1C09CBA95FF560CB8FA7A
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=68531A78-C812-44CF-A2C6-1C611A476111&gdpr=0&gdpr_consent=
Frame ID: 78EAE96EFAC6F43E5D8234F3795BC3D6
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=68531A78-C812-44CF-A2C6-1C611A476111
Frame ID: C9E1703477F0068707858242FF264B0D
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1692017406828-939026011029-001222-002-004076%26biddername%3D1%26key%3D
Frame ID: E0CC13B1461B73E1F6CD07937DDF17A9
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=a8558a898a7f1d459a56776b82e5d936&_fw_gdpr=0&_fw_gdpr_consent=
Frame ID: E65A40D9C6A02071FDD1FE9EB52E643D
Requests: 1 HTTP requests in this frame

Frame: https://ads.stickyadstv.com/auto-user-sync?px=1953&_fw_gdpr=0&_fw_gdpr_consent=
Frame ID: 3ED1CBBAFAF80AB0497077B91596AC26
Requests: 1 HTTP requests in this frame

Frame: https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dadconductor%26bsw_param%3D2ec00d2e-f53c-465e-92d3-2beaa816ca85%26gdpr%3D%26consent%3D%26gdpr_pd%3D%26expires%3D7
Frame ID: 4EF0892116B7EE68E449E9188357EA53
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Frame ID: DDDEFBDD789B1BCA586A3C825C815501
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?biddername=78&key=y-ka0IJ91E2uEn8mIOLyAuUA.dc8QajnFTWDzb2vs-~A&gdpr=0
Frame ID: 11E1CFCCE00FFAAD26AD44CA8A6860AD
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1692017406828-939026011029-001222-002-004076&biddername=23&key=f0c9e2f4-a0c8-4698-b246-2a0c386809b7
Frame ID: 05C0AAC97D7407A4EC67DC7A6AE15A76
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1692017406828-939026011029-001222-002-004076&biddername=10&pid=59c9148628a0612da3689288&key=5TsF0pv5gg6c&ev=1&us_privacy=1---&pid=562704
Frame ID: C444634B13A0FCEF9CB6A10B9FF6A8EB
Requests: 1 HTTP requests in this frame

Frame: https://vid.vidoomy.com/sync?gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1692017406828-939026011029-001222-002-004076%26biddername%3D133%26pid%3D59c9148628a0612da3689288%26key%3D%7B%7BVID%7D%7D
Frame ID: 45C5E38CCB700F06C70E043BF369CE1D
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1692017406828-939026011029-001222-002-004076%26biddername%3D105%26pid%3D59c9148628a0612da3689288%26key%3D
Frame ID: 5F39F42F7CC8F1DE2C613AEF098CC6BA
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1692017406828-939026011029-001222-002-004076&biddername=56&pid=59c9148628a0612da3689288&key=d3b0ff90-af00-45c0-8b53-51476465188b&gdpr_consent=null&gdpr=0
Frame ID: 1FC8577A6E4A756E246CD1513521E3AC
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1692017406828-939026011029-001222-002-004076&biddername=22&key=9ee49186-746a-4a99-b9ae-326ad01ba3bd
Frame ID: 11907C6431DE83F2B73D8EE7E53D7FC5
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1692017406828-939026011029-001222-002-004076&biddername=18&key=HJkhbLZHRtsgZLtNTqiinddP
Frame ID: F9F0E076EB874ABBF3E607D30EA9221D
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1692017406828-939026011029-001222-002-004076&biddername=3&key=2129E09A41B14F3196FBE4892007BDC9
Frame ID: 2112150DD633FF215947707014AE8A35
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1692017406828-939026011029-001222-002-004076&biddername=52&key=ua-232b251a-73f7-38d2-b385-866b557f8a46
Frame ID: 07A25C63A61C0F6D856A57DA817C475A
Requests: 1 HTTP requests in this frame

Frame: https://cs.admanmedia.com/fa9f4b3548d146d8b0584acce84c4fec.gif?gdpr=0&gdpr_consent=&us_privacy=1---&coppa=0&puid=1692017406828-939026011029-001222-002-004076&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1692017406828-939026011029-001222-002-004076%26biddername%3D57%26pid%3D59c9148628a0612da3689288%26key%3D%7B%24UID%7D
Frame ID: F171DCB6D4A422CA183F664B3E8A4DCF
Requests: 1 HTTP requests in this frame

Frame: https://events-ssc.33across.com/match?liv=h&us_privacy=1---&bidder_id=25&external_user_id=68531A78-C812-44CF-A2C6-1C611A476111
Frame ID: C10F3F08FB04AE59CD8B18187B76371F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • widgets\.outbrain\.com/outbrain\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • tracker\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

1320
Requests

69 %
HTTPS

23 %
IPv6

213
Domains

378
Subdomains

236
IPs

12
Countries

13218 kB
Transfer

34551 kB
Size

406
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21
  • https://nypost-com.videoplayerhub.com/galleryplayer.js?ver=1.0.0 HTTP 301
  • https://btloader.com/tag?h=nypost-com&upapi=true
Request Chain 139
  • https://sb.scorecardresearch.com/c2/plugins/streamingtag_plugin_jwplayer.js HTTP 302
  • https://sb.scorecardresearch.com/internal-c2/default/streamingtag_plugin_jwplayer.js
Request Chain 194
  • https://sb.scorecardresearch.com/cs/6390601/beacon.js HTTP 302
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Request Chain 216
  • https://tags.nypost.com/cs/sync/i HTTP 302
  • https://us.tags.newscgp.com/cs/sync/i?expiry_ts=1755089394312&origin=tags.nypost.com HTTP 302
  • https://us.tags.newscgp.com/cs/bounce/i?expiry_ts=1755089394312&origin=tags.nypost.com&fallback_id=b97c6e3e-5d02-4414-bea5-f504d547eb22.3.1692017394.1755089394312 HTTP 302
  • https://tags.nypost.com/cs/bounce/i?expiry_ts=1755089394312&nuid=b97c6e3e-5d02-4414-bea5-f504d547eb22.3.1692017394.1755089394312
Request Chain 246
  • https://sb.scorecardresearch.com/b?c1=2&c2=6390601&cs_it=b8&cv=3.6&ns__t=1692017394739&ns_c=UTF-8&cj=1&c7=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&c8=Secret%20Service%20tracking%20Onlyfans%2C%20Twitch%2C%20Pinterest%20websites&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6390601&cs_it=b8&cv=3.6&ns__t=1692017394739&ns_c=UTF-8&cj=1&c7=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&c8=Secret%20Service%20tracking%20Onlyfans%2C%20Twitch%2C%20Pinterest%20websites&c9=
Request Chain 254
  • https://rp.liadm.com/j?dtstmp=1692017394940&aid=a-01qt&se=e30&duid=37577191df7a--01h7t1h0vpksc8abk7zsfr004m&tna=v2.7.10&pu=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&ext__pubcid=e27f856b-b396-4c82-98f1-d0573477e720&us_privacy=1---&wpn=lc-bundle&c=PHRpdGxlPlNlY3JldCBTZXJ2aWNlIHRyYWNraW5nIE9ubHlmYW5zLCBUd2l0Y2gsIFBpbnRlcmVzdCB3ZWJzaXRlczwvdGl0bGU-PGxpbmsgcmVsPSJjYW5vbmljYWwiIGhyZWY9Imh0dHBzOi8vd3d3LmZveGJ1c2luZXNzLmNvbS9wb2xpdGljcy9zZWNyZXQtc2VydmljZS10cmFja2luZy1vbmx5ZmFucy1waW50ZXJlc3QtdHdpdGNoLXdlYnNpdGVzLWRvY3VtZW50cy1yZXZlYWwiPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSJEb2N1bWVudHMgc2hvdyB0aGUgVVMgU2VjcmV0IFNlcnZpY2UgaGFzIGJlZW4gdHJhY2tpbmcgd2Vic2l0ZXMgbGlrZSBPbmx5RmFucywgUGludGVyZXN0IGFuZCBUd2l0Y2ggYWxvbmcgd2l0aCBzb2NpYWwgbWVkaWEgcGxhdGZvcm1zIEZhY2Vib29rIGFuZCBUd2l0dGVyLiI-PGgxIGNsYXNzPSJoZWFkbGluZSBoZWFkbGluZS0tc2luZ2xlIj4KCQlTZWNyZXQgU2VydmljZSB0cmFja2luZyBPbmx5RmFucywgUGludGVyZXN0LCBUd2l0Y2ggd2Vic2l0ZXMsIGRvY3VtZW50cyByZXZlYWwJPC9oMT48dGl0bGU-QmFjayBCdXR0b248L3RpdGxlPjx0aXRsZT5TZWFyY2ggSWNvbjwvdGl0bGU-PHRpdGxlPkZpbHRlciBJY29uPC90aXRsZT4 HTTP 302
  • https://rp4.liadm.com/j?dtstmp=1692017394940&aid=a-01qt&se=e30&duid=37577191df7a--01h7t1h0vpksc8abk7zsfr004m&tna=v2.7.10&pu=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&ext__pubcid=e27f856b-b396-4c82-98f1-d0573477e720&us_privacy=1---&wpn=lc-bundle&c=PHRpdGxlPlNlY3JldCBTZXJ2aWNlIHRyYWNraW5nIE9ubHlmYW5zLCBUd2l0Y2gsIFBpbnRlcmVzdCB3ZWJzaXRlczwvdGl0bGU-PGxpbmsgcmVsPSJjYW5vbmljYWwiIGhyZWY9Imh0dHBzOi8vd3d3LmZveGJ1c2luZXNzLmNvbS9wb2xpdGljcy9zZWNyZXQtc2VydmljZS10cmFja2luZy1vbmx5ZmFucy1waW50ZXJlc3QtdHdpdGNoLXdlYnNpdGVzLWRvY3VtZW50cy1yZXZlYWwiPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSJEb2N1bWVudHMgc2hvdyB0aGUgVVMgU2VjcmV0IFNlcnZpY2UgaGFzIGJlZW4gdHJhY2tpbmcgd2Vic2l0ZXMgbGlrZSBPbmx5RmFucywgUGludGVyZXN0IGFuZCBUd2l0Y2ggYWxvbmcgd2l0aCBzb2NpYWwgbWVkaWEgcGxhdGZvcm1zIEZhY2Vib29rIGFuZCBUd2l0dGVyLiI-PGgxIGNsYXNzPSJoZWFkbGluZSBoZWFkbGluZS0tc2luZ2xlIj4KCQlTZWNyZXQgU2VydmljZSB0cmFja2luZyBPbmx5RmFucywgUGludGVyZXN0LCBUd2l0Y2ggd2Vic2l0ZXMsIGRvY3VtZW50cyByZXZlYWwJPC9oMT48dGl0bGU-QmFjayBCdXR0b248L3RpdGxlPjx0aXRsZT5TZWFyY2ggSWNvbjwvdGl0bGU-PHRpdGxlPkZpbHRlciBJY29uPC90aXRsZT4&i6=MjAwMTo1NTA6MWQwNToxOjo5&n3pc=true
Request Chain 261
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&dcc=t
Request Chain 292
  • https://cdn.jwplayer.com/strips/ScrNykYo-120.vtt HTTP 301
  • https://assets-jpcust.jwpsrv.com/strips/ScrNykYo-120.vtt
Request Chain 343
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3350189961523764000V10
Request Chain 345
  • https://cdn.jwplayer.com/strips/ScrNykYo-120.jpg HTTP 301
  • https://assets-jpcust.jwpsrv.com/strips/ScrNykYo-120.jpg
Request Chain 346
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&rid=esp&cc=1
Request Chain 357
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=98e88688-0673-4918-b58d-6b26411ac6e7&us_privacy=1--- HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=a92192c3-6390-4b70-861a-56d497938f37%3A1692017396.5221553&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3Da92192c3-6390-4b70-861a-56d497938f37%253A1692017396.5221553%26pid%3D500040%26it%3D1%26iv%3Da92192c3-6390-4b70-861a-56d497938f37%253A1692017396.5221553%26_%3D1692017396.527568&cb=1692017396.5276194 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=969188718189332721&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3Da92192c3-6390-4b70-861a-56d497938f37%253A1692017396.5221553%26pid%3D500040%26it%3D1%26iv%3Da92192c3-6390-4b70-861a-56d497938f37%253A1692017396.5221553%26_%3D1692017396.527568 HTTP 302
  • https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=a92192c3-6390-4b70-861a-56d497938f37%3A1692017396.5221553&pid=500040&it=1&iv=a92192c3-6390-4b70-861a-56d497938f37%3A1692017396.5221553&_=1692017396.527568 HTTP 303
  • https://pippio.com/api/sync?it=1&pid=500040&_=1692017396.527568&iv=a92192c3-6390-4b70-861a-56d497938f37:1692017396.5221553
Request Chain 358
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D&us_privacy=1--- HTTP 302
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=4086215225291572915&us_privacy=1--- HTTP 303
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@&us_privacy=1--- HTTP 302
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-RbNkiiZmUz-AGAn3HgYorfG9jDsaXKjrA4S4Hw&us_privacy=1--- HTTP 303
  • https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-RbNkiiZmUz-AGAn3HgYorfG9jDsaXKjrA4S4Hw&us_privacy=1---&us_privacy=1---
Request Chain 359
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0&us_privacy=1--- HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0&us_privacy=1--- HTTP 302
  • https://i.liadm.com/s/35759?bidder_id=44489&bidder_uuid=885e676c-3a70-45fe-acfc-e7ad294a43e8 HTTP 303
  • https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=885e676c-3a70-45fe-acfc-e7ad294a43e8
Request Chain 362
  • https://b1sync.zemanta.com/usersync/liveintent/?cb=//i.liadm.com/s/35004?bidder_id%3D98254%26bidder_uuid%3D__ZUID__&us_privacy=1--- HTTP 302
  • https://stags.bluekai.com/site/23178?id=JJ-Bcr2ZgPSZovj0FZ9P&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DF4XWSLTMNFQWI3JOMNXW2L3TF4ZTKMBQGQ7WE2LEMRSXEX3JMQ6TSOBSGU2CMYTJMRSGK4S7OV2WSZB5JJFC2QTDOIZFUZ2QKNNG65TKGBDFUOKQEZSXQY3IMFXGOZJ5NRUXMZLJNZ2GK3TUEZ2XGX3QOJUXMYLDPE6TCLJNFU&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=F4XWSLTMNFQWI3JOMNXW2L3TF4ZTKMBQGQ7WE2LEMRSXEX3JMQ6TSOBSGU2CMYTJMRSGK4S7OV2WSZB5JJFC2QTDOIZFUZ2QKNNG65TKGBDFUOKQEZSXQY3IMFXGOZJ5NRUXMZLJNZ2GK3TUEZ2XGX3QOJUXMYLDPE6TCLJNFU HTTP 302
  • https://i.liadm.com/s/35004?bidder_id=98254&bidder_uuid=JJ-Bcr2ZgPSZovj0FZ9P&us_privacy=1---
Request Chain 363
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=98e88688-0673-4918-b58d-6b26411ac6e7&us_privacy=1--- HTTP 302
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=98e88688-0673-4918-b58d-6b26411ac6e7&us_privacy=1---&rd=Y
Request Chain 371
  • https://pixel.rubiconproject.com/exchange/sync.php?p=rp-pbs&gdpr=&gdpr_consent=&account=11076&us_privacy=1---&gpp_sid=&gpp= HTTP 302
  • https://prebid-server.rubiconproject.com/setuid?bidder=rubicon&account=11076&uid=LLAVGYIH-G-GET7&us_privacy=1---
Request Chain 372
  • https://idsync.rlcdn.com/420046.gif?partner_uid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CM7RGRJMCkgIARC-ngEaQEtRQjh1UUZRRHlUT1pqb1ozMktaWGFpaGJiYmdQTlM1UkVCNVhXNVR1UHJmc2lWX3p1VmlKNS1FNnRCZG96alIQABoNCPTF6KYGEgUI6AcQAEIASgA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=5a7b2f2fa797d115ed9eab627b6556bf468f9ee5ecbec57a0c7162de5c07df17791426b5417dce21&_=2 HTTP 307
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=5a7b2f2fa797d115ed9eab627b6556bf468f9ee5ecbec57a0c7162de5c07df17791426b5417dce21&rand=05740494 HTTP 302
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=5a7b2f2fa797d115ed9eab627b6556bf468f9ee5ecbec57a0c7162de5c07df17791426b5417dce21&rand=05740494&expected_cookie=77df87ea-9b77-4e9f-a267-e06d623381da
Request Chain 373
  • https://b1sync.zemanta.com/usersync/outbrain/?puid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob HTTP 302
  • https://b1sync.zemanta.com/usersync/outbrain/?gdpr=0&gdpr_consent=&initiator=ob&puid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&s=2&us_privacy=1--- HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=zemanta&uid=JJ-Bcr2ZgPSZovj0FZ9P&obUid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&initiator=ob&gdpr=0&us_privacy=1---
Request Chain 374
  • https://ib.adnxs.com/getuid?https://sync.outbrain.com/cookie-sync?p=appnexus&uid=$UID&obUid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=appnexus&uid=6125384915149995829&obUid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
Request Chain 375
  • https://dpm.demdex.net/ibs:dpid=133726&dpuuid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&gdpr=0&gdpr_pd=1&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=133726&dpuuid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&gdpr=0&gdpr_pd=1&gdpr_consent=
Request Chain 377
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=icco6m5&ttd_tpi=1&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=icco6m5&ttd_tpi=1&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=ttd&uid=885e676c-3a70-45fe-acfc-e7ad294a43e8&gdpr=0&gdpr_consent=
Request Chain 380
  • https://rtb.mfadsrvr.com/sync?ssp=outbrain&ssp_user_id=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=outbrain&ssp_user_id=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=mediaforce&uid=8759a31e-b0b9-4b35-8fbe-32318a0f4a18&gdpr=0&gdpr_consent=&us_privacy=1---
Request Chain 381
  • https://x.bidswitch.net/sync?ssp=outbrain&user_id=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&us_privacy=1---&gdpr=0&gdpr_pd=1&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=outbrain&user_id=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&us_privacy=1---&gdpr=0&gdpr_pd=1&gdpr_consent= HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=outbrain&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=969188718189332721&expires=30&ssp=outbrain HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=2ec00d2e-f53c-465e-92d3-2beaa816ca85&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 382
  • https://dis.criteo.com/dis/usersync.aspx?r=74&p=126&cp=outbrain&cu=1&url=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcriteo%26obUid%3DKQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26initiator%3Dob%26uid%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=criteo&obUid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob&uid=43438add-310c-42c6-a606-253d769a587a
Request Chain 383
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&google_dbm HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEPH7324noyrPd5d-36-RAsQ&google_cver=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=2ec00d2e-f53c-465e-92d3-2beaa816ca85
Request Chain 384
  • https://dsp.adfarm1.adition.com/cookie/?ssp=25&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=activeagent&uid=7267159384384272534&gdpr=0&gdpr_consent=
Request Chain 385
  • https://ps.eyeota.net/match?bid=1mpn7m0&uid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR HTTP 302
  • https://ps.eyeota.net/match/bounce/?bid=1mpn7m0&uid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR
Request Chain 387
  • https://creativecdn.com/cm-notify?pi=outbrain&obUid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob HTTP 302
  • https://creativecdn.com/cm-notify?pi=outbrain&obUid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob&tc=1 HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=nbVMDximHKFhSA45Jmrh&pi=outbrain&obUid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob&tc=1
Request Chain 388
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=15268&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=rubicon&uid=LLAVGYIH-G-GET7&obUid=&initiator=&gdpr=0&us_privacy=1---
Request Chain 390
  • https://loadus.exelator.com/load/?p=580&g=2&j=0&buid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR HTTP 302
  • https://loadus.exelator.com/load/?p=580&g=2&j=0&buid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&xl8blockcheck=1 HTTP 302
  • https://loadus.exelator.com/load/?p=204&g=750&j=0&buid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&test={%22attributes%22:%20{},%20%22agreedId%22:%20%22%22}
Request Chain 391
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193091&cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dindxexcg%26uid%3D%24%7BUSER%7D%26obUid%3DKQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26initiator%3Dob HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=indxexcg&uid=ZNoi9Ggn7zBNSI16aEKdmQAADbsAAAAB&obUid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
Request Chain 392
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160065&gdpr=PM_GDPR&gdpr_consent=PM_CONSENT&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160065%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync.outbrain.com%252Fcookie-sync%253Fp%253Dpubmatic%2526obUid%253DKQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR%2526gdpr%253D0%2526initiator%253Dob%2526gdpr_consent%253D%2526us_privacy%253D1---%2526uid%253D%2523PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160065&gdpr=PM_GDPR&gdpr_consent=PM_CONSENT&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160065%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync.outbrain.com%252Fcookie-sync%253Fp%253Dpubmatic%2526obUid%253DKQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR%2526gdpr%253D0%2526initiator%253Dob%2526gdpr_consent%253D%2526us_privacy%253D1---%2526uid%253D%2523PMUID&rdf=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/pubmatic/68531A78-C812-44CF-A2C6-1C611A476111?gdpr=-1&gdpr_consent=PM_CONSENT
Request Chain 393
  • https://u.openx.net/w/1.0/cm?id=00df9f64-6f67-4cae-aeb2-d951da52047c&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26initiator%3Dob%26obUid%3DKQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR%26uid%3D HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=openx&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob&obUid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&uid=1c5a5359-d717-4f78-844a-cdbc0485e7ae
Request Chain 394
  • https://ups.analytics.yahoo.com/ups/58523/occ?gdpr=0&gdpr_consent=&us_privacy=1---&redir=true HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=oath&uid=y-ka0IJ91E2uEn8mIOLyAuUA.dc8QajnFTWDzb2vs-~A&gdpr=0
Request Chain 395
  • https://ice.360yield.com/server_match?partner_id=1863&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dimprove_digital%26uid%3D%7BPUB_USER_ID%7D%26obUid%3DKQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26initiator%3Dob HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=improve_digital&uid=9ee49186-746a-4a99-b9ae-326ad01ba3bd&obUid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
Request Chain 396
  • https://s.ad.smaato.net/c/?adExInit=o&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmaato%26uid%3D%24UID%26obUid%3DKQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26initiator%3Dob HTTP 302
  • https://s.ad.smaato.net/c/?adExInit=o&cookieCheck=1 HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=smaato&uid=1d2e13731d&gdpr=0&gdpr_consent=
Request Chain 397
  • https://ssbsync.smartadserver.com/api/sync?callerId=30&gdpr=0&gdpr_consent=&redirectUri=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmart%26uid%3D%5Bssb_sync_pid%5D%26obUid%3DKQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26initiator%3Dob HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=smart&uid=8978801468337922557&obUid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
Request Chain 399
  • https://id.rlcdn.com/711945.gif?ct=4&cv= HTTP 307
  • https://sync.outbrain.com/cookie-sync?p=liveramp&uid=&
Request Chain 400
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=127&gdpr=0&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcentro%26uid%3D%7BuserId%7D%26obUid%3DKQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26initiator%3Dob HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=127&gdpr=0&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcentro%26uid%3D%7BuserId%7D%26obUid%3DKQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26initiator%3Dob HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=centro&uid=d6b17afb-b9dc-4997-9b71-8ab66aac7c4f-64da22f6-5553&obUid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
Request Chain 401
  • https://cms.quantserve.com/pixel/p-cxanv6hYFn1kw.gif?idmatch=0&obUid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=quantcast&gdpr=0&initiator=ob&obUid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&uid=EknLGRZPyU4JTJ1IHRuCSR0bnUsJTZtJRUSZtJSn
Request Chain 402
  • https://bh.contextweb.com/bh/rtset?pid=562709&ev=1&us_privacy=${us_privacy}&rurl=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dpulsepoint%26uid%3D%25%25VGUID%25%25%26obUid%3DKQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26initiator%3Dob HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=pulsepoint&uid=5TsF0pv5gg6c&obUid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob&ev=1&us_privacy=${us_privacy}&pid=562709
Request Chain 403
  • https://id5-sync.com/s/164/9.gif?puid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://id5-sync.com/c/164/164/9/1.gif?puid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F164%2F441%2F8%2F2.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/164/441/8/2.gif?puid=u_86675a2e-1fa3-4d4a-8df3-7774f2fc0697&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=885e676c-3a70-45fe-acfc-e7ad294a43e8&ttl=%%TTL%% HTTP 302
  • https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F164%2F203%2F6%2F4.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/164/203/6/4.gif?puid=43438add-310c-42c6-a606-253d769a587a&gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F164%2F429%2F5%2F5.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/164/429/5/5.gif?puid=68531A78-C812-44CF-A2C6-1C611A476111&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F164%2F108%2F4%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/164/108/4/6.gif?puid=729e4ab9-4626-4c72-9437-f28f3a88b1bb&gdpr=0&gdpr_consent=
Request Chain 404
  • https://cm.rtbsystem.com/usermatch/ob?redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Drtbsystem%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26uid%3D%7Buserid%7D%26initiator%3Dob%26obUid%3DKQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=rtbsystem&gdpr=0&gdpr_consent=&us_privacy=1---&uid=21076d1d-881b-545d-814c-ba9e644f7f34&initiator=ob&obUid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR
Request Chain 408
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Request Chain 418
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=6125384915149995829
Request Chain 420
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_86675a2e-1fa3-4d4a-8df3-7774f2fc0697&obuid=ENC(KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR) HTTP 302
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=icco6m5&ttd_tpi=1&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&initiator=platform HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=ttd&uid=885e676c-3a70-45fe-acfc-e7ad294a43e8&gdpr=0&gdpr_consent=
Request Chain 421
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=5b76de2e-80ec-4ad2-805e-8ffc746e21c3
Request Chain 422
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-68641954-ff85-58a9-70a8-0a45c4c12580$ip$38.132.118.69
Request Chain 423
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-g0h5iOhE2pdGVwTOIN5GymOFzUzRgGbF9SSs~A
Request Chain 424
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=bd84f5ab-78b1-42b1-95ee-05bf6d810cd4
Request Chain 425
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D HTTP 307
  • https://usersync.gumgum.com/usersync?b=snc&i=2129E09A41B14F3196FBE4892007BDC9
Request Chain 427
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_86675a2e-1fa3-4d4a-8df3-7774f2fc0697&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=JJ-Bcr2ZgPSZovj0FZ9P&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHVFEULKCMNZDEWTHKBJVU33WNIYEMWRZKA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHVFEULKCMNZDEWTHKBJVU33WNIYEMWRZKA HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=JJ-Bcr2ZgPSZovj0FZ9P
Request Chain 428
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=9ee49186-746a-4a99-b9ae-326ad01ba3bd
Request Chain 429
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=5TsF0pv5gg6c&ev=1&pid=558355
Request Chain 430
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=3638863415130825203
Request Chain 432
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint HTTP 302
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Request Chain 433
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1SX2JHaWZWRTJ1SkJjUkZLRkhQX2RDbnBxTkM5VWJYS35B
Request Chain 435
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=6125384915149995829&ex=appnexus.com
Request Chain 444
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=nypost.com&sn=ChromeSyncframe&so=0&topUrl=nypost.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=ItI8GnxEZGpQSnFMK3B6OStqb2JUU2NodlJvcGNqMVhERFZ3cVgrbEk0c3ArYS9FajZUMEcrMmFESTVpSVBmNndkTFBicFg4cWxSYy9Nc2RCaWlJMnMzcTNsd0JkR2Flcm9lZnF4NlB2TTZGNW0xaW1xWlRoYUtxY3BMbWllRFdMbjFueGtKejZWNnQ5Q0ZXdmpFYldnSWZMMGJ1SlpJK2JHcnNicGVYZUlqOFlQQkVwVElCUFllK1RiS25USERtdXovWURXbnFVbTA2N3hXWlFWT01YR24rMW9aNkVSV0hMSTVJbWhUbkU0QkZDMW8wd1FNQzE4RVBlc2hRcklJMjhxNlhKMlBXSXNNd1dsVmxOVXoyWWxBa0hXdz09fA&cppv=2
Request Chain 445
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=ZNoi9QAIevMY0AAN HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=ZNoi9QAIevMY0AAN&gdpr=&gdpr_consent=&_test=ZNoi9QAIevMY0AAN
Request Chain 448
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=885e676c-3a70-45fe-acfc-e7ad294a43e8
Request Chain 449
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZNoi9cCo8X8AAGiFsigAAAAA
Request Chain 451
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=689661242672352996219
Request Chain 453
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=8499&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3Dk1jJghvBi79yX1NZ2sM5fXrm%26source_user_id%3D%24SPOTX_USER_ID
Request Chain 454
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=885e676c-3a70-45fe-acfc-e7ad294a43e8&gdpr=0&gdpr_consent=
Request Chain 455
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3 HTTP 302
  • https://secure.adnxs.com/getuid?https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=$UID HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=6125384915149995829
Request Chain 456
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=885e676c-3a70-45fe-acfc-e7ad294a43e8&gdpr=0&gdpr_consent=
Request Chain 459
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=nbVMDximHKFhSA45Jmrh&pi=gumgum&tc=1
Request Chain 460
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 469
  • https://match.adsrvr.org/track/cmf/openx?oxid=ac4b7a5e-a8f9-7284-e725-9f11bc3e2085&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=885e676c-3a70-45fe-acfc-e7ad294a43e8&ttd_puid=ac4b7a5e-a8f9-7284-e725-9f11bc3e2085&gdpr=0&gdpr_consent=
Request Chain 471
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJPUXmYjtUuOnEaEzHaoiis&google_cver=1
Request Chain 472
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZNoi9Ggn7zBNSI16aEKdmQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEN9If2Mz8By4UQ2Yjy2CZQY&google_cver=1
Request Chain 474
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=885e676c-3a70-45fe-acfc-e7ad294a43e8&expiration=1694609397&gdpr=0&gdpr_consent=
Request Chain 475
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZNoi9Ggn7zBNSI16aEKdmQAADbsAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEPZqk2iPNgWd3K8DEkaAXDU&google_cver=1
Request Chain 476
  • https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=ZNoi9Ggn7zBNSI16aEKdmQAA HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=ZNoi9Ggn7zBNSI16aEKdmQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662107587176078
Request Chain 478
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1707914997&external_user_id=7f3a6ff6-5c0d-4ed7-9bd4-46c2c860ad36
Request Chain 483
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=ogury&endpoint=us-east&gdpr_consent=undefined HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=ogury&endpoint=us-east&gdpr_consent=undefined
Request Chain 485
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=X083Vk1Zd19pdm1kT3lHZjNWMFdpZw&gdpr=0&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESENgf9zI1fhutulcPNK82ZsE&google_cver=1
Request Chain 486
  • https://pulsepoint-match.dotomi.com/match/bounce/current?networkId=14200&version=1&nuid= HTTP 302
  • https://pulsepoint-match.dotomi.com/match/bounce/current?DotomiTest=1472597dc333103b&is_secure=true&networkId=14200&version=1&nuid= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAMuSdE6J2eqwM2r_QWAAAAAAA&expiration=1692103797&nuid=&is_secure=true
Request Chain 488
  • https://sync.1rx.io/usersync2/rmphb?gdpr=&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmphb?zcc=1&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3D%5BRX_UUID%5D&cb=1692017397470&us_privacy=1--- HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-8473adf2-1b89-4704-a0af-ee0cafa92d52-005?redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3DRX-8473adf2-1b89-4704-a0af-ee0cafa92d52-005 HTTP 302
  • https://prebid-server.rubiconproject.com/setuid?bidder=unruly&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&account=&f=i&uid=RX-8473adf2-1b89-4704-a0af-ee0cafa92d52-005
Request Chain 492
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D%7BOPENX_ID%7D HTTP 302
  • https://id.rlcdn.com/464246.gif?partner_uid=f98d0538-65be-44e4-b85c-1fe285a5415d HTTP 307
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=f98d0538-65be-44e4-b85c-1fe285a5415d
Request Chain 493
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=6125384915149995829
Request Chain 494
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=4086215225291572915&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 495
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZNoi9QAIevMY0AAN
Request Chain 524
  • https://cdn.jwplayer.com/v2/media/tQdfH2Bm/poster.jpg?width=120 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/BTj1ruSS-120.jpg
Request Chain 530
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=7015751175867750616&gdpr=0&gdpr_consent=
Request Chain 531
  • https://dsp.adfarm1.adition.com/cookie/?ssp=5&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7267159384384272534&gdpr=0&gdpr_consent=
Request Chain 532
  • https://id5-sync.com/i/102/9.gif?gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/102/0/9/1.gif?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=111&partneruserid=ID5-632bhOSjupo1vdRoNINUp-sxGbreZvcK_wvnbh0_cg&redirurl=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F102%2F8%2F2.gif%3Fpuid%3DSMART_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/102/102/8/2.gif?puid=8978801468337922557&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy=&_bee_ppp=1 HTTP 303
  • https://id5-sync.com/k/155.gif?puid=AACrE07JtEYAACl9xk287Q&id5AccountNum=155&numCascadesAllowed=9
Request Chain 533
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=smart-adserver&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=885e676c-3a70-45fe-acfc-e7ad294a43e8&gdpr=0&gdpr_consent=
Request Chain 550
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LLAVGYIH-G-GET7 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LLAVGYIH-G-GET7&ex=d-rubiconproject.com&status=ok
Request Chain 553
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=aFMaeMgSRM-ixhxhGkdhEQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 554
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=68531A78-C812-44CF-A2C6-1C611A476111 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=68531A78-C812-44CF-A2C6-1C611A476111 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=729e4ab9-4626-4c72-9437-f28f3a88b1bb%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=885e676c-3a70-45fe-acfc-e7ad294a43e8&ttd_puid=729e4ab9-4626-4c72-9437-f28f3a88b1bb%2C%2C
Request Chain 557
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Njg1MzFBNzgtQzgxMi00NENGLUEyQzYtMUM2MTFBNDc2MTEx&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160065&pmc=1&pr=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dpubmatic%26obUid%3DKQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR%26gdpr%3D0%26initiator%3Dob%26gdpr_consent%3D%26us_privacy%3D1---%26uid%3D68531A78-C812-44CF-A2C6-1C611A476111&us_privacy=%24%7BUS_PRIVACY%7D HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&gdpr=0&initiator=ob&gdpr_consent=&us_privacy=1---&uid=68531A78-C812-44CF-A2C6-1C611A476111
Request Chain 558
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPTX_oTCFaZXlMlwPLXMozU&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160065&pmc=1&pr=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dpubmatic%26obUid%3DKQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR%26gdpr%3D0%26initiator%3Dob%26gdpr_consent%3D%26us_privacy%3D1---%26uid%3D68531A78-C812-44CF-A2C6-1C611A476111&us_privacy=%24%7BUS_PRIVACY%7D HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&gdpr=0&initiator=ob&gdpr_consent=&us_privacy=1---&uid=68531A78-C812-44CF-A2C6-1C611A476111
Request Chain 559
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:4F94844F4CC4401AB7330777BA793A74 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160065&pmc=1&pr=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dpubmatic%26obUid%3DKQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR%26gdpr%3D0%26initiator%3Dob%26gdpr_consent%3D%26us_privacy%3D1---%26uid%3D68531A78-C812-44CF-A2C6-1C611A476111&us_privacy=%24%7BUS_PRIVACY%7D HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&gdpr=0&initiator=ob&gdpr_consent=&us_privacy=1---&uid=68531A78-C812-44CF-A2C6-1C611A476111
Request Chain 560
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=885e676c-3a70-45fe-acfc-e7ad294a43e8&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=68531A78-C812-44CF-A2C6-1C611A476111&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-MIdz6AlE2uW5wJEvipv9u_hOZ5ymadk-~A&gdpr=0
Request Chain 561
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4086215225291572915&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=68531A78-C812-44CF-A2C6-1C611A476111&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-MIdz6AlE2uW5wJEvipv9u_hOZ5ymadk-~A&gdpr=0
Request Chain 574
  • https://x.bidswitch.net/sync?ssp=themediagrid&us_privacy=1--- HTTP 302
  • https://stags.bluekai.com/site/92145?id=2ec00d2e-f53c-465e-92d3-2beaa816ca85&redir=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D452%26ssp%3Dthemediagrid%26user_id%3D&limit=1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=452&ssp=themediagrid&user_id=
Request Chain 575
  • https://match.adsrvr.org/track/usersync?us_privacy=1---&gdpr=0&gdpr_consent=undefined&ust=image HTTP 302
  • https://usermatch.krxd.net/um/v2?partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=885e676c-3a70-45fe-acfc-e7ad294a43e8 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=krux&ttd_tpi=1&ttd_puid=PvBJHFtJ&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=885e676c-3a70-45fe-acfc-e7ad294a43e8 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=ttd&partner_uid=885e676c-3a70-45fe-acfc-e7ad294a43e8
Request Chain 577
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TExBVkdZSUgtRy1HRVQ3 HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFITNWv_XUvtPo7u4myPv7I&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExBVkdZSUgtRy1HRVQ3&google_push=
Request Chain 578
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjMzMWRjYjAxMjIxZjFhNmEzMzA0YzdkMzdmZDdlMDczOTZmNzMzMA
Request Chain 579
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLAVGYIH-G-GET7
Request Chain 580
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=885e676c-3a70-45fe-acfc-e7ad294a43e8&gdpr=0&gdpr_consent=&expires=30
Request Chain 581
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEA1oAg1BQgKO2ccCOqdhq1s&google_cver=1
Request Chain 582
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/qBhDGrNtQliihnirOgLdmQ?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-gOQ83sxE2oI_nbgbh.qTwLCMt1qU.DvvlgFJzA--~A
Request Chain 583
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=HFIx2xs4SV-XS4J2pB0zhg&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=HFIx2xs4SV-XS4J2pB0zhg
Request Chain 584
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LLAVGYIH-G-GET7 HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=LLAVGYIH-G-GET7
Request Chain 585
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=ogury&gdpr_consent=undefined&gdpr_consent=undefined&khaos=LLAVGYIH-G-GET7 HTTP 302
  • https://ms-cookie-sync.presage.io/user-sync?magnite_id=LLAVGYIH-G-GET7&gdpr_consent=undefined
Request Chain 591
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=885e676c-3a70-45fe-acfc-e7ad294a43e8&dongle=0cfd&gdpr=0&gdpr_consent=
Request Chain 592
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Njg5NjYxMjQyNjcyMzUyOTk2MjE5 HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 593
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEO2b-56AHTyF6sIVidQEQ-c&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 594
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Njg5NjYxMjQyNjcyMzUyOTk2MjE5
Request Chain 596
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=689661242672352996219&gdpr=0&gdpr_consent= HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=15e7f8ff-07e6-4309-9696-695e3fbea310&ssp=triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=2ec00d2e-f53c-465e-92d3-2beaa816ca85&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 597
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/689661242672352996219?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-LteRAftE2oSRPlg7yzGwIcnkaHtyCNK2hGEe.AZczQ--~A&dongle=0883
Request Chain 599
  • https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40%40CRITEO_USERID%40%40%26dongle%3D013b HTTP 302
  • https://eb2.3lift.com/xuid?mid=2711&xuid=43438add-310c-42c6-a606-253d769a587a&dongle=013b
Request Chain 600
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=6125384915149995829&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 602
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=885e676c-3a70-45fe-acfc-e7ad294a43e8&dongle=0cfd&gdpr=0&gdpr_consent=
Request Chain 603
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Njg5NjYxMjQyNjcyMzUyOTk2MjE5 HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 604
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEO2b-56AHTyF6sIVidQEQ-c&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 605
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Njg5NjYxMjQyNjcyMzUyOTk2MjE5
Request Chain 607
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=689661242672352996219&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=triplelift&bds_param=2ec00d2e-f53c-465e-92d3-2beaa816ca85 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=340&user_id=29c4531c-4349-4322-918b-c6939fbaab19&expires=10&ssp=triplelift&bsw_param=2ec00d2e-f53c-465e-92d3-2beaa816ca85 HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=2ec00d2e-f53c-465e-92d3-2beaa816ca85&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 608
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/689661242672352996219?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-LteRAftE2oSRPlg7yzGwIcnkaHtyCNK2hGEe.AZczQ--~A&dongle=0883
Request Chain 610
  • https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40%40CRITEO_USERID%40%40%26dongle%3D013b HTTP 302
  • https://eb2.3lift.com/xuid?mid=2711&xuid=43438add-310c-42c6-a606-253d769a587a&dongle=013b
Request Chain 611
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=6125384915149995829&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 623
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D271858%26extuid%3D%24UID HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=271858&extuid=6125384915149995829
Request Chain 625
  • https://pixel.advertising.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true HTTP 301
  • https://ups.analytics.yahoo.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=290146&extuid=y-uHIRbmdE2uF6igFf13hTFan0Fo_yG9kD~A
Request Chain 632
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1---&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1---&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X HTTP 307
  • https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1---&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Request Chain 648
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 653
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=6125384915149995829
Request Chain 654
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1---&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1---&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=HJkhbLZHRtsgZLtNTqiinddP
Request Chain 655
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1---&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1---&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://ads.servenobid.com/sync?pid=310&uid=HJkhbLZHRtsgZLtNTqiinddP
Request Chain 656
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=7290121229 HTTP 302
  • https://sync.1rx.io/usersync/turn/4086215225291572915?dspret=1&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-8473adf2-1b89-4704-a0af-ee0cafa92d52-005?redir=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11579%26id%3DRX-8473adf2-1b89-4704-a0af-ee0cafa92d52-005 HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11579&id=RX-8473adf2-1b89-4704-a0af-ee0cafa92d52-005
Request Chain 657
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=969188718189332721
Request Chain 658
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=332&uid=273e4370-6533-4b38-9af5-edc3c5d51bd0
Request Chain 659
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1---&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F4613%3Fgdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26us_privacy%3D1---%26A%3D50478a03-0398-43f7-86fc-e8df8347d808%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID HTTP 302
  • https://prebid.a-mo.net/cchain/0/4613?gdpr=0&gdpr_consent=&gpp=&gpp_sid=&us_privacy=1---&A=50478a03-0398-43f7-86fc-e8df8347d808&bidder=appnexus&cbx=aHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%3D&uid=6125384915149995829 HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F4613%3Fgdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26us_privacy%3D1---%26A%3D50478a03-0398-43f7-86fc-e8df8347d808%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D HTTP 302
  • https://prebid.a-mo.net/cchain/1/4613?gdpr=0&gdpr_consent=&gpp=&gpp_sid=&us_privacy=1---&A=50478a03-0398-43f7-86fc-e8df8347d808&bidder=index_rtb&cbx=aHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%3D&uid=ZNoi9Ggn7zBNSI16aEKdmQAA%263515 HTTP 302
  • https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F4%2F4613%3Fgdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26us_privacy%3D1---%26A%3D50478a03-0398-43f7-86fc-e8df8347d808%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID HTTP 303
  • https://prebid.a-mo.net/cchain/4/4613?gdpr=0&gdpr_consent=&gpp=&gpp_sid=&us_privacy=1---&A=50478a03-0398-43f7-86fc-e8df8347d808&bidder=adform&cbx=aHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%3D&uid=7015751175867750616 HTTP 302
  • https://ads.servenobid.com/sync?pid=327&uid=50478a03-0398-43f7-86fc-e8df8347d808&us_privacy=1---&gdpr=0
Request Chain 660
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-ka0IJ91E2uEn8mIOLyAuUA.dc8QajnFTWDzb2vs-~A
Request Chain 661
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://ads.servenobid.com/sync?pid=346&uid=ua-232b251a-73f7-38d2-b385-866b557f8a46
Request Chain 662
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-ka0IJ91E2uEn8mIOLyAuUA.dc8QajnFTWDzb2vs-~A
Request Chain 663
  • https://match.sharethrough.com/universal/v1?supply_id=KW3eSFMR&gdpr=0&gdpr_consent=&us_privacy=1---& HTTP 302
  • https://ads.servenobid.com/sync?pid=351&uid=2e7556fa-d433-4e40-9dcf-8adfe374e481&gdpr=0
Request Chain 664
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E HTTP 302
  • https://ads.servenobid.com/sync?pid=353&uid=3350189961523764000V10
Request Chain 665
  • https://sync.admanmedia.com/pbs.gif?gdpr=0&gdpr_consent=&us_privacy=1---&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D328%26uid%3D%5BUID%5D HTTP 302
  • https://ads.servenobid.com/sync?pid=328&uid=ca97df06-6c9e-4029-8a33-8a416c993787
Request Chain 666
  • https://crb.kargo.com/api/v1/dsync/PrebidServer?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dkargo%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=kargo&uid=0b404d44-1ef0-08ca-124f-fb3dc2e750df&us_privacy=pbs-ozone
Request Chain 670
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3350189961523764000V10%26type%3Drkt%26refUrl%3D%26vid%3D20173994373350189961523764000V10%26ovsid%3D%7Buserid%7D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3350189961523764000V10&type=rkt&refUrl=&vid=20173994373350189961523764000V10&ovsid=969188718189332721
Request Chain 671
  • https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3350189961523764000V10%26type%3Dcon%26refUrl%3D%26vid%3D20173994373350189961523764000V10%26ovsid%3D%24UID HTTP 302
  • https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=a74e574c38321b6&is_secure=true&version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3350189961523764000V10%26type%3Dcon%26refUrl%3D%26vid%3D20173994373350189961523764000V10%26ovsid%3D%24UID HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3350189961523764000V10&type=con&refUrl=&vid=20173994373350189961523764000V10&ovsid=AAAMuSdE6J2fHANCmUS6AAAAAAA&expiration=1692103799&is_secure=true
Request Chain 672
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3350189961523764000V10%26type%3Dr1%26refUrl%3D%26vid%3D20173994373350189961523764000V10%26ovsid%3D%5BRX_UUID%5D HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=2478565048 HTTP 302
  • https://sync.1rx.io/usersync/turn/4086215225291572915?dspret=1&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-8473adf2-1b89-4704-a0af-ee0cafa92d52-005?redir=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11599%26id%3DRX-8473adf2-1b89-4704-a0af-ee0cafa92d52-005 HTTP 302
  • https://cs.yellowblue.io/cs?aid=11599&id=RX-8473adf2-1b89-4704-a0af-ee0cafa92d52-005
Request Chain 673
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzM1MDE4OTk2MTUyMzc2NDAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEAd430h0QrBN59qV5xXs-WM&google_cver=1
Request Chain 674
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3350189961523764000V10%26type%3Ddxu%26refUrl%3D%26vid%3D20173994373350189961523764000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3350189961523764000V10%26type%3Ddxu%26refUrl%3D%26vid%3D20173994373350189961523764000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3350189961523764000V10&type=dxu&refUrl=&vid=20173994373350189961523764000V10&ovsid=b7GxuppY1Qvx1d5
Request Chain 675
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=43438add-310c-42c6-a606-253d769a587a
Request Chain 676
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dmedianet HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dmedianet HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=df42ed37-b5c3-41cf-a6a0-9e25fb4c785b&ssp=medianet HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=2ec00d2e-f53c-465e-92d3-2beaa816ca85&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 677
  • https://b1sync.zemanta.com/usersync/medianet/?puid=${VSID}&cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3350189961523764000V10%26type%3Dzem%26refUrl%3D%26vid%3D20173994373350189961523764000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=JJ-Bcr2ZgPSZovj0FZ9P&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2MJGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKKJIWUEY3SGJNGOUCTLJXXM2RQIZNDSUDIOR2HA4ZFGNASKMSGEUZEMY3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIJJSIZRWW43ZNZRS44DIOASTGRTDOMSTGRBYEZXXM43JMQ6V6X22KVEUIX27EZZGKZSVOJWD2JTUPFYGKPL2MVWSM5DZOBST26TFNUTHM2LEHUZDAMJXGM4TSNBTG4ZTGNJQGE4DSOJWGE2TEMZXGY2DAMBQKYYTAJTWONUWIPJTGM2TAMJYHE4TMMJVGIZTONRUGAYDAVRRGA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2MJGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKKJIWUEY3SGJNGOUCTLJXXM2RQIZNDSUDIOR2HA4ZFGNASKMSGEUZEMY3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIJJSIZRWW43ZNZRS44DIOASTGRTDOMSTGRBYEZXXM43JMQ6V6X22KVEUIX27EZZGKZSVOJWD2JTUPFYGKPL2MVWSM5DZOBST26TFNUTHM2LEHUZDAMJXGM4TSNBTG4ZTGNJQGE4DSOJWGE2TEMZXGY2DAMBQKYYTAJTWONUWIPJTGM2TAMJYHE4TMMJVGIZTONRUGAYDAVRRGA HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&ovsid=JJ-Bcr2ZgPSZovj0FZ9Phttps%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8&ovsid=__ZUID__&refUrl=&type=zem&type=zem&vid=20173994373350189961523764000V10&vsid=3350189961523764000V10
Request Chain 679
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3350189961523764000V10 HTTP 302
  • https://contextual.media.net/cksync.php?type=mf&ovsid=8759a31e-b0b9-4b35-8fbe-32318a0f4a18&cs=1
Request Chain 681
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=885e676c-3a70-45fe-acfc-e7ad294a43e8
Request Chain 682
  • https://creativecdn.com/cm-notify?pi=medianet HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&vsid=%7BMedia.net_User_id%7D&type=rbh&ovsid=nbVMDximHKFhSA45Jmrh&pi=medianet
Request Chain 694
  • https://b1sync.zemanta.com/usersync/smart/?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D116%26partneruserid%3D__ZUID__&gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=JJ-Bcr2ZgPSZovj0FZ9P&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIWWG43ZNZRS443NMFZHIYLEONSXE5TFOIXGG33NF5ZGKZDJOIXT6ZLYMNUGC3THMU6XG3LBOJ2CMZ3EOBZD2MBGNFZXG2J5GETHAYLSORXGK4TJMQ6TCMJWEZYGC4TUNZSXE5LTMVZGSZB5JJFC2QTDOIZFUZ2QKNNG65TKGBDFUOKQ&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIWWG43ZNZRS443NMFZHIYLEONSXE5TFOIXGG33NF5ZGKZDJOIXT6ZLYMNUGC3THMU6XG3LBOJ2CMZ3EOBZD2MBGNFZXG2J5GETHAYLSORXGK4TJMQ6TCMJWEZYGC4TUNZSXE5LTMVZGSZB5JJFC2QTDOIZFUZ2QKNNG65TKGBDFUOKQ HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?gdpr=0&issi=1&partnerid=116&partneruserid=JJ-Bcr2ZgPSZovj0FZ9P
Request Chain 695
  • https://dsp.adfarm1.adition.com/cookie/?ssp=5&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7267159384384272534&gdpr=0&gdpr_consent=
Request Chain 696
  • https://sync.1rx.io/usersync2/smartadserver?gdpr=0&gdpr_consent= HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=8220879763 HTTP 302
  • https://sync.1rx.io/usersync/turn/4086215225291572915?dspret=1&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-8473adf2-1b89-4704-a0af-ee0cafa92d52-005
Request Chain 697
  • https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%40&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=43438add-310c-42c6-a606-253d769a587a&gdpr=0&gdpr_consent=
Request Chain 734
  • https://cd.connatix.com/connatix.player.js HTTP 302
  • https://cds.connatix.com/p/313598/connatix.player.js
Request Chain 738
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6125384915149995829
Request Chain 739
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZNoi9QAIevMY0AAN
Request Chain 740
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4086215225291572915
Request Chain 741
  • https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1 HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=ec9f51ba-a92d-4bc3-b528-5d83f3416cac
Request Chain 742
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://stags.bluekai.com/site/23178?id=JJ-Bcr2ZgPSZovj0FZ9P&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2SSKFVBGG4RSLJTVAU22N53GUMCGLI4VA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2SSKFVBGG4RSLJTVAU22N53GUMCGLI4VA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=JJ-Bcr2ZgPSZovj0FZ9P
Request Chain 744
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=ZNoi9Ggn7zBNSI16aEKdmQAA%263515&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=b4710917-0b04-4ba8-9535-9bcee0258555-tuctbd3a878
Request Chain 746
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_86675a2e-1fa3-4d4a-8df3-7774f2fc0697&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgumgum2 HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgumgum2 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=df42ed37-b5c3-41cf-a6a0-9e25fb4c785b&ssp=gumgum2 HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=2ec00d2e-f53c-465e-92d3-2beaa816ca85&gdpr=&gdpr_consent=&us_privacy=
Request Chain 747
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR%29%26gdpr%3D0 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_86675a2e-1fa3-4d4a-8df3-7774f2fc0697&obuid=ENC(KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR)&gdpr=0 HTTP 302
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0 HTTP 302
  • https://ice.360yield.com/server_match?partner_id=1863&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dimprove_digital%26uid%3D%7BPUB_USER_ID%7D%26obUid%3DKQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR%26gdpr%3D0%26gdpr_consent%3D%24CONSNT_STRING%26us_privacy%3D%24CCPA%26initiator%3Dplatform HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=improve_digital&uid=9ee49186-746a-4a99-b9ae-326ad01ba3bd&obUid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&gdpr=0&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&initiator=platform
Request Chain 748
  • https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D HTTP 303
  • https://usersync.gumgum.com/usersync?b=dit&i=di_46728c7c51484919aba18
Request Chain 749
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=8978801468337922557
Request Chain 751
  • https://sync.1rx.io/usersync2/rise?redir=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11579%26id%3D%5BRX_UUID%5D HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=6798550393 HTTP 302
  • https://sync.1rx.io/usersync/turn/4086215225291572915?dspret=1&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-8473adf2-1b89-4704-a0af-ee0cafa92d52-005
Request Chain 752
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11603%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BUSER_CONSENT%5D%26uid%3D$%7BBSW_UUID%7D HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11603&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&uid=2ec00d2e-f53c-465e-92d3-2beaa816ca85
Request Chain 753
  • https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11575%26uid%3D%5BUSER_ID%5D HTTP 307
  • https://cs-server-s2s.yellowblue.io/cs?aid=11575&uid=2129E09A41B14F3196FBE4892007BDC9
Request Chain 754
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=68531A78-C812-44CF-A2C6-1C611A476111&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=2f790f6bcd1823d0&is_secure=true&networkId=17100&version=1&nuid=68531A78-C812-44CF-A2C6-1C611A476111&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMgybzHMEkcQMa0loRAAAAAAA&expiration=1692103801&nuid=68531A78-C812-44CF-A2C6-1C611A476111&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 755
  • https://bh.contextweb.com/bh/rtset?pid=562615&ev=1&us_privacy=[US_PRIVACY]&gdpr=0&gdpr_consent=&rurl=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11592%26uid%3D%25%25VGUID%25%25 HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11592&uid=5TsF0pv5gg6c&ev=1&us_privacy=[US_PRIVACY]&pid=562615&gdpr_consent=&gdpr=0
Request Chain 756
  • https://ssbsync.smartadserver.com/api/sync?callerId=77&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11600&id=8978801468337922557&gdpr=0&gdpr_consent=
Request Chain 757
  • https://sync.go.sonobi.com/us?gdpr=0&consent_string=&loc=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D115667%26uid%3D%5BUID%5D HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=115667&uid=273e4370-6533-4b38-9af5-edc3c5d51bd0
Request Chain 758
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11596%26id%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11596&id=6125384915149995829&gdpr=0&gdpr_consent=
Request Chain 759
  • https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11601&id=02b7552c669c0daad14cb542a333f7&gdpr_consent=&gdpr=0
Request Chain 760
  • https://ads.yieldmo.com/pbsync?is=rise&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11584%26uid%3D$UID HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11584&uid=3miJdzzTTJz59jIHRbNE&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 761
  • https://match.sharethrough.com/universal/v1?supply_id=5926d422&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11587&uid=2e7556fa-d433-4e40-9dcf-8adfe374e481&gdpr=0
Request Chain 762
  • https://us-u.openx.net/w/1.0/cm?id=58ceaaf5-c766-4c17-869a-d76e43401714&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11563%26id%3D HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11563&id=444b66c8-7f16-4fc1-ac62-c3839d97f4c6
Request Chain 763
  • https://sync.1rx.io/usersync2/rmpssp?sub=typeaholdings HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1660207985 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/885e676c-3a70-45fe-acfc-e7ad294a43e8 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-8473adf2-1b89-4704-a0af-ee0cafa92d52-005
Request Chain 764
  • https://ssum-sec.casalemedia.com/usermatchredir?s=194590&cb=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11583%26id%3D HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11583&id=ZNoi9Ggn7zBNSI16aEKdmQAADbsAAAAB
Request Chain 766
  • https://csync.loopme.me/?pubid=11362&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11571%26id%3D%7Bdevice_id%7D HTTP 307
  • https://cs-server-s2s.yellowblue.io/cs?aid=11571&id=d3b0ff90-af00-45c0-8b53-51476465188b&gdpr_consent=null&gdpr=0
Request Chain 767
  • https://ssc-cms.33across.com/ps/?ri=0015a00002hdV5tAAE&ru=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11580%26puid%3D33XUSERID33X HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11580&puid=212236466587534
Request Chain 769
  • https://ib.adnxs.com/getuid?%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D181225%26dsp%3D578434%26t%3Dimage%26uid%3D%24UID%26us_privacy%3D1--- HTTP 302
  • https://sync.adkernel.com/user-sync?zone=181225&dsp=578434&t=image&uid=6125384915149995829&us_privacy=1---
Request Chain 770
  • https://sync.1rx.io/usersync2/rmpssp?sub=sportority HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=5785388252 HTTP 302
  • https://sync.1rx.io/usersync/turn/4086215225291572915?dspret=1&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-8473adf2-1b89-4704-a0af-ee0cafa92d52-005
Request Chain 771
  • https://ads.yieldmo.com/pbsync?is=mmed&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]&redirectUri=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21486%26uid%3D$UID HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21486&uid=3miJdzzTTJz59jIHRbNE&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]
Request Chain 772
  • https://x.bidswitch.net/sync?ssp=minutemedia&gdpr=0&gdpr_consent=&user_id=%s HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=2ec00d2e-f53c-465e-92d3-2beaa816ca85&ssp=minutemedia&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10596758823292913325&ssp=minutemedia&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21490&id=2ec00d2e-f53c-465e-92d3-2beaa816ca85
Request Chain 773
  • https://ad.360yield.com/server_match?partner_id=2073&r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21489%26id%3D%7BPUB_USER_ID%7D HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21489&id=9ee49186-746a-4a99-b9ae-326ad01ba3bd
Request Chain 774
  • https://image8.pubmatic.com/AdServer/ImgSync?p=161683&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=68531A78-C812-44CF-A2C6-1C611A476111&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=5630058156e82338&is_secure=true&networkId=17100&version=1&nuid=68531A78-C812-44CF-A2C6-1C611A476111&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMgybzHMEkeANPQjKEAAAAAAA&expiration=1692103801&nuid=68531A78-C812-44CF-A2C6-1C611A476111&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 775
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21492%26uid%3D HTTP 302
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F4890%3Fgdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D50478a03-0398-43f7-86fc-e8df8347d808%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9%26uid%3D%24UID HTTP 307
  • https://prebid.a-mo.net/cchain/1/4890?gdpr=0&gdpr_consent=&gpp=&gpp_sid=&us_privacy=&A=50478a03-0398-43f7-86fc-e8df8347d808&bidder=sovrn&cbx=aHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9&uid=HJkhbLZHRtsgZLtNTqiinddP HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F2%252F4890%253Fgdpr%253D0%2526gdpr_consent%253D%2526gpp%253D%2526gpp_sid%253D%2526us_privacy%253D%2526A%253D50478a03-0398-43f7-86fc-e8df8347d808%2526bidder%253Dpubmatic%2526cbx%253DaHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9%2526uid%253D%2523PMUID HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7015751175867750616 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 776
  • https://rtb.mfadsrvr.com/sync?ssp=minutemedia HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21503&id=8759a31e-b0b9-4b35-8fbe-32318a0f4a18
Request Chain 777
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21495%26id%3D$UID&partner=minutemedia HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21495&id=ua-232b251a-73f7-38d2-b385-866b557f8a46
Request Chain 778
  • https://ads.betweendigital.com/match?bidder_id=44808&gdpr=0&gdpr_consent=&callback_url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21505%26id%3D$%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=44808&gdpr=0&gdpr_consent=&callback_url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21505%26id%3D%24%7BUSER_ID%7D&crf=1&rts=-2274863974816928324 HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21505&id=04899144-0d37-53e2-8a09-f160eed3d398
Request Chain 780
  • https://match.sharethrough.com/universal/v1?supply_id=3r9HMldH&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21496&id=2e7556fa-d433-4e40-9dcf-8adfe374e481&gdpr=0
Request Chain 781
  • https://cs.krushmedia.com/6185b9cf4d72f7e454746134b8c78716.gif?redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21501%26puid%3D%5BUID%5D HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21501&puid=e619a086-6237-43e7-a4c9-07e5deaedcb9
Request Chain 782
  • https://csync.loopme.me/?pubid=11556&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&redirect=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21511%26id%3D%7Bdevice_id%7D HTTP 307
  • https://cs.minutemedia-prebid.com/cs?aid=21511&id=04ecafb6-a0cb-4e90-9aab-6c7641426e22&gdpr_consent=[USER_CONSENT]&gdpr=[GDPR]
Request Chain 783
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D$UID HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21480&id=689661242672352996219
Request Chain 784
  • https://ssbsync.smartadserver.com/api/sync?callerId=59&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT] HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21498&id=8978801468337922557&gdpr=0&gdpr_consent=
Request Chain 785
  • https://b1sync.zemanta.com/usersync/minutemedia/?&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21515%26uid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=JJ-Bcr2ZgPSZovj0FZ9P&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3TFZWWS3TVORSW2ZLENFQS24DSMVRGSZBOMNXW2L3DOM7WC2LEHUZDCNJRGUTGK6DDNBQW4Z3FHVWWS3TVORSW2ZLENFQSM5LJMQ6UUSRNIJRXEMS2M5IFGWTPOZVDARS2HFIA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3TFZWWS3TVORSW2ZLENFQS24DSMVRGSZBOMNXW2L3DOM7WC2LEHUZDCNJRGUTGK6DDNBQW4Z3FHVWWS3TVORSW2ZLENFQSM5LJMQ6UUSRNIJRXEMS2M5IFGWTPOZVDARS2HFIA HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21515&uid=JJ-Bcr2ZgPSZovj0FZ9P
Request Chain 786
  • https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21483%26id%3D%5BUSER_ID%5D HTTP 307
  • https://cs.minutemedia-prebid.com/cs?aid=21483&id=2129E09A41B14F3196FBE4892007BDC9
Request Chain 787
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21484%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BUSER_CONSENT%5D%26id%3D$UID HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21484&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&id=6125384915149995829
Request Chain 788
  • https://ssum-sec.casalemedia.com/usermatchredir?s=196326&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26id%3D HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21476&id=ZNoi9Ggn7zBNSI16aEKdmQAA%263515
Request Chain 789
  • https://u.openx.net/w/1.0/cm?id=29975467-6f1b-4e06-b545-920b22ea49b2&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26id%3D HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21477&id=3512985a-d76b-4dd0-9fbd-86e6fc3daa60
Request Chain 790
  • https://ssc-cms.33across.com/ps/?ri=0015a00002hdV5tAAE&ru=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21485%26puid%3D33XUSERID33X HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21485&puid=212236466587534
Request Chain 791
  • https://bh.contextweb.com/bh/rtset?pid=562963&ev=1&us_privacy=[US_PRIVACY]&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&rurl=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21494%26id%3D%25%25VGUID%25%25 HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21494&id=5TsF0pv5gg6c&ev=1&us_privacy=[US_PRIVACY]&pid=562963&gdpr_consent=[USER_CONSENT]&gdpr=[GDPR]
Request Chain 792
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21488%26id%3D%24UID HTTP 307
  • https://cs.minutemedia-prebid.com/cs?aid=21488&id=HJkhbLZHRtsgZLtNTqiinddP
Request Chain 793
  • https://sync.go.sonobi.com/us?gdpr=0&consent_string=&loc=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21504%26uid%3D%5BUID%5D HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21504&uid=273e4370-6533-4b38-9af5-edc3c5d51bd0
Request Chain 794
  • https://visitor.omnitagjs.com/visitor/bsync?uid=a1aca1d7a7acd80e26595e82223f1e6f&name=MinuteMedia&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21502%26id%3D%5BBUYER_ID%5D HTTP 307
  • https://cs.minutemedia-prebid.com/cs?aid=21502&id=319d01586de56a5b586bfe7d7e64dd29
Request Chain 813
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&us_privacy=1--- HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6125384915149995829&us_privacy=1---
Request Chain 814
  • https://match.prod.bidr.io/cookie-sync/ie?us_privacy=1--- HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?us_privacy=1---&_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABIlE7JtEYAACU0N_3KsQ&expiration=1693227000&us_privacy=1---
Request Chain 816
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=1---&gdpr=&gdpr_consent=&id=ZNoi9Ggn7zBNSI16aEKdmQAA%263515&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=1fda57ea-2c09-4838-9cc1-26167d51b9d6-tuctbd3a878
Request Chain 818
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZNoi9Ggn7zBNSI16aEKdmQAADbsAAAAB&gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZNoi9Ggn7zBNSI16aEKdmQAADbsAAAAB
Request Chain 819
  • https://ad.turn.com/r/cs?pid=21&us_privacy=1--- HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4086215225291572915
Request Chain 823
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&us_privacy=1--- HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6125384915149995829&us_privacy=1---
Request Chain 824
  • https://match.prod.bidr.io/cookie-sync/ie?us_privacy=1--- HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?us_privacy=1---&_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABFCk7JtEYAACVAbz7Dsg&expiration=1693227000&us_privacy=1---
Request Chain 826
  • https://x.bidswitch.net/sync?ssp=index&us_privacy=1--- HTTP 302
  • https://rtb2-useast.marketiq.com/sync?exchange=685&ssp=index&bsw_param=2ec00d2e-f53c-465e-92d3-2beaa816ca85 HTTP 302
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.marketiq.com%2Fsync%3Fexchange%3D685%26ssp%3Dindex%26bsw_param%3D2ec00d2e-f53c-465e-92d3-2beaa816ca85 HTTP 302
  • https://rtb2-useast.marketiq.com/sync?adkuid=A4227443290020297021&exchange=685&ssp=index&bsw_param=2ec00d2e-f53c-465e-92d3-2beaa816ca85 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=458&user_id=A4227443290020297021&expires=5&ssp=index&bsw_param=2ec00d2e-f53c-465e-92d3-2beaa816ca85 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=2ec00d2e-f53c-465e-92d3-2beaa816ca85&gdpr=&gdpr_consent=&us_privacy=
Request Chain 827
  • https://trace.mediago.io/ju/cs/indexexchange HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=12ebf5e67218f0c3469d048f22b57088
Request Chain 828
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&us_privacy=1--- HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=4F94844F4CC4401AB7330777BA793A74&us_privacy=1---
Request Chain 829
  • https://ad.turn.com/r/cs?pid=21&us_privacy=1--- HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4086215225291572915
Request Chain 831
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=1--- HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
Request Chain 832
  • https://ssc-cms.33across.com/ps/?us_privacy=1---&ts=1692017399356.7&ri=25&ru=https%3A%2F%2Fads.pubmatic.com%2FAdServer%2Fjs%2Fuser_sync.html%3F%26p%3D156423%26us_privacy%3D%24%7BUS_PRIVACY%7D%26predirect%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D25%2526external_user_id%253D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=1---&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D1---%26bidder_id%3D25%26external_user_id%3D
Request Chain 833
  • https://ssc-cms.33across.com/ps/?_=1692017399356.&ri=zzz000000000002zzz&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X HTTP 302
  • https://prebid-server.rubiconproject.com/setuid?bidder=33across&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&account=&f=b&uid=212236466587534
Request Chain 834
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy=1--- HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=2ec00d2e-f53c-465e-92d3-2beaa816ca85&ssp=the33across&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10596758823292913325&ssp=the33across&gdpr=&gdpr_consent= HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=2ec00d2e-f53c-465e-92d3-2beaa816ca85 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=2ec00d2e-f53c-465e-92d3-2beaa816ca85&ts=1692017402&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 835
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-CQQtBoBE2uEV41gJSg4n7Pr2YYMqeIDw~A HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-CQQtBoBE2uEV41gJSg4n7Pr2YYMqeIDw%7EA&ts=1692017400&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 836
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy=1--- HTTP 302
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=7c5a931b7d09103b&is_secure=true&networkId=78390&version=1&us_privacy=1--- HTTP 302
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAAMgybzHMEkMwNzJgqMAAAAAAA&expiration=1692103800&is_secure=true&us_privacy=1--- HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAMgybzHMEkMwNzJgqMAAAAAAA&ts=1692017400&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
Request Chain 837
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D1---%26xi%3D33%26xu%3D%24UID HTTP 302
  • https://ssc-cms.33across.com/ps/?us_privacy=1---&xi=33&xu=689661242672352996219 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=689661242672352996219&ts=1692017400&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
Request Chain 839
  • https://pix.cdnwidget.com/redirect?CID=2TyZhHp4GYUuwOWfeL39OANSHAn&DID=2TyZhINDIDmhyTKWZ3SFLYGq6d5&v=&iv=&deviceid=3597984204655002310&visitid=1692017398043911&wsid=2045&apikey=2^HIykD HTTP 302
  • https://pippio.com/api/sync?pid=5749 HTTP 307
  • https://pix.cdnwidget.com/hash.gif?md5=none&sha1=none&sha256=none
Request Chain 842
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZNoi9cCo8X8AAGiFsigAAAAA
Request Chain 845
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 846
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=rise_engage&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Request Chain 848
  • https://ads.us.e-planning.net/uspd/1/29f836b1c2dd7f7b?ruidm=1&du=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D181225%26dsp%3D629319%26t%3Diframe%26uid%3D%24UID%26us_privacy%3D1--- HTTP 302
  • https://ads.us.e-planning.net/uspd/1/29f836b1c2dd7f7b?ct=1&ruidm=1&du=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D181225%26dsp%3D629319%26t%3Diframe%26uid%3D%24UID%26us_privacy%3D1---
Request Chain 851
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=minute_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Request Chain 873
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirectUri=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsmart%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%5Bssb_sync_pid%5D HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=smart&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=8978801468337922557
Request Chain 877
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=HJkhbLZHRtsgZLtNTqiinddP
Request Chain 878
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=04899144-0d37-53e2-8a09-f160eed3d398
Request Chain 879
  • https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID HTTP 302
  • https://us-u.openx.net/w/1.0/cm?id=a9dcab4e-14df-43e4-a5aa-817bd9887939&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FdspId%3D1001758%26gdpr%3D0%26gdpr_consent%3D%26dspCookie%3D HTTP 302
  • https://s.ad.smaato.net/c/?dspId=1001758&gdpr=0&gdpr_consent=&dspCookie=b5596773-acaf-4032-8f52-9596075f9aeb
Request Chain 880
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-232b251a-73f7-38d2-b385-866b557f8a46
Request Chain 881
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6125384915149995829
Request Chain 882
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=2e7556fa-d433-4e40-9dcf-8adfe374e481
Request Chain 883
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-632bhOSjupo1vdRoNINUp-sxGbreZvcK_wvnbh0_cg
Request Chain 886
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D9e327913d98873c4 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=d6b17afb-b9dc-4997-9b71-8ab66aac7c4f-64da22f6-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Dd6b17afb-b9dc-4997-9b71-8ab66aac7c4f-64da22f6-5553%26partner_url%3Dhttps%253A%252F%252Fu-iad04.e-planning.net%252Fum%253Fuid%253Dd6b17afb-b9dc-4997-9b71-8ab66aac7c4f-64da22f6-5553%2526dc%253D0abbcb4eba840e59%2526fi%253D9e327913d98873c4 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=d6b17afb-b9dc-4997-9b71-8ab66aac7c4f-64da22f6-5553&partner_url=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3Dd6b17afb-b9dc-4997-9b71-8ab66aac7c4f-64da22f6-5553%26dc%3D0abbcb4eba840e59%26fi%3D9e327913d98873c4 HTTP 302
  • https://u-iad04.e-planning.net/um?uid=d6b17afb-b9dc-4997-9b71-8ab66aac7c4f-64da22f6-5553&dc=0abbcb4eba840e59&fi=9e327913d98873c4
Request Chain 887
  • https://bh.contextweb.com/bh/rtset?pid=562965&ev=1&us_privacy=${us_privacy}&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%%VGUID%%%26dc%3D66b7ef4184d94c10%26fi%3D9e327913d98873c4 HTTP 302
  • https://u-iad04.e-planning.net/um?uid=5TsF0pv5gg6c&dc=66b7ef4184d94c10&fi=9e327913d98873c4&ev=1&us_privacy=${us_privacy}&pid=562965
Request Chain 888
  • https://sync.admanmedia.com/pbs.gif?redir=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D9937b3fd6e9a979a%26fi%3D9e327913d98873c4%26uid%3D%5BUID%5D HTTP 302
  • https://u-iad04.e-planning.net/um?dc=9937b3fd6e9a979a&fi=9e327913d98873c4&uid=ca97df06-6c9e-4029-8a33-8a416c993787
Request Chain 890
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D9e327913d98873c4%26uid%3D%24%7BUID%7D HTTP 302
  • https://u-iad04.e-planning.net/um?dc=ff96d1aa62deeebd&fi=9e327913d98873c4&uid=9595f591-1166-416d-8ca9-5f043d65e208
Request Chain 892
  • https://prebid-match.dotomi.com/match/bounce/current?networkId=72582&version=1&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Dfbb23d0ef33aad5d%26fi%3D9e327913d98873c4%26uid%3D HTTP 302
  • https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=3ca7e329a6212338&is_secure=true&networkId=72582&version=1&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Dfbb23d0ef33aad5d%26fi%3D9e327913d98873c4%26uid%3D HTTP 302
  • https://u-iad04.e-planning.net/um?dc=fbb23d0ef33aad5d&fi=9e327913d98873c4&uid=AAAMuSdE6J2fxgMJd9xkAAAAAAA&expiration=1692103803
Request Chain 893
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3D9e327913d98873c4 HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F&rd=1 HTTP 303
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fsync.richaudience.com%2F1a12a024f8f9561c49164bbaf87ed164%2F%3Fuid%3D[sas_uid]&gdpr=0&gdpr_consent=&nwid=2441/ HTTP 302
  • https://sync.smartadserver.com/getuid?url=https://sync.richaudience.com/1a12a024f8f9561c49164bbaf87ed164/?uid=[sas_uid]&gdpr=0&gdpr_consent=&nwid=2441/&cklb=1 HTTP 302
  • https://sync.richaudience.com/1a12a024f8f9561c49164bbaf87ed164/?uid=8978801468337922557
Request Chain 894
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D9e327913d98873c4%26uid%3D%24UID HTTP 302
  • https://u-iad04.e-planning.net/um?dc=8103fa85295fbe60&fi=9e327913d98873c4&uid=6125384915149995829
Request Chain 895
  • https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3D9e327913d98873c4%26uid%3D%5BUID%5D HTTP 302
  • https://u-iad04.e-planning.net/um?dc=e52415579699e09f&fi=9e327913d98873c4&uid=273e4370-6533-4b38-9af5-edc3c5d51bd0
Request Chain 896
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D9e327913d98873c4%26uid%3D%24UID&partner=eplanning HTTP 302
  • https://u-iad04.e-planning.net/um?dc=e64f73568d2b3c34&fi=9e327913d98873c4&uid=ua-232b251a-73f7-38d2-b385-866b557f8a46
Request Chain 897
  • https://match.sharethrough.com/universal/v1?supply_id=H7IJBRjH HTTP 302
  • https://sync.e-planning.net/um?uid=2e7556fa-d433-4e40-9dcf-8adfe374e481&dc=769fefa8321c94fb&iss=1
Request Chain 898
  • https://cs.krushmedia.com/ec2cf90fdaaf74e7d94341d9392b3202.gif?redir=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Df343cd610dc2b771%26fi%3D9e327913d98873c4%26uid%3D%5BUID%5D HTTP 302
  • https://u-iad04.e-planning.net/um?dc=f343cd610dc2b771&fi=9e327913d98873c4&uid=e619a086-6237-43e7-a4c9-07e5deaedcb9
Request Chain 899
  • https://cookies.nextmillmedia.com/sync?type=image&gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%5BNMUID%5D%26dc%3Db337141cfdc8cf59%26fi%3D9e327913d98873c4 HTTP 302
  • https://u-iad04.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=9e327913d98873c4
Request Chain 910
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=eplanning_east&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
Request Chain 911
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LLAVGYIH-G-GET7 HTTP 302
  • https://ads.servenobid.com/sync?pid=323&uid=LLAVGYIH-G-GET7
Request Chain 932
  • https://sync.1rx.io/usersync2/rmphb?gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
Request Chain 933
  • https://capi.connatix.com/core/sync?v=313598 HTTP 302
  • https://capi.connatix.com/core/sync?v=313598&final=true
Request Chain 951
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=4f9f154a1fd921b6&is_secure=true&networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAL-gR0RlSBeAM-RNnfAAAAAAA&expiration=1692103804&is_secure=true
Request Chain 952
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48 HTTP 302
  • https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=d6b17afb-b9dc-4997-9b71-8ab66aac7c4f-64da22f6-5553&gdpr=0&gdpr_consent=
Request Chain 953
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7015751175867750616&expiration=1693227004
Request Chain 955
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=969188718189332721
Request Chain 958
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=b7GxuppY1Qvx1d5
Request Chain 965
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN9If2Mz8By4UQ2Yjy2CZQY&google_cver=1
Request Chain 966
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZNoi9Ggn7zBNSI16aEKdmQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN9If2Mz8By4UQ2Yjy2CZQY&google_cver=1
Request Chain 967
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEDDR-4Rlpgz-EDGr0oZO8e4&google_cver=1
Request Chain 968
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjEyNTM4NDkxNTE0OTk5NTgyOQ%3D%3D
Request Chain 972
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJPUXmYjtUuOnEaEzHaoiis&google_cver=1
Request Chain 973
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODAyNGE5OTQtNjE4ZS0yYzIwLWYyYzUtYzVhODc2ZGNlZWU1
Request Chain 974
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEOKj7R-WFinTz5Hc50nymhM&google_cver=1
Request Chain 975
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NzIxOTU2ODUtMjNkZC00NDQ3LWIxYmUtYWNkZTQwYjhhYjQ5
Request Chain 977
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm HTTP 302
  • https://partners.tremorhub.com/sync?UIGL=CAESEOsD1grBzaKpkg9TmAvJxhw&google_cver=1
Request Chain 978
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEN4DB0J97z6c5-irA-NhCRI&google_cver=1
Request Chain 983
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS0za1hBOFBORTJ1RmdsclUzYUFyMWh2ZHBqaWY2SVlVRn5B
Request Chain 984
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm&google_dbm HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEDSrhUuB30fRmrXMbefgQn8&google_cver=1
Request Chain 985
  • https://ads.stickyadstv.com/user-matching?id=11 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=YjhiYjVkYjAzZGFiMmJiZGRkOTkzMzlkMWUxZTNlOTA=&gdpr=0&gdpr_consent=
Request Chain 986
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=68531A78-C812-44CF-A2C6-1C611A476111
Request Chain 991
  • https://match.sharethrough.com/universal/v1?supply_id=1UfPRnxS&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirectUri=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsharethrough%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=sharethrough&uid=2e7556fa-d433-4e40-9dcf-8adfe374e481&gdpr=0
Request Chain 995
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=1---&us_privacy=1---&khaos=LLAVGYIH-G-GET7 HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LLAVGYIH-G-GET7&us_privacy=1--- HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LLAVGYIH-G-GET7&ts=1692017405&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
Request Chain 996
  • https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=aGQZVP-FWKlwqApFxMElgCaEdkU
Request Chain 997
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=yZlHys2fRZ3SnBGbxssOmsbLEZjSnReanpR0BQqd
Request Chain 998
  • https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=casale HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=17c778fa-3aa1-11ee-969c-688d4aa15bb1
Request Chain 1002
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZNoi9Ggn7zBNSI16aEKdmQAADbsAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEPZqk2iPNgWd3K8DEkaAXDU&google_cver=1
Request Chain 1003
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48 HTTP 302
  • https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=d6b17afb-b9dc-4997-9b71-8ab66aac7c4f-64da22f6-5553&gdpr=0&gdpr_consent=
Request Chain 1005
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=minute_media&khaos=LLAVGYIH-G-GET7 HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21479&id=LLAVGYIH-G-GET7
Request Chain 1007
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=rise_engage&khaos=LLAVGYIH-G-GET7 HTTP 302
  • https://cs.yellowblue.io/cs?aid=11590&id=LLAVGYIH-G-GET7
Request Chain 1015
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=rise_engage&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Request Chain 1024
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://eb2.3lift.com/xuid?mid=3702&xuid=${ADELPHIC_CUID}&dongle=d54f&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3702&xuid=bd84f5ab-78b1-42b1-95ee-05bf6d810cd4&dongle=d54f&gdpr=0&gdpr_consent=
Request Chain 1025
  • https://ad.turn.com/r/cs?pid=49&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=4771&xuid=4086215225291572915&dongle=d407&gdpr=0&gdpr_consent=
Request Chain 1026
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=JJ-Bcr2ZgPSZovj0FZ9P&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5JJFC2QTDOIZFUZ2QKNNG65TKGBDFUOKQ&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5JJFC2QTDOIZFUZ2QKNNG65TKGBDFUOKQ
Request Chain 1027
  • https://sync.srv.stackadapt.com/sync?nid=13&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2319&xuid=0-68641954-ff85-58a9-70a8-0a45c4c12580$ip$38.132.118.69&dongle=4430
Request Chain 1030
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=83&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3646&xuid=d6b17afb-b9dc-4997-9b71-8ab66aac7c4f-64da22f6-5553&dongle=1fa5&gdpr=0&gdpr_consent=
Request Chain 1034
  • https://ssum.casalemedia.com/usermatchredir?s=190549&cb=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d17%26ev%3dfddb0e4239674cab881846b90d9a1b4b%26pname%3dIndex%26api-tier%3d1%26uid%3d&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=17&ev=fddb0e4239674cab881846b90d9a1b4b&pname=Index&api-tier=1&uid=ZNoi9Ggn7zBNSI16aEKdmQAA%263515
Request Chain 1035
  • https://match.prod.bidr.io/cookie-sync/connatix?redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d15%26ev%3dfddb0e4239674cab881846b90d9a1b4b%26pname%3dBeeswax%26api-tier%3d1%26uid%3d{userid}&gdpr=0 HTTP 303
  • https://cks.connatix.com/cks?pid=15&ev=fddb0e4239674cab881846b90d9a1b4b&pname=Beeswax&api-tier=1&uid=AABFCk7JtEYAACVAbz7Dsg&gdpr=0
Request Chain 1036
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gapzaid&ttd_tpi=1&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=19&uid=885e676c-3a70-45fe-acfc-e7ad294a43e8&ttl=1694609405
Request Chain 1037
  • https://ad.turn.com/r/cs?pid=67&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d21%26ev%3dfddb0e4239674cab881846b90d9a1b4b%26pname%3dAmobee%26api-tier%3d1%26uid%3D%23USER_ID%23&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=21&ev=fddb0e4239674cab881846b90d9a1b4b&pname=Amobee&api-tier=1&uid=4086215225291572915
Request Chain 1038
  • https://eb2.3lift.com/getuid?redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d25%26ev%3dfddb0e4239674cab881846b90d9a1b4b%26pname%3dTripleLift%26api-tier%3d1%26uid%3d%24UID&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=25&ev=fddb0e4239674cab881846b90d9a1b4b&pname=TripleLift&api-tier=1&uid=689661242672352996219
Request Chain 1039
  • https://secure.adnxs.com/getuid?https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d6%26ev%3dfddb0e4239674cab881846b90d9a1b4b%26pname%3dAppNexus%26api-tier%3d1%26uid%3d%24UID&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=6&ev=fddb0e4239674cab881846b90d9a1b4b&pname=AppNexus&api-tier=1&uid=6125384915149995829&gdpr=0
Request Chain 1040
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=19564_2&endpoint=us-east&gdpr=0 HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east&gdpr=0
Request Chain 1041
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3a%2f%2fcapi.connatix.com%2fcore%2fus%3fDemandPartner%3d37%26UserId%3dfddb0e4239674cab881846b90d9a1b4b%26DemandPartnerName%3d_33Across%26tier%3d1%26DemandPartnerUserId%3d33XUSERID33X&gdpr=0 HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3a%2f%2fcapi.connatix.com%2fcore%2fus%3fDemandPartner%3d37%26UserId%3dfddb0e4239674cab881846b90d9a1b4b%26DemandPartnerName%3d_33Across%26tier%3d1%26DemandPartnerUserId%3d33XUSERID33X&gdpr=0
Request Chain 1043
  • https://bh.contextweb.com/bh/rtset?pid=561340&daaqp=1&ev=1&rurl=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d13%26ev%3dfddb0e4239674cab881846b90d9a1b4b%26pname%3dPulsePoint%26api-tier%3d1%26uid%3d%25%25VGUID%25%25&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=13&ev=fddb0e4239674cab881846b90d9a1b4b&pname=PulsePoint&api-tier=1&uid=5TsF0pv5gg6c
Request Chain 1044
  • https://i.ctnsnet.com/int/cm?exc=24&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d28%26ev%3dfddb0e4239674cab881846b90d9a1b4b%26pname%3dCrimtan%26api-tier%3d1%26uid%3d%5Buser_id%5D&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=28&ev=fddb0e4239674cab881846b90d9a1b4b&pname=Crimtan&api-tier=1&uid=070766d5b6024d57be3bf3175c375e95
Request Chain 1045
  • https://csync.loopme.me/?redirect=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d18%26ev%3dfddb0e4239674cab881846b90d9a1b4b%26pname%3dLoopMe%26api-tier%3d1%26uid%3D%7Bdevice_id%7D%26pubid%3D11186&gdpr=0 HTTP 307
  • https://cks.connatix.com/cks?pid=18&ev=fddb0e4239674cab881846b90d9a1b4b&pname=LoopMe&api-tier=1&uid=d3b0ff90-af00-45c0-8b53-51476465188b&pubid=11186&gdpr=0
Request Chain 1047
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=105&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d9%26ev%3dfddb0e4239674cab881846b90d9a1b4b%26pname%3dCentro%26api-tier%3d1%26uid%3d{userId}&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=9&ev=fddb0e4239674cab881846b90d9a1b4b&pname=Centro&api-tier=1&uid=d6b17afb-b9dc-4997-9b71-8ab66aac7c4f-64da22f6-5553&gdpr=0
Request Chain 1049
  • https://ads.yieldmo.com/pbsync?is=smartnews&redirectUri=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d39%26ev%3dfddb0e4239674cab881846b90d9a1b4b%26pname%3dYieldMo%26api-tier%3d1%26uid%3D%24UID&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=39&ev=fddb0e4239674cab881846b90d9a1b4b&pname=YieldMo&api-tier=1&uid=3miJdzzTTJz59jIHRbNE&gdpr=0
Request Chain 1050
  • https://connatix-supply-partners.tremorhub.com/sync?UISCX=fddb0e4239674cab881846b90d9a1b4b&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d5%26ev%3dfddb0e4239674cab881846b90d9a1b4b%26pname%3dTelaria%26api-tier%3d1%26uid%3d%5bTVUSER_ID%5d&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=5&ev=fddb0e4239674cab881846b90d9a1b4b&pname=Telaria&api-tier=1&uid=ce073d04b8f7443b931f017feaf2089e
Request Chain 1051
  • https://ads.stickyadstv.com/user-matching?id=3672&_fw_gdpr=0&_fw_gdpr_consent=null&gdpr=0 HTTP 302
  • https://capi.connatix.com/core/us?DemandPartner=33&DemandPartnerName=FreeWheel&DemandPartnerUserId=ff903db512675bdfecee7da554e85&_fw_gdpr=0&_fw_gdpr_consent=null&gdpr=0
Request Chain 1053
  • https://sync.colossusssp.com/1a1c07e870d45c05896c3f9e9973d4b4.gif?puid=fddb0e4239674cab881846b90d9a1b4b&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d34%26ev%3dfddb0e4239674cab881846b90d9a1b4b%26pname%3dColossus%26api-tier%3d1%26uid%3D%5BUID%5D&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=34&ev=fddb0e4239674cab881846b90d9a1b4b&pname=Colossus&api-tier=1&uid=06bd7121-f814-4f9b-97d4-c7fa7b122477
Request Chain 1054
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d1%26ev%3dfddb0e4239674cab881846b90d9a1b4b%26pname%3dSundaySky%26api-tier%3d1%26uid%3d%24{ssky_uuid}&gdpr=0 HTTP 302
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d1%26ev%3dfddb0e4239674cab881846b90d9a1b4b%26pname%3dSundaySky%26api-tier%3d1%26uid%3d%24{ssky_uuid}&gdpr=0&_cvt=t HTTP 302
  • https://cks.connatix.com/cks?pid=1&ev=fddb0e4239674cab881846b90d9a1b4b&pname=SundaySky&api-tier=1&uid=d6.c6d18bf56ac3495a947d70c47ef8dd85
Request Chain 1055
  • https://sync.resetdigital.co/csync?pid=connatix&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d35%26ev%3dfddb0e4239674cab881846b90d9a1b4b%26pname%3dResetDigital%26api-tier%3d1%26uid%3D%24USER_ID&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=35&ev=fddb0e4239674cab881846b90d9a1b4b&pname=ResetDigital&api-tier=1&uid=00000109DACCAD8C
Request Chain 1056
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=connatix&cspid=25&append=0&cb=${ADELPHIC_CACHE_BUSTER}&redirect=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d29%26ev%3dfddb0e4239674cab881846b90d9a1b4b%26pname%3dAdelphic%26api-tier%3d1%26uid%3D%24%7BADELPHIC_CUID%7D&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=29&ev=fddb0e4239674cab881846b90d9a1b4b&pname=Adelphic&api-tier=1&uid=bd84f5ab-78b1-42b1-95ee-05bf6d810cd4
Request Chain 1057
  • https://sync.technoratimedia.com/services?srv=cs&source=connatix&uid=fddb0e4239674cab881846b90d9a1b4b&cb=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d26%26ev%3dfddb0e4239674cab881846b90d9a1b4b%26pname%3dSynacor%26api-tier%3d1%26uid%3D%5BUSER_ID%5D%26direct%3D1&gdpr=0 HTTP 307
  • https://cks.connatix.com/cks?pid=26&ev=fddb0e4239674cab881846b90d9a1b4b&pname=Synacor&api-tier=1&uid=2129E09A41B14F3196FBE4892007BDC9&direct=1 HTTP 302
  • https://capi.connatix.com/core/us?DemandPartner=26&DemandPartnerUserId=2129E09A41B14F3196FBE4892007BDC9&UserId=&tier=1
Request Chain 1058
  • https://us-u.openx.net/w/1.0/cm?id=7cf4c6c4-b915-4cbd-83cc-28c0f662a829&ph=51e220cb-8c97-4a65-b047-91c933b79b78&r=https%3a%2f%2fcapi.connatix.com%2fcore%2fus%3fDemandPartner%3d8%26UserId%3dfddb0e4239674cab881846b90d9a1b4b%26DemandPartnerName%3dOpenX%26tier%3d1%26DemandPartnerUserId%3d HTTP 302
  • https://capi.connatix.com/core/us?DemandPartner=8&UserId=fddb0e4239674cab881846b90d9a1b4b&DemandPartnerName=OpenX&tier=1&DemandPartnerUserId=60710af9-0165-4f6b-a934-3c2d28b54bfb
Request Chain 1060
  • https://capi.connatix.com/us/google/pixel?tier=1&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=connatix&google_hm=ZmRkYjBlNDIzOTY3NGNhYjg4MTg0NmI5MGQ5YTFiNGI&extra1=fddb0e4239674cab881846b90d9a1b4b&gdpr=0&google_redir=https%3a%2f%2fcapi.connatix.com%2fus%2fgoogle%2freport HTTP 302
  • https://capi.connatix.com/us/google/report?extra1=fddb0e4239674cab881846b90d9a1b4b&gdpr=0
Request Chain 1061
  • https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_46728c7c51484919aba18 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F4890%3Fgdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D50478a03-0398-43f7-86fc-e8df8347d808%26bidder%3Dpubmatic%26cbx%3DaHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9%26uid%3D68531A78-C812-44CF-A2C6-1C611A476111&us_privacy=%24%7BUS_PRIVACY%7D HTTP 302
  • https://prebid.a-mo.net/cchain/2/4890?gdpr=0&gdpr_consent=&gpp=&gpp_sid=&us_privacy=&A=50478a03-0398-43f7-86fc-e8df8347d808&bidder=pubmatic&cbx=aHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9&uid=68531A78-C812-44CF-A2C6-1C611A476111
Request Chain 1062
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=K2fFfi9hxykwYpMvJDWMLiQ1kywwY5UufGq4dhFk HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F4890%3Fgdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D50478a03-0398-43f7-86fc-e8df8347d808%26bidder%3Dpubmatic%26cbx%3DaHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9%26uid%3D68531A78-C812-44CF-A2C6-1C611A476111&us_privacy=%24%7BUS_PRIVACY%7D HTTP 302
  • https://prebid.a-mo.net/cchain/2/4890?gdpr=0&gdpr_consent=&gpp=&gpp_sid=&us_privacy=&A=50478a03-0398-43f7-86fc-e8df8347d808&bidder=pubmatic&cbx=aHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9&uid=68531A78-C812-44CF-A2C6-1C611A476111
Request Chain 1063
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F4890%3Fgdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D50478a03-0398-43f7-86fc-e8df8347d808%26bidder%3Dpubmatic%26cbx%3DaHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9%26uid%3D68531A78-C812-44CF-A2C6-1C611A476111&us_privacy=%24%7BUS_PRIVACY%7D HTTP 302
  • https://prebid.a-mo.net/cchain/2/4890?gdpr=0&gdpr_consent=&gpp=&gpp_sid=&us_privacy=&A=50478a03-0398-43f7-86fc-e8df8347d808&bidder=pubmatic&cbx=aHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9&uid=68531A78-C812-44CF-A2C6-1C611A476111
Request Chain 1064
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=aGQZVP-FWKlwqApFxMElgCaEdkU&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F4890%3Fgdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D50478a03-0398-43f7-86fc-e8df8347d808%26bidder%3Dpubmatic%26cbx%3DaHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9%26uid%3D68531A78-C812-44CF-A2C6-1C611A476111&us_privacy=%24%7BUS_PRIVACY%7D HTTP 302
  • https://prebid.a-mo.net/cchain/2/4890?gdpr=0&gdpr_consent=&gpp=&gpp_sid=&us_privacy=&A=50478a03-0398-43f7-86fc-e8df8347d808&bidder=pubmatic&cbx=aHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9&uid=68531A78-C812-44CF-A2C6-1C611A476111
Request Chain 1065
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:b7GxuppY1Qvx1d5&gdpr=0&gdpr_consent=
Request Chain 1066
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=4976a760-2c51-4709-ab97-9734bb064b72&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID} HTTP 302
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=68531A78-C812-44CF-A2C6-1C611A476111
Request Chain 1069
  • https://idsync.rlcdn.com/712188.gif?partner_uid=68531A78-C812-44CF-A2C6-1C611A476111&gdpr=0&gdpr_consent= HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEPdxJRs8PtM3FvV6x6ALtUk&google_cver=1
Request Chain 1072
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://t.pswec.com/bsw_sync?ssp=pubmatic&bsw_user_id=2ec00d2e-f53c-465e-92d3-2beaa816ca85 HTTP 302
  • https://t.pswec.com/ul_cb/bsw_sync?ssp=pubmatic&bsw_user_id=2ec00d2e-f53c-465e-92d3-2beaa816ca85 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=2&user_id=72e3f5f2-3329-4388-a3c9-21dc461f90f0&expires=3&user_group=1&ssp=pubmatic
Request Chain 1073
  • https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMTUmdGw9MTI5NjAw&piggybackCookie=cuid_12bd8522-3aa1-11ee-a1cc-125335d52042&gdpr=0
Request Chain 1074
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R35CAB_10765A342_12CAFEAE&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
  • https://pmp.mxptint.net/sn.ashx?ak=1
Request Chain 1075
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=d6b17afb-b9dc-4997-9b71-8ab66aac7c4f-64da22f6-5553&gdpr=0&gdpr_consent=
Request Chain 1106
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=969188718189332721
Request Chain 1108
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCRkNrN0p0RVlBQUNWQWJ6N0RzZw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AABFCk7JtEYAACVAbz7Dsg&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Csyn%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Csyn%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=8978801468337922557&gdpr=0&gdpr_consent= HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AABFCk7JtEYAACVAbz7Dsg&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D8978801468337922557%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dsyn%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=8978801468337922557&gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AABFCk7JtEYAACVAbz7Dsg&pid=558502&do=add&gdpr=0 HTTP 303
  • https://sync.technoratimedia.com/services?uid=AABFCk7JtEYAACVAbz7Dsg&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D8978801468337922557%26gdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4&gdpr=0 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=8978801468337922557&gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=4 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABFCk7JtEYAACVAbz7Dsg&gdpr=0 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 1109
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6125384915149995829&gdpr=0&gdpr_consent=
Request Chain 1110
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=17c778fa-3aa1-11ee-969c-688d4aa15bb1
Request Chain 1112
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=68531A78-C812-44CF-A2C6-1C611A476111&gdpr=0&gdpr_consent= HTTP 302
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=68531A78-C812-44CF-A2C6-1C611A476111&vxii_pid=12&vxii_pid1=10067&vxii_rcid=de765c3a-92e4-4cce-bc41-547a1c0e8c53
Request Chain 1116
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=bd84f5ab-78b1-42b1-95ee-05bf6d810cd4&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 1121
  • https://cks.connatix.com/cks?pid=24&ev=fddb0e4239674cab881846b90d9a1b4b&pname=IronSource&api-tier=1&uid=V83JJ1Ctkp_s&direct=1 HTTP 302
  • https://capi.connatix.com/core/us?DemandPartner=24&DemandPartnerUserId=V83JJ1Ctkp_s&UserId=&tier=1
Request Chain 1127
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=eplanning_east&khaos=LLAVGYIH-G-GET7 HTTP 302
  • https://sync.e-planning.net/um?uid=LLAVGYIH-G-GET7&dc=9bcc91305985f0db&iss=1
Request Chain 1130
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=68531A78-C812-44CF-A2C6-1C611A476111&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 1131
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 1132
  • https://ums.acuityplatform.com/tum?umid=6 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=813726672749 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 1133
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?piggybackCookie=OPUd1690377d3dc46cb9eb3608873b48e4b&vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA%3D HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 1134
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=74&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fmediamathtest%2F1508%2F%5BMM_UUID%5D%3Fzcc%3D0%26sspret%3D1&rndcb=446321056 HTTP 302
  • https://sync.1rx.io/usersync3/mediamathtest/1508/068264da-22f4-4000-ba14-d06cfa582d66?zcc=0&sspret=1 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-8473adf2-1b89-4704-a0af-ee0cafa92d52-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-8473adf2-1b89-4704-a0af-ee0cafa92d52-005 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-8473adf2-1b89-4704-a0af-ee0cafa92d52-005 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 1135
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=-DHGulrLAIK8IuaC_yLaZA
Request Chain 1137
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=5807dd2e-7334-4273-9a87-9d6a8300de61 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 1140
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7453038071703537949&uid=Q7453038071703537949&ref=%2Fepm HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7453038071703537949 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 1141
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:4F94844F4CC4401AB7330777BA793A74&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 1146
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:68531A78-C812-44CF-A2C6-1C611A476111 HTTP 302
  • https://io.narrative.io/?io.narrative.guid.v2=18afe3b0-3aa1-11ee-9828-02e4221a2b5f&companyId=673&id=pubmatic_id:68531A78-C812-44CF-A2C6-1C611A476111
Request Chain 1147
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6125384915149995829
Request Chain 1148
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:8a39a669-f6cd-41ae-a6c6-5b27ea24ed45&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 1155
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:68531A78-C812-44CF-A2C6-1C611A476111 HTTP 302
  • https://io.narrative.io/?io.narrative.guid.v2=18b736b0-3aa1-11ee-a591-0a3986670f6f&companyId=673&id=pubmatic_id:68531A78-C812-44CF-A2C6-1C611A476111
Request Chain 1157
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=68531A78-C812-44CF-A2C6-1C611A476111&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 1158
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 1159
  • https://ums.acuityplatform.com/tum?umid=6 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=813726672749 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 1160
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?piggybackCookie=OPUa9d32a8716fc4cd59006943d3734bedb&vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA%3D HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 1161
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=74&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fmediamathtest%2F1508%2F%5BMM_UUID%5D%3Fzcc%3D0%26sspret%3D1&rndcb=7562058531 HTTP 302
  • https://sync.1rx.io/usersync3/mediamathtest/1508/068264da-22f4-4000-ba14-d06cfa582d66?zcc=0&sspret=1 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-8473adf2-1b89-4704-a0af-ee0cafa92d52-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-8473adf2-1b89-4704-a0af-ee0cafa92d52-005 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-8473adf2-1b89-4704-a0af-ee0cafa92d52-005 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 1162
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=CCqSsgrGBoOSKSzh_yLaZA
Request Chain 1164
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6125384915149995829
Request Chain 1165
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=cad42cac-631a-45c5-8985-91c07a63aac8 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 1178
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7453038071703537949P HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 1179
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:4F94844F4CC4401AB7330777BA793A74&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 1180
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:8a39a669-f6cd-41ae-a6c6-5b27ea24ed45&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 1182
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=68531A78-C812-44CF-A2C6-1C611A476111 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=YWEwdmc3Nkg0b2tSUTY5NVlid2t2cGc5QQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D
Request Chain 1184
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=68531A78-C812-44CF-A2C6-1C611A476111&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=68531A78-C812-44CF-A2C6-1C611A476111&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 1185
  • https://pixel.onaudience.com/?partner=214&mapped=68531A78-C812-44CF-A2C6-1C611A476111&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Request Chain 1186
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-ozone&gdpr=0&gdpr_consent= HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=rubicon&uid=LLAVGYIH-G-GET7&gdpr=0
Request Chain 1188
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=rise_engage&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Request Chain 1190
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_86675a2e-1fa3-4d4a-8df3-7774f2fc0697&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=${user_id}&gdpr=&consent=&usp=&ssp=gumgum2&bsw=2ec00d2e-f53c-465e-92d3-2beaa816ca85
Request Chain 1191
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR%29
Request Chain 1195
  • https://cms.quantserve.com/pixel/p-VtN-a_yLd-GB-.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?gdpr=0&mid=5316&dongle=fa68&xuid=bRJKq2kUSPx2Fxz6YkAD-2JAHPl2Fhr7Oh9cm08-
Request Chain 1196
  • https://triplelift-match.dotomi.com/match/bounce/current?networkId=74572&version=1&gdpr=0&gdpr_consent= HTTP 302
  • https://triplelift-match.dotomi.com/match/bounce/current?DotomiTest=5f4a25781db9103b&is_secure=true&networkId=74572&version=1&gdpr=0&gdpr_consent=
Request Chain 1209
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1692017405586.5&ri=70&ru=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fcm%3Fid%3Dc6a5ba0d-ce02-41bd-a1ea-842c68bd5108%26ph%3D8f5ed5d4-642c-4222-968a-d709c87ac3c8%26us_privacy%3D%24%7BUS_PRIVACY%7D%26r%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D70%2526external_user_id%253D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Request Chain 1210
  • https://ssc-cms.33across.com/ps/?_=1692017405586.&ri=0015a00002y7TWTAA2&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3a%2f%2fcapi.connatix.com%2fcore%2fus%3fDemandPartner%3d37%26UserId%3dfddb0e4239674cab881846b90d9a1b4b%26DemandPartnerName%3d_33Across%26tier%3d1%26DemandPartnerUserId%3d33XUSERID33X HTTP 302
  • https://capi.connatix.com/core/us?DemandPartner=37&UserId=fddb0e4239674cab881846b90d9a1b4b&DemandPartnerName=_33Across&tier=1&DemandPartnerUserId=212236466587534
Request Chain 1211
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=f0v35ew&ttd_tpi=1&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps/?ri=102&ru=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fbidder_id%3D102%26ttl%3D1694609408%26external_user_id%3D885e676c-3a70-45fe-acfc-e7ad294a43e8
Request Chain 1212
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1692017405586.3&ri=2&ru=https%3A%2F%2Fssum-sec.casalemedia.com%2Fusermatchredir%3Fs%3D191740%26us_privacy%3D%24%7BUS_PRIVACY%7D%26cb%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D2%2526external_user_id%253D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191740&us_privacy=&cb=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D2%26external_user_id%3D
Request Chain 1213
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=104&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D45%26xu%3D%7BuserId%7D HTTP 302
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=45&xu=d6b17afb-b9dc-4997-9b71-8ab66aac7c4f-64da22f6-5553
Request Chain 1214
  • https://sync.srv.stackadapt.com/sync?nid=33across&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=120&xu=aGQZVP-FWKlwqApFxMElgCaEdkU
Request Chain 1215
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1692017405586.7&ri=90&ru=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D90%2526external_user_id%253D%2524UID HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D90%26external_user_id%3D%24UID
Request Chain 1229
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZNoi9cCo8X8AAGiFsigAAAAA
Request Chain 1232
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 1239
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://prebid-server.rubiconproject.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&account=&f=i&uid=6125384915149995829
Request Chain 1272
  • https://ads.stickyadstv.com/user-matching?id=3655&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=a8558a898a7f1d459a56776b82e5d936&_fw_gdpr=0&_fw_gdpr_consent=
Request Chain 1274
  • https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=0&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1692017406828-939026011029-001222-002-004076%26biddername%3D200%26key%3D%5BRX_UUID%5D HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-8473adf2-1b89-4704-a0af-ee0cafa92d52-005&rndcb=7723099221 HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dadconductor%26bsw_param%3D2ec00d2e-f53c-465e-92d3-2beaa816ca85%26gdpr%3D%26consent%3D%26gdpr_pd%3D%26expires%3D7
Request Chain 1275
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=aniview&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Request Chain 1276
  • https://ups.analytics.yahoo.com/ups/58543/occ?gdpr=0&gdpr_consent= HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?biddername=78&key=y-ka0IJ91E2uEn8mIOLyAuUA.dc8QajnFTWDzb2vs-~A&gdpr=0
Request Chain 1277
  • https://u.openx.net/w/1.0/cm?id=ec4c2ec9-18b8-454e-98be-3ee1e6bfea65&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1692017406828-939026011029-001222-002-004076%26biddername%3D23%26key%3D HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1692017406828-939026011029-001222-002-004076&biddername=23&key=f0c9e2f4-a0c8-4698-b246-2a0c386809b7
Request Chain 1278
  • https://bh.contextweb.com/bh/rtset?pid=562704&ev=1&us_privacy=1---&rurl=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1692017406828-939026011029-001222-002-004076%26biddername%3D10%26pid%3D59c9148628a0612da3689288%26key%3D%25%25VGUID%25%25 HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1692017406828-939026011029-001222-002-004076&biddername=10&pid=59c9148628a0612da3689288&key=5TsF0pv5gg6c&ev=1&us_privacy=1---&pid=562704
Request Chain 1281
  • https://csync.loopme.me/?pubid=11455&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1692017406828-939026011029-001222-002-004076%26biddername%3D56%26pid%3D59c9148628a0612da3689288%26key%3D%7Bdevice_id%7D HTTP 307
  • https://sync.aniview.com/cookiesyncendpoint?auid=1692017406828-939026011029-001222-002-004076&biddername=56&pid=59c9148628a0612da3689288&key=d3b0ff90-af00-45c0-8b53-51476465188b&gdpr_consent=null&gdpr=0
Request Chain 1282
  • https://ad.360yield.com/server_match?partner_id=1581&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1692017406828-939026011029-001222-002-004076%26biddername%3D22%26key%3D%7BPUB_USER_ID%7D HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1692017406828-939026011029-001222-002-004076&biddername=22&key=9ee49186-746a-4a99-b9ae-326ad01ba3bd
Request Chain 1283
  • https://ap.lijit.com/pixel?us_privacy=1---&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1692017406828-939026011029-001222-002-004076%26biddername%3D18%26key%3D%24UID HTTP 307
  • https://sync.aniview.com/cookiesyncendpoint?auid=1692017406828-939026011029-001222-002-004076&biddername=18&key=HJkhbLZHRtsgZLtNTqiinddP
Request Chain 1284
  • https://sync.technoratimedia.com/services?srv=cs&pid=70&uid=1692017406828-939026011029-001222-002-004076&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1692017406828-939026011029-001222-002-004076%26biddername%3D3%26key%3D%5BUSER_ID%5D HTTP 307
  • https://sync.aniview.com/cookiesyncendpoint?auid=1692017406828-939026011029-001222-002-004076&biddername=3&key=2129E09A41B14F3196FBE4892007BDC9
Request Chain 1285
  • https://ssp.disqus.com/redirectuser/?partner=aniview&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1692017406828-939026011029-001222-002-004076%26biddername%3D52%26key%3DBUYERUID HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1692017406828-939026011029-001222-002-004076&biddername=52&key=ua-232b251a-73f7-38d2-b385-866b557f8a46
Request Chain 1311
  • https://crb.kargo.com/api/v1/dsync/PrebidServer?gdpr=&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dkargo%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://prebid-server.rubiconproject.com/setuid?account=&bidder=kargo&f=i&uid=0b404d44-1ef0-08ca-124f-fb3dc2e750df&us_privacy=1---
Request Chain 1341
  • https://match.prod.bidr.io/cookie-sync/cri?r=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3dmDVgP18yJTJCWjFiUTFMSlRsRVBIWkxNUHZYMEZZRVdlWk1YOXM5TDJvUnlsb0w3cGclM0Q%26u%3d%24%7bUSER_ID%7d&gdpr=&consent=&us_privacy=1--- HTTP 303
  • https://ssp-sync.criteo.com/user-sync/match?p=mDVgP18yJTJCWjFiUTFMSlRsRVBIWkxNUHZYMEZZRVdlWk1YOXM5TDJvUnlsb0w3cGclM0Q&u=AABFCk7JtEYAACVAbz7Dsg&us_privacy=1---
Request Chain 1342
  • https://x.bidswitch.net/sync?ssp=criteo&custom_data=fWg7gF9oUWFCZDJtSmp1VktNaFUwQVgxNmZ4cWdmaHdZOEZRY3pTdkc5Ym5JRXlZJTNE&gdpr=&gdpr_consent=&us_privacy=1---&cr_user_id=k-0QhTtiZmUz-AGAn3HgYorfG9jDuID1LhgSPbMg HTTP 302
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=criteo&bsw_user_id=2ec00d2e-f53c-465e-92d3-2beaa816ca85&gdpr=&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=8759a31e-b0b9-4b35-8fbe-32318a0f4a18&ssp=criteo&us_privacy=1--- HTTP 302
  • https://ssp-sync.criteo.com/user-sync/match?p=fWg7gF9oUWFCZDJtSmp1VktNaFUwQVgxNmZ4cWdmaHdZOEZRY3pTdkc5Ym5JRXlZJTNE&u=2ec00d2e-f53c-465e-92d3-2beaa816ca85
Request Chain 1343
  • https://sync.taboola.com/sg/criteoscod/1/cm?redirect=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3dWqTgzF8lMkJPTktVbGlxUXZXOWNVbzAlMkZHS3gzVk43Mk00SzVuckUlMkIxUGdud25Sd2MwJTNE%26u%3d%3cTUID%3e&gdpr=&consent=&ccpa=1--- HTTP 302
  • https://ssp-sync.criteo.com/user-sync/match?p=WqTgzF8lMkJPTktVbGlxUXZXOWNVbzAlMkZHS3gzVk43Mk00SzVuckUlMkIxUGdud25Sd2MwJTNE&u=1fda57ea-2c09-4838-9cc1-26167d51b9d6-tuctbd3a878

1320 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/ 		350 KB
73 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx / WordPress VIP <https://wpvip.com>
Resource Hash
cff827c81126b56d0b40cfc60568c2d57c348199f5e438aa23dc0bee17b099c4
Security Headers
Name Value
Content-Security-Policy frame-ancestors nypost.com decider.com pagesix.com *.nypost.com *.decider.com *.pagesix.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
0
cache-control
private, no-store
content-encoding
gzip
content-security-policy
frame-ancestors nypost.com decider.com pagesix.com *.nypost.com *.decider.com *.pagesix.com
content-type
text/html; charset=UTF-8
date
Mon, 14 Aug 2023 12:49:51 GMT
host-header
a9130478a60e5f9135f765b23f26593b
link
<https://nypost.com/wp-json/>; rel="https://api.w.org/" <https://nypost.com/wp-json/wp/v2/article/26570027>; rel="alternate"; type="application/json" <https://wp.me/pb3Qpq-1Nu4P>; rel=shortlink
referrer-policy
no-referrer-when-downgrade
server
nginx
strict-transport-security
max-age=31536000
x-cache
miss
x-content-type-options
nosniff
x-hacker
If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by
WordPress VIP <https://wpvip.com>
x-rq
mia6 96 185 443
x-xss-protection
1; mode=block
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b97b49ee323dbccf9a13f15fa3d93188d01681652d52b1ed40ad00c32dfb0513
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 14 Aug 2023 12:49:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
X1C0PY0lSDg1JSpsyFxfYA==
age
23754
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
6837
x-ms-lease-status
unlocked
last-modified
Thu, 10 Aug 2023 17:49:49 GMT
server
cloudflare
etag
0x8DB99CA31A90166
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
28d0050c-401e-003e-51c3-cbaefc000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7f6951fcbba08dfc-MIA
otCCPAiab.js
cdn.cookielaw.org/opt-out/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/opt-out/otCCPAiab.js
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 14 Aug 2023 12:49:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
ERttG9+iQk1LCPjR495NRw==
age
61945
x-ms-lease-status
unlocked
last-modified
Tue, 22 Feb 2022 22:01:18 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
84ed10d5-601e-00ec-3ce1-5ad09f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
7f6951fcbba48dfc-MIA
features
zephr-v4.nypost.com/zephr/ 		994 B
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://zephr-v4.nypost.com/zephr/features
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-97.jfk50.r.cloudfront.net
Software
/
Resource Hash
19325d3afc6878dcf98e05f964704dc833dd37872e8fcf216944e84fede6bf47

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Origin
https://nypost.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
via
1.1 8fd21502425077e617fde7325b45e112.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P2
x-cache
Miss from cloudfront
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://nypost.com
cache-control
public, max-age=300
access-control-allow-credentials
true
access-control-allow-headers
Accept,Origin,Keep-Alive,Content-Type,User-Agent,Referer,Accept-Language,Cookie,Authorization,Cache-Control,Expires,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
content-length
994
x-amz-cf-id
LHuZSZ9n_B9w2NVH8G2A-U_oc_rqdF5BagCmyWZOFOzFvhmc1dIjLg==
alt-svc
h3=":443"; ma=86400
x-blaize-request
8b8eec
style.min.css
nypost.com/wp-includes/css/dist/block-library/ 		87 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.5
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 08 Aug 2023 19:46:08 GMT
server
nginx
x-rq
mia6 96 185 443
etag
W/"64d29b80-15b64"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
mediaelementplayer-legacy.min.css
nypost.com/wp-includes/js/mediaelement/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 08 Aug 2023 19:46:09 GMT
server
nginx
x-rq
mia6 96 184 443
etag
W/"64d29b81-2bf8"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
wp-mediaelement.min.css
nypost.com/wp-includes/js/mediaelement/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.0.5
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 08 Aug 2023 19:46:09 GMT
server
nginx
x-rq
mia6 96 184 443
etag
W/"64d29b81-105a"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
blocks-betting-offer.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/ 		2 KB
661 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/blocks-betting-offer.min.css?ver=506e4289e234fa7d1e6e
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
4d098860773d68c5d80ac5f428b3c1d0ed991cb1f89964c20d059cb645aa4494
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Mon, 14 Aug 2023 12:25:58 GMT
server
nginx
x-rq
mia6 96 185 443
etag
W/"64da1d56-810"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
blocks-button.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/ 		2 KB
677 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/blocks-button.min.css?ver=485aae0a7d4797d574b2
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ad5f11dd00d48d6058bb7ab44edeb643ccb1c0ad2fc53703f3e898ef0229b681
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 08 Aug 2023 18:47:49 GMT
server
nginx
x-rq
mia6 96 185 443
etag
W/"64d28dd5-734"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
blocks-primary-tag.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/ 		3 KB
772 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/blocks-primary-tag.min.css?ver=2095240209ab01170f25
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
54884e22a5a776b6c7eb41ae0e119b2ac1d2ba8765b063811b485dea1b8de946
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 08 Aug 2023 18:47:49 GMT
server
nginx
x-rq
mia6 96 184 443
etag
W/"64d28dd5-b4e"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
blocks-gracenote.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/ 		407 B
454 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/blocks-gracenote.min.css?ver=e14766e71f4a13f3eccf
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
617bf1c27e03853ae5fa288ae5361889fc49736672164dbfd2007a2dcb8be86b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
strict-transport-security
max-age=31536000
x-rq
mia6 96 184 443
last-modified
Tue, 08 Aug 2023 18:47:49 GMT
server
nginx
etag
"64d28dd5-197"
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
407
blocks-info-box.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/ 		547 B
335 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/blocks-info-box.min.css?ver=e92b9bdd54c7de473092
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
c9cef747eb759ceb172aaaba4857e1f3a31c5894e7448dd79818ef717ec94bd2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 08 Aug 2023 18:47:49 GMT
server
nginx
x-rq
mia6 96 185 443
etag
W/"64d28dd5-223"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
blocks-newsletter.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/ 		4 KB
981 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/blocks-newsletter.min.css?ver=ee21e174c64000100858
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
9ed96d3023e9f7b4ec4992578c70790583f41d3dbcca81f6e3f6d73a4889ab84
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 08 Aug 2023 18:47:49 GMT
server
nginx
x-rq
mia6 96 185 443
etag
W/"64d28dd5-10af"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
blocks-syndicated.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/ 		1 KB
381 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/blocks-syndicated.min.css?ver=ea3ec80c5a5f53db4a7d
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
c86554a8933a7bdf79a3d3ec72511c6091be0487cfef52a044214d68697dcff5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 08 Aug 2023 18:47:49 GMT
server
nginx
x-rq
mia6 96 185 443
etag
W/"64d28dd5-440"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
blocks-related-post.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/ 		527 B
262 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/blocks-related-post.min.css?ver=13402fe7adddf5c419bd
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
683245d5f3f9976ce066aa5d899f8c533bec2ab49b9a848f1d19825c0b791566
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 08 Aug 2023 18:47:49 GMT
server
nginx
x-rq
mia6 96 185 443
etag
W/"64d28dd5-20f"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
blocks-review.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/ 		1 KB
434 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/blocks-review.min.css?ver=93261f10d9603bc13f66
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
badbcf045249cc5d9eab597c09eac8e1e4cac6d32f71d0b73213411bec24040e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 08 Aug 2023 18:47:49 GMT
server
nginx
x-rq
mia6 96 185 443
etag
W/"64d28dd5-422"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
blocks-comments.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/ 		623 B
357 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/blocks-comments.min.css?ver=1dd1ff8e10da3469e479
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
451ce2bcc056a9985c7d83a91689076e08450f9f5375b3f35ee6a6ff454eb6a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 08 Aug 2023 18:47:49 GMT
server
nginx
x-rq
mia6 96 184 443
etag
W/"64d28dd5-26f"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
blocks-promo.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/ 		2 KB
563 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/blocks-promo.min.css?ver=dca3d1af0bf12da27c67
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1d5efa1877ba09128cd3c07a1c9e9e0b2f7579817311cfd00b01a835d32634a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 08 Aug 2023 18:47:49 GMT
server
nginx
x-rq
mia6 96 184 443
etag
W/"64d28dd5-734"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
widget.subscribe.css
nypost.com/wp-content/plugins/sailthru-wordpress-plugin/css/ 		2 KB
822 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/plugins/sailthru-wordpress-plugin/css/widget.subscribe.css?ver=6.0.5
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
262fbcc7922dfabfbb72c1c366ae208230efbed08f7fc16988db51650c1e01ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 08 Aug 2023 18:47:49 GMT
server
nginx
x-rq
mia6 96 185 443
etag
W/"64d28dd5-9a1"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
recirc.min.css
nypost.com/wp-content/plugins/nyp-recirc/build/css/ 		2 KB
803 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/plugins/nyp-recirc/build/css/recirc.min.css?ver=b50428f5e89b697b6c1e
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ea357f83d664cad122bc4aab4ab4d5e966972214a90544afb22706ed97b43653
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Fri, 19 May 2023 14:48:56 GMT
server
nginx
x-rq
mia6 96 184 443
etag
W/"64678c58-9c3"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
social-logos.min.css
nypost.com/wp-content/mu-plugins/jetpack-11.3/_inc/social-logos/ 		12 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/mu-plugins/jetpack-11.3/_inc/social-logos/social-logos.min.css?ver=11.3.2
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
b958e0f47861dde13a175cc69494bdb54f08e2b5e78cecf6abd16470d2085257
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 08 Aug 2023 10:12:51 GMT
server
nginx
x-rq
mia6 96 185 443
etag
W/"64d21523-2f4a"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
pb.js
us.tags.newscgp.com/prod/prebid/nyp/ 		848 KB
199 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://us.tags.newscgp.com/prod/prebid/nyp/pb.js?ver=1.0.2
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.63.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-36.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c0ad59f0282aaa7c2d10cd1fe948a7dcf079a9ae79d13e2a3951dc27525e60df

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 11:54:00 GMT
Content-Encoding
gzip
Via
1.1 8ab0aef6448b5ee7c8ac1a76da988556.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
EWR53-C1
Age
3353
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Fri, 23 Jun 2023 22:37:37 GMT
Server
AmazonS3
ETag
W/"d6e7f50ca8193e4be84b65d8892e5b11"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=3600
X-Amz-Cf-Id
hijEsQKlHl6YhLOJScM7EmX8bZTIwhdjdr8MIDbtkDPKQHEKbreG7A==
tag
btloader.com/
Redirect Chain
  • https://nypost-com.videoplayerhub.com/galleryplayer.js?ver=1.0.0
  • https://btloader.com/tag?h=nypost-com&upapi=true
15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?h=nypost-com&upapi=true
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Server
2606:4700:20::681a:78b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95b2d6fb2f2a0963f8f0747d2468674f04561a3a76fad3ac4d26233e5a03417b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 14 Aug 2023 12:14:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2029
etag
W/"de439a104b33d529e4f5032879ce4901"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WWGHeCuijU8hZBwd7Tw7%2F6lf6yM6eqslkM7DgFWvzQ9ptIzFbdlPnffP1RqXpJkA%2FxFFAlZF977ZfKo5n5jzV0TFC0m67qPPgg1wtULLjJVD2ZQZltA7TSQTxLpfXW%2FQJOXLNOltIw%2BO3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray
7f6952005b9a2577-MIA

Redirect headers

date
Mon, 14 Aug 2023 12:49:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qtt9miUvup8QrazzQ0vhYgL9fxYxw3Gf8bO1tBp0ECOFNiqrqffcbax1Rufpr2t84vvFDA1PTtxqDo5zQPQD3FNUwVaTvngLRQpvs3FR3QfYaDQ1v0uY6NTTN%2FAFPlFw5bB5Is3S46BYR3Tg3UVf9AOPj4ipTr1ghsgf"}],"group":"cf-nel","max_age":604800}
location
https://btloader.com/tag?h=nypost-com&upapi=true
cache-control
max-age=3600
cf-ray
7f6951ff7acadb2d-MIA
expires
Mon, 14 Aug 2023 13:49:52 GMT
spm.v1.min.js
ak.sail-horizon.com/spm/ 		98 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ak.sail-horizon.com/spm/spm.v1.min.js?ver=6.0.5
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-126.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8c67d47496a8af1f4c99a350ababf131661cf111a02460c5e9f6d9539db481c3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:41:14 GMT
content-encoding
gzip
via
1.1 bb230469f03d4df9d78eb6119c0e0ccc.cloudfront.net (CloudFront)
last-modified
Wed, 28 Jun 2023 16:11:15 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P8
age
519
x-amz-server-side-encryption
AES256
etag
W/"6f6b3838a24066fc24338c58c675bb27"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=600; must-revalidate
x-amz-cf-id
pcywbLAf-NWgHWzhgGg7MIguqaC6e--Yvy7mHyDbCIFPnsRWAlsoZQ==
jquery.min.js
nypost.com/wp-includes/js/jquery/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 08 Aug 2023 19:46:09 GMT
server
nginx
x-rq
mia6 96 185 443
etag
W/"64d29b81-15db1"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
jquery-migrate.min.js
nypost.com/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 08 Aug 2023 19:46:09 GMT
server
nginx
x-rq
mia6 96 185 443
etag
W/"64d29b81-2bd8"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
tag.js
nypost.com/wp-content/plugins/sailthru-wordpress-plugin/js/ 		603 B
321 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/plugins/sailthru-wordpress-plugin/js/tag.js?ver=6.0.5
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e7efcd6d780141149d6cfa70470b4518d2e4cbb421bc21d76df611f6b2969587
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 08 Aug 2023 18:47:49 GMT
server
nginx
x-rq
mia6 96 184 443
etag
W/"64d28dd5-25b"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
widget.subscribe.js
nypost.com/wp-content/plugins/sailthru-wordpress-plugin/js/ 		2 KB
757 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/plugins/sailthru-wordpress-plugin/js/widget.subscribe.js?ver=1.0.0
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
b7e6db8dfe79e6581a5accc07438706f2ff043bc6f9cb4f61f549a4f5d0ee4e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 08 Aug 2023 18:47:49 GMT
server
nginx
x-rq
mia6 96 185 443
etag
W/"64d28dd5-622"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
vendor-dompurify.bundle.js
nypost.com/wp-content/themes/nypost-2016/client/build/js/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/js/vendor-dompurify.bundle.js?ver=7a769f1ea2277539e74a
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
affe42e5878cb6a6d888d239d3a3f211f395539eba2813a8bba74593dcc50107
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 08 Aug 2023 18:47:49 GMT
server
nginx
x-rq
mia6 96 184 443
etag
W/"64d28dd5-5060"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
global-assets.bundle.js
nypost.com/wp-content/themes/nypost-2016/client/build/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/js/global-assets.bundle.js?ver=1d380f710089696b9b00
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
72240431a4500e77bdceda6f08efa1355b6a3c1e73dcf34a62d49b5d4e4e0de7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Mon, 14 Aug 2023 12:25:58 GMT
server
nginx
x-rq
mia6 96 185 443
etag
W/"64da1d56-1328"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
header-footer.bundle.js
nypost.com/wp-content/themes/nypost-2016/client/build/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/js/header-footer.bundle.js?ver=51319387dd635cf2f21d
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
819dcb4ae19b3c27e3374d9fa37ed58caaaaf3b897a9d80bf4046f3765da89f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 10 Aug 2023 16:18:08 GMT
server
nginx
x-rq
mia6 96 184 443
etag
W/"64d50dc0-30f2"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
analytics.bundle.js
nypost.com/wp-content/themes/nypost-2016/client/build/js/ 		2 KB
949 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/js/analytics.bundle.js?ver=2734bcbd86a747a8f8f1
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
9ff8115a8f6c859f92cb418452ea76522b583f1cc5bad5c93ff9fb290741acfc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Mon, 14 Aug 2023 12:25:58 GMT
server
nginx
x-rq
mia6 96 185 443
etag
W/"64da1d56-74c"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
zephr.bundle.js
nypost.com/wp-content/themes/nypost-2016/client/build/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/js/zephr.bundle.js?ver=41473408724f45207d69
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
411c8ac2a8c4eb17f5f1d0d9419a21235a8dbb20b4fcd49d8dde46ed9178298d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 08 Aug 2023 18:47:49 GMT
server
nginx
x-rq
mia6 96 184 443
etag
W/"64d28dd5-1f34"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
templates-shared-article-like.bundle.js
nypost.com/wp-content/themes/nypost-2016/client/build/js/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/js/templates-shared-article-like.bundle.js?ver=84b8722927f6005545f3
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
4981cbe7a8a46d1c7a4ad33997a79af6109859f31e75462376fdf7414b2f745c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Mon, 14 Aug 2023 12:25:58 GMT
server
nginx
x-rq
mia6 96 184 443
etag
W/"64da1d56-4706"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
templates-shared-article-like-scripts.bundle.js
nypost.com/wp-content/themes/nypost-2016/client/build/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/js/templates-shared-article-like-scripts.bundle.js?ver=8843cebf4c8b044c8d69
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3017b3f985322807ef10a31db7d60d1009a9a3d7a49da9cb996b5d220785704
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 10 Aug 2023 16:18:08 GMT
server
nginx
x-rq
mia6 96 185 443
etag
W/"64d50dc0-e3d"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
templates-shared-interior-with-sidebar.bundle.js
nypost.com/wp-content/themes/nypost-2016/client/build/js/ 		0
35 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/js/templates-shared-interior-with-sidebar.bundle.js?ver=f1da12d770724a568e79
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
strict-transport-security
max-age=31536000
x-rq
mia6 96 184 443
last-modified
Tue, 08 Aug 2023 18:47:49 GMT
server
nginx
etag
"64d28dd5-0"
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
0
membership-shared.bundle.js
nypost.com/wp-content/themes/nypost-2016/client/build/js/ 		0
22 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/js/membership-shared.bundle.js?ver=24f7074e7dc2f3dceae9
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
strict-transport-security
max-age=31536000
x-rq
mia6 96 184 443
last-modified
Tue, 08 Aug 2023 18:47:49 GMT
server
nginx
etag
"64d28dd5-0"
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
0
membership-nypost.bundle.js
nypost.com/wp-content/themes/nypost-2016/client/build/js/ 		0
22 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/js/membership-nypost.bundle.js?ver=e4d437a63cbbf5dddaac
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
strict-transport-security
max-age=31536000
x-rq
mia6 96 184 443
last-modified
Tue, 08 Aug 2023 18:47:49 GMT
server
nginx
etag
"64d28dd5-0"
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
0
regenerator-runtime.min.js
nypost.com/wp-includes/js/dist/vendor/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 08 Aug 2023 19:46:09 GMT
server
nginx
x-rq
mia6 96 184 443
etag
W/"64d29b81-194b"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
wp-polyfill.min.js
nypost.com/wp-includes/js/dist/vendor/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
6fecb89a29ee2bd397bb1bf58ecaa530a76f0654db71fadefd3cc70b0bc302bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 08 Aug 2023 19:46:09 GMT
server
nginx
x-rq
mia6 96 184 443
etag
W/"64d29b81-4ac6"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
hooks.min.js
nypost.com/wp-includes/js/dist/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 08 Aug 2023 19:46:09 GMT
server
nginx
x-rq
mia6 96 184 443
etag
W/"64d29b81-132e"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
i18n.min.js
nypost.com/wp-includes/js/dist/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1dc4b29dd0acbed77ec2fd81036c33efd4ab5989e8182705a30615a00a0117f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 08 Aug 2023 19:46:09 GMT
server
nginx
x-rq
mia6 96 185 443
etag
W/"64d29b81-27ee"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
bc-video.js
nypost.com/wp-content/themes/nypost-2016/plugins/brightcove/build/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/plugins/brightcove/build/bc-video.js?ver=fff68af0505af779fefa
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
bbc0bb3ee4ba3973f8abe9088c583feda6b51644e2256de9c22ad04b0ea30f78
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Mon, 05 Dec 2022 17:33:12 GMT
server
nginx
x-rq
mia6 96 185 443
etag
W/"638e2b58-a29"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
config
platform.datazoom.io/beacon/v1/ 		62 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.datazoom.io/beacon/v1/config?configuration_id=d6ee0345-1775-424f-9589-5be490675ddc&ver=731dbefa1f90243b01b5
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.197.65.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-197-65-5.compute-1.amazonaws.com
Software
/
Resource Hash
7e6d8425e323a908a2c90d047c45e0bc2073f86d2508c04908af805adbb34486

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
content-length
63432
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/javascript
jwdatazoom.bundle.min.js
nypost.com/wp-content/plugins/nyp-video-player/build/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/plugins/nyp-video-player/build/jwdatazoom.bundle.min.js?ver=731dbefa1f90243b01b5
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
d62735077645cd3c421d34a4b49456bb9f1d0dbc3223e3a1f4f77428a65c6a4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 08 Aug 2023 18:47:49 GMT
server
nginx
x-rq
mia6 96 185 443
etag
W/"64d28dd5-16e9"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
6c0f8417-b563-477c-8b00-33914cb4600e.json
cdn.cookielaw.org/consent/6c0f8417-b563-477c-8b00-33914cb4600e/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/6c0f8417-b563-477c-8b00-33914cb4600e/6c0f8417-b563-477c-8b00-33914cb4600e.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7e43dd04a274a58748ea704967748907767444d6a04c9abfe7fc84b1aabec9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 14 Aug 2023 12:49:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
76253
content-md5
QO4nX2ubfiE2GmZA8fzEcQ==
content-length
1762
x-ms-lease-status
unlocked
last-modified
Fri, 14 Jul 2023 15:37:25 GMT
server
cloudflare
etag
0x8DB8480390ACDFF
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
49a2cfd4-801e-0003-5b69-b6dbe1000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7f6951fd6e810a1a-MIA
expires
Tue, 15 Aug 2023 12:49:52 GMT
dnsfeed
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 		77 B
246 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/dnsfeed
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1d26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccd4b7b0f1ec42c1de66868b52d5f571c70211ade3dd1ac1dc2487777bba880b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
cf-ray
7f6951ffcaf367ea-MIA
vary
Accept-Encoding
content-type
text/javascript
pyz4pvc.css
use.typekit.net/ 		2 KB
873 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/pyz4pvc.css?ver=fff68af0505af779fefa
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8252 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
6f8b2b91c0a7c18a0eafd67bcaa80fdb350695ecc4d866f71728c74a8f886598
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Mon, 14 Aug 2023 12:49:52 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
650
global-assets.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/ 		88 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/global-assets.min.css?ver=63b45ff786592c163d0d
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
8434a17ad06183830bb3d064f158ed2166f9d2032e698b3d5236c299dcf8d4a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 08 Aug 2023 18:47:49 GMT
server
nginx
x-rq
mia6 96 184 443
etag
W/"64d28dd5-15f70"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
header-footer.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/ 		25 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/header-footer.min.css?ver=d5c1cf6d247924efa80d
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f4ef110f0003697ab6e2ed17072688e2e2530108fc9606930b7c5ec26aac54d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 08 Aug 2023 18:47:49 GMT
server
nginx
x-rq
mia6 96 184 443
etag
W/"64d28dd5-632b"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
blocks-core.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/ 		18 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/blocks-core.min.css?ver=56dba66099e8b2243450
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
65875d6e79bb192aca56647ef342b576d35e8c94bfcba84c61fb4e43892a9f44
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 08 Aug 2023 18:47:49 GMT
server
nginx
x-rq
mia6 96 185 443
etag
W/"64d28dd5-485e"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
zephr.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/ 		659 B
327 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/zephr.min.css?ver=efd9343055a8fc1e222f
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
4f32d102a1a3f45bac46140601a6f5d47e1a3e9711cbdc9f942e751f3354f2a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 08 Aug 2023 18:47:49 GMT
server
nginx
x-rq
mia6 96 185 443
etag
W/"64d28dd5-293"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
templates-shared-article-like.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/ 		19 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/templates-shared-article-like.min.css?ver=a527000ff0634f02c6f8
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
238a8058cd2844737df29521746c33e40c565822858a01e7ff33d4b8f14e3b57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Mon, 14 Aug 2023 12:25:58 GMT
server
nginx
x-rq
mia6 96 185 443
etag
W/"64da1d56-4a0f"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
templates-shared-article-like-scripts.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/ 		1 KB
530 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/templates-shared-article-like-scripts.min.css?ver=d2089e79aeab63db1ae4
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
9dd7f3509b0c04a53f7a60edd65fd4dafd9c5c8723ba3296de33dacb56e21ff2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 08 Aug 2023 18:47:49 GMT
server
nginx
x-rq
mia6 96 185 443
etag
W/"64d28dd5-411"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
templates-shared-interior-with-sidebar.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/ 		6 KB
903 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/templates-shared-interior-with-sidebar.min.css?ver=b8713a21f33c2d02f664
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
4e1dd78ad69fc4a0df1f0edb67f6c10bcbf16057588c2b6f7535930e967ef742
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 08 Aug 2023 18:47:49 GMT
server
nginx
x-rq
mia6 96 185 443
etag
W/"64d28dd5-16c2"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
membership-shared.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/ 		208 KB
51 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/membership-shared.min.css?ver=08167c8786e529ce9199
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
000a321a18985f99a6a890dd4159de196edc13d6515caf2163eec03f13da5b4c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Mon, 14 Aug 2023 12:25:58 GMT
server
nginx
x-rq
mia6 96 185 443
etag
W/"64da1d56-33eb6"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
membership-nypost.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/ 		55 B
101 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/membership-nypost.min.css?ver=8ab12ff3fda0296e33bb
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
b5f3bbe93348fab76879e3ab81573722f59275cac4ea155a61cc1c23d8e12491
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
strict-transport-security
max-age=31536000
x-rq
mia6 96 184 443
last-modified
Tue, 08 Aug 2023 18:47:49 GMT
server
nginx
etag
"64d28dd5-37"
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
55
wp-emoji-release.min.js
nypost.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.5
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 08 Aug 2023 19:46:09 GMT
server
nginx
x-rq
mia6 96 185 443
etag
W/"64d29b81-48b9"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		68 B
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1d26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71cfd0bf781e3f393bca283fc9d44777a2036985a4ffe9abedf14909e63a8aef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
7f6951ffcd0c67d2-MIA
access-control-allow-headers
Content-Type
lux.js
cdn.speedcurve.com/js/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.speedcurve.com/js/lux.js?id=263325431
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
b0b194afde199899744b6db2211b80757e330a6df4d6e08174896ef70d5d11ad

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Origin
https://nypost.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-cache-hits
8
date
Mon, 14 Aug 2023 12:49:52 GMT
via
1.1 vegur, 1.1 varnish
content-encoding
gzip
age
237
x-cache
HIT
content-length
8026
x-served-by
cache-mia-kmia1760072-MIA
last-modified
Mon, 14 Aug 2023 12:45:55 GMT
server
Apache
x-timer
S1692017393.555275,VS0,VE0
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 21 Aug 2023 12:45:55 GMT
v2csnUsFoH1XR1oW51-C6NQBdGmIS6hRimi-eyRebi0VRmqDrwM_hCHQ
rebelhen.com/ 		68 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rebelhen.com/v2csnUsFoH1XR1oW51-C6NQBdGmIS6hRimi-eyRebi0VRmqDrwM_hCHQ
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7416::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
ed33f38634e7d613e789f82e2bfa7f5a02d303ba5244b199e02057ce29ff7d2b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
via
1.1 google
date
Mon, 14 Aug 2023 12:49:52 GMT
x-datacenter
gce-us-east1
etag
"e0d6d065f560320d96f7b6e39232918186c0f45f4c2924cee6a54f4b534d3163"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-us-east1-test-jrrc
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
x-buildnumber
960914163
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
flbuttons.min.js
cdn.flipboard.com/web/buttons/js/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flipboard.com/web/buttons/js/flbuttons.min.js
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26fa:de00:e:5a70:ca40:93a1 , United States, ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f039e32c9e62cd2acc5bf02dec7282686e6f41be6b01bfa249f9590cda747cba

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:00:27 GMT
content-encoding
gzip
via
1.1 6c1e463b1907685097cce9e63f1cf75a.cloudfront.net (CloudFront)
last-modified
Wed, 23 Dec 2020 17:43:48 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1608743508/ctime:1608745368/gid:1000/gname:ubuntu/md5:e9b04ad509ffb00302d9625f75774548/mode:33204/mtime:1608745368/uid:1000/uname:ubuntu
x-amz-cf-pop
JFK52-P1
age
2966
etag
W/"e9b04ad509ffb00302d9625f75774548"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/html
x-amz-cf-id
G9KZu6htj9lIqdVBBmEi2jDvJiIwam3K-gv03ke5l5lK6Sv5SsNzFQ==
GettyImages-1250879704.jpg
nypost.com/wp-content/uploads/sites/2/2023/04/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nypost.com/wp-content/uploads/sites/2/2023/04/GettyImages-1250879704.jpg?resize=1024,683&quality=75&strip=all
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
50bbb78df62c9dbd228de33144c858b58d9d802d313bfe402c07f86358fd529f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
strict-transport-security
max-age=31536000
x-rq
mia6 86 167 443
last-modified
Mon, 14 Aug 2023 12:49:52 GMT
server
nginx
etag
"e4da7a8faf153405"
vary
Accept
x-cache
MISS
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
30148
sp_Sx8YukwE
launcher.spot.im/spot/ 		90 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://launcher.spot.im/spot/sp_Sx8YukwE
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-5.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
42ba599a32bbce10ef02456dd2e2a709a4794b3ebe6cfc9a77bfb381eb3e93a5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
xBTqXPClkFGl58oqBbQxSlZB9ewHy3fn
content-encoding
br
via
1.1 f512c993e98a951737226d483474a2dc.cloudfront.net (CloudFront)
date
Mon, 14 Aug 2023 12:46:06 GMT
x-amz-cf-pop
JFK50-P8
age
236
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
22924
last-modified
Mon, 07 Aug 2023 13:18:55 GMT
server
AmazonS3
etag
"7be535066bd943b60d5ea0da69c223db"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=300
accept-ranges
bytes
x-amz-cf-id
51JPRGn8uPTi917jwXuciIZ4VY0q32PlZpSW3Lc4XsurYVAK3s2JuA==
truncated
/ 		291 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
771676df0a22e07f73f7710292ec29b573ac81f5c107ae4d3527071d98343fd9

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		404 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5662149034f5fd127ca3fac155c369590a333672567f6d75983f58984d0b7d7b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/svg+xml
fox-business.png
nypost.com/wp-content/uploads/sites/2/2016/08/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nypost.com/wp-content/uploads/sites/2/2016/08/fox-business.png
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
51251da9ac6de8910cac8e22942cb3d10fba93e8043488356937e29a50c7e9af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
strict-transport-security
max-age=31536000
x-rq
mia6 86 215 443
last-modified
Mon, 06 Feb 2023 14:37:21 GMT
server
nginx
etag
"e3dd9af03b271cc2"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
11966
shutterstock_2031724010.jpg
nypost.com/wp-content/uploads/sites/2/2023/04/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nypost.com/wp-content/uploads/sites/2/2023/04/shutterstock_2031724010.jpg?resize=1024,537&quality=75&strip=all
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
5f1a4f7d4aa6440bacf7075c3edf0c9e528ffdfdf9c93e05518ca770571280bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
strict-transport-security
max-age=31536000
x-rq
mia6 80 130 443
last-modified
Mon, 14 Aug 2023 12:49:52 GMT
server
nginx
etag
"3803d92924509a15"
vary
Accept
x-cache
MISS
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
17604
newspress-collage-zrr3ntlul-1691987026206.jpg
nypost.com/wp-content/uploads/sites/2/2023/08/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nypost.com/wp-content/uploads/sites/2/2023/08/newspress-collage-zrr3ntlul-1691987026206.jpg?resize=260,174&quality=75&strip=all
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
8c987a719729aa82c4a08540bf76cac86e2f5a1f8308d09a86a8d5e40a67e6d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
strict-transport-security
max-age=31536000
x-rq
mia6 86 83 443
last-modified
Mon, 14 Aug 2023 04:38:23 GMT
server
nginx
etag
"1cfec5af06da855a"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
8156
Untitled-1-19.jpg
nypost.com/wp-content/uploads/sites/2/2023/08/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nypost.com/wp-content/uploads/sites/2/2023/08/Untitled-1-19.jpg?resize=260,174&quality=75&strip=all
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f15ab02c5171c6d22996ab19b4bdc00770fd7e65861d79d3135745fa03b1a7c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
strict-transport-security
max-age=31536000
x-rq
mia6 80 130 443
last-modified
Mon, 14 Aug 2023 11:08:30 GMT
server
nginx
etag
"2bd0cefc6de83ac9"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
6752
newspress-collage-ophmsneyg-1691980223588.jpg
nypost.com/wp-content/uploads/sites/2/2023/08/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nypost.com/wp-content/uploads/sites/2/2023/08/newspress-collage-ophmsneyg-1691980223588.jpg?resize=260,174&quality=75&strip=all
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
8db6e3c575dc902ed301e2881857692e57cf58e39aef9d08ba42fda30b5ccb2b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
strict-transport-security
max-age=31536000
x-rq
mia6 87 107 443
last-modified
Mon, 14 Aug 2023 03:12:29 GMT
server
nginx
etag
"be4f7a556060fe30"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
9272
amazon-box.gif
nypost.com/wp-content/uploads/sites/2/2023/08/ 		95 KB
95 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nypost.com/wp-content/uploads/sites/2/2023/08/amazon-box.gif?resize=260,174
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
fc33ea1cd5e782e1f281be9d85ef5ab2cd7f8effb98798e1f9015fd3f6a4eeb4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
strict-transport-security
max-age=31536000
x-rq
mia6 86 167 443
last-modified
Wed, 09 Aug 2023 18:28:08 GMT
server
nginx
vary
Accept
x-cache
HIT
content-type
image/gif
cache-control
max-age=31536000
accept-ranges
bytes
content-length
96889
NYPICHPDPICT000021847289.jpg
nypost.com/wp-content/uploads/sites/2/2023/08/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nypost.com/wp-content/uploads/sites/2/2023/08/NYPICHPDPICT000021847289.jpg?quality=80&strip=all&crop=1&w=341&h=227
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
04f9dc4a97b243e2f7e3240f4d963593cc553c20fdf0fc947cb0ff8f5973bfe5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
strict-transport-security
max-age=31536000
x-rq
mia6 80 130 443
last-modified
Mon, 14 Aug 2023 04:37:47 GMT
server
nginx
etag
"bba1bb831eee04e8"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
10212
newspress-collage-zrr3ntlul-1691987026206.jpg
nypost.com/wp-content/uploads/sites/2/2023/08/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nypost.com/wp-content/uploads/sites/2/2023/08/newspress-collage-zrr3ntlul-1691987026206.jpg?quality=75&strip=all&1691972673&crop=1&w=341&h=227
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
77c4f0e931302d1c5d4af4a62100dc120f96b769fe8fe5f018ae21f99c6908e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
strict-transport-security
max-age=31536000
x-rq
mia6 86 83 443
last-modified
Mon, 14 Aug 2023 07:48:34 GMT
server
nginx
etag
"4110845620b4874b"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
11790
vip-powered-dark-small.png
nypost.com/wp-content/mu-plugins/vip-helpers/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nypost.com/wp-content/mu-plugins/vip-helpers/images/vip-powered-dark-small.png?ver=20220317
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
b0b26fb8e1318f612e7bc978307f18fc79b93bc58e8b7311eed80de7b21e45ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
strict-transport-security
max-age=31536000
x-rq
mia6 96 184 443
last-modified
Tue, 01 Aug 2023 09:24:43 GMT
server
nginx
etag
"64c8cf5b-849"
x-cache
HIT
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
2121
gtm.js
www.googletagmanager.com/ 		251 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TWX9Z9
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2008 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
66a53a93258f8769021ef1a57531ae151994d2c6203656479bf51ff3c39b3ac7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85014
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 14 Aug 2023 12:49:52 GMT
p.js
d1z2jf7jlzjs58.cloudfront.net/ 		930 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1z2jf7jlzjs58.cloudfront.net/p.js
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.164.131.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-131-120.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 08:53:23 GMT
Via
1.1 d5b1e30b6413a7f5a2c9efa2afce8170.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
JFK50-P7
Age
14189
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
930
Pragma
public
Last-Modified
Wed, 06 May 2020 20:19:48 GMT
Server
nginx
ETag
"5eb31be4-3a2"
Content-Type
application/javascript
Cache-Control
max-age=86400, public
Accept-Ranges
bytes
X-Amz-Cf-Id
8SQtLyTonc1ZuqGXzgM8XSYjQrGm8qiR74_SdXEPPUt3O5Oyi1Vsag==
Expires
Tue, 15 Aug 2023 08:53:23 GMT
widgets-trending-now.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/ 		147 B
208 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/widgets-trending-now.min.css?ver=076276e6785623ca6c64
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
fa34a2e5ec9044ed1dc5bf38ec8144a0dcdf4abf25476015a0c4f3b36fa55d01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
strict-transport-security
max-age=31536000
x-rq
mia6 96 185 443
last-modified
Tue, 08 Aug 2023 18:47:49 GMT
server
nginx
etag
"64d28dd5-93"
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
147
widgets-zone.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/ 		150 B
204 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/widgets-zone.min.css?ver=c1164bad1db18aa03da7
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
199e4835af79f304e97b71d6bd8c6e970c7d03c607f8b2cec52cc93ae73b5ab4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
strict-transport-security
max-age=31536000
x-rq
mia6 96 184 443
last-modified
Tue, 08 Aug 2023 18:47:49 GMT
server
nginx
etag
"64d28dd5-96"
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
150
widgets-now-on.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/ 		313 B
392 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/widgets-now-on.min.css?ver=03912148b6c389630fef
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
d49d25a875c1d1762e5ef7b96b771c64139c0aef85ce501c421e501242e1f98b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
strict-transport-security
max-age=31536000
x-rq
mia6 96 185 443
last-modified
Tue, 08 Aug 2023 18:47:49 GMT
server
nginx
etag
"64d28dd5-139"
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
313
widgets-custom-posts.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/ 		68 B
138 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/widgets-custom-posts.min.css?ver=75abc065377d1031b344
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
510bad5273617bc2a9e70742b2228b4164f3e48623822da557d1ef9102b81eb1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
strict-transport-security
max-age=31536000
x-rq
mia6 96 184 443
last-modified
Tue, 08 Aug 2023 18:47:49 GMT
server
nginx
etag
"64d28dd5-44"
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
68
nyp-video-player-styles.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/ 		1 KB
573 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/nyp-video-player-styles.min.css?ver=c90c7427526152820d4d
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
876ed8d39144369bb5e9bc3bd83516efcc6fd763970926f6ef46485dc818c6d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 08 Aug 2023 18:47:49 GMT
server
nginx
x-rq
mia6 96 185 443
etag
W/"64d28dd5-5ec"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
lux.js
cdn.speedcurve.com/js/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.speedcurve.com/js/lux.js?id=263325431
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
b0b194afde199899744b6db2211b80757e330a6df4d6e08174896ef70d5d11ad

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Origin
https://nypost.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-cache-hits
9
date
Mon, 14 Aug 2023 12:49:52 GMT
via
1.1 vegur, 1.1 varnish
content-encoding
gzip
age
237
x-cache
HIT
content-length
8026
x-served-by
cache-mia-kmia1760072-MIA
last-modified
Mon, 14 Aug 2023 12:45:55 GMT
server
Apache
x-timer
S1692017393.754140,VS0,VE0
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 21 Aug 2023 12:45:55 GMT
flbuttons.min.js
cdn.flipboard.com/web/buttons/js/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flipboard.com/web/buttons/js/flbuttons.min.js
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26fa:de00:e:5a70:ca40:93a1 , United States, ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f039e32c9e62cd2acc5bf02dec7282686e6f41be6b01bfa249f9590cda747cba

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:00:27 GMT
content-encoding
gzip
via
1.1 6c1e463b1907685097cce9e63f1cf75a.cloudfront.net (CloudFront)
last-modified
Wed, 23 Dec 2020 17:43:48 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1608743508/ctime:1608745368/gid:1000/gname:ubuntu/md5:e9b04ad509ffb00302d9625f75774548/mode:33204/mtime:1608745368/uid:1000/uname:ubuntu
x-amz-cf-pop
JFK52-P1
age
2966
etag
W/"e9b04ad509ffb00302d9625f75774548"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/html
x-amz-cf-id
TJymJNfF_G1NgXUWJg5Rb_OA_qQ6vLBM8dYdXtHuHC5cRagtwKCx1A==
GettyImages-1250879704.jpg
nypost.com/wp-content/uploads/sites/2/2023/04/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nypost.com/wp-content/uploads/sites/2/2023/04/GettyImages-1250879704.jpg?resize=1024,683&quality=75&strip=all
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
50bbb78df62c9dbd228de33144c858b58d9d802d313bfe402c07f86358fd529f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:53 GMT
strict-transport-security
max-age=31536000
x-rq
mia6 86 167 443
last-modified
Mon, 14 Aug 2023 12:49:52 GMT
server
nginx
etag
"e4da7a8faf153405"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
30148
sp_Sx8YukwE
launcher.spot.im/spot/ 		90 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://launcher.spot.im/spot/sp_Sx8YukwE
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-5.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
42ba599a32bbce10ef02456dd2e2a709a4794b3ebe6cfc9a77bfb381eb3e93a5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
xBTqXPClkFGl58oqBbQxSlZB9ewHy3fn
content-encoding
br
via
1.1 f512c993e98a951737226d483474a2dc.cloudfront.net (CloudFront)
date
Mon, 14 Aug 2023 12:46:06 GMT
x-amz-cf-pop
JFK50-P8
age
236
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
22924
last-modified
Mon, 07 Aug 2023 13:18:55 GMT
server
AmazonS3
etag
"7be535066bd943b60d5ea0da69c223db"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=300
accept-ranges
bytes
x-amz-cf-id
AlocJWY-fP9QzPkhXhNk5LWp1UU9pSeENdDOAfTYUeXf_s4EPPIteA==
jw-player-floatingPlayerDesktop.min.css
nypost.com/wp-content/plugins/nyp-video-player/build/css/ 		134 B
198 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/plugins/nyp-video-player/build/css/jw-player-floatingPlayerDesktop.min.css?ver=116ab7db761d50067ed8
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
042f7f2584ad7ef059a8a04fe074f4f1ef875d8ba45fd73580e0224106debbc0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
strict-transport-security
max-age=31536000
x-rq
mia6 96 185 443
last-modified
Tue, 08 Aug 2023 18:47:49 GMT
server
nginx
etag
"64d28dd5-86"
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
134
app.bundle.min.js
nypost.com/wp-content/plugins/nyp-zephr/build/ 		296 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/plugins/nyp-zephr/build/app.bundle.min.js?ver=fff68af0505af779fefa
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
b70e9c4d8ea372379c91a7a856c2b2e575ad5023f91328e82fddb43a96cb64e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 08 Aug 2023 18:47:49 GMT
server
nginx
x-rq
mia6 96 185 443
etag
W/"64d28dd5-4a141"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
main.bundle.min.js
nypost.com/wp-content/plugins/nyp-membership/build/ 		732 KB
214 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/plugins/nyp-membership/build/main.bundle.min.js?ver=990eeb4a409ae03a5bf4
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
916a731948a8256dfdbf64295c028cf715b7efef269147fd1d35c11cac98e1c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Mon, 14 Aug 2023 12:25:58 GMT
server
nginx
x-rq
mia6 96 185 443
etag
W/"64da1d56-b7168"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
blocks-related-video.bundle.js
nypost.com/wp-content/themes/nypost-2016/client/build/js/ 		1 KB
688 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/js/blocks-related-video.bundle.js?ver=0d4d1b6aabfcc8a940fc
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
9b5482933146ef854dc6abdb4fe947ff1479d8e79f27d486bb9803bae120dae7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 10 Aug 2023 16:18:08 GMT
server
nginx
x-rq
mia6 96 185 443
etag
W/"64d50dc0-4bd"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
recirc-outbrain.bundle.min.js
nypost.com/wp-content/plugins/nyp-recirc/build/ 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/plugins/nyp-recirc/build/recirc-outbrain.bundle.min.js?ver=ecaf3bc8510b675893e3
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
3e1e2b7f832fcd87fbe0e12fdb8d310dea53ef4e2444f1921f409517808621b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Fri, 19 May 2023 14:48:56 GMT
server
nginx
x-rq
mia6 96 185 443
etag
W/"64678c58-700d"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
spddoyds.js
cdn.jwplayer.com/libraries/ 		119 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jwplayer.com/libraries/spddoyds.js?ver=6.0.5
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:7600:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
adbd50d0835f016d0fc7236f10550879e0a0cad7c552904a74f60c3d2b73b42f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:47:48 GMT
content-encoding
gzip
via
1.1 978e367a2ce2a1259e8f24bc2370ca50.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
EWR53-C1
age
124
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=180
x-robots-tag
noindex, indexifembedded
content-length
44843
x-amz-cf-id
-9_ig1mfj448E5HGNilPSwi3ntZopv2jZOUMzUXjl6nvz6u35-bJVw==
widgets-zone.bundle.js
nypost.com/wp-content/themes/nypost-2016/client/build/js/ 		0
24 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/js/widgets-zone.bundle.js?ver=c4a2c8a6199c4d89e1e9
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
strict-transport-security
max-age=31536000
x-rq
mia6 96 185 443
last-modified
Tue, 08 Aug 2023 18:47:49 GMT
server
nginx
etag
"64d28dd5-0"
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
0
nyp-show-ads.bundle.js
nypost.com/wp-content/themes/nypost-2016/client/build/js/ 		28 B
75 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/js/nyp-show-ads.bundle.js?ver=869dd293421c93317414
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
37619e5369a3825b83c19196aa81cbe8e25a28ffad018fd9667af11c6b4838ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
strict-transport-security
max-age=31536000
x-rq
mia6 96 185 443
last-modified
Tue, 08 Aug 2023 18:47:49 GMT
server
nginx
etag
"64d28dd5-1c"
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
28
sharing.min.js
nypost.com/wp-content/mu-plugins/jetpack-11.3/_inc/build/sharedaddy/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/mu-plugins/jetpack-11.3/_inc/build/sharedaddy/sharing.min.js?ver=11.3.2
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
9eff412c1198930f1d219490894e17733ccd8b992e9ddb7546971f783c00431e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 08 Aug 2023 10:12:51 GMT
server
nginx
x-rq
mia6 96 185 443
etag
W/"64d21523-2145"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
e-202333.js
stats.wp.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202333.js
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-minify-cache
hit
x-nc
HIT mia
date
Mon, 14 Aug 2023 12:49:52 GMT
content-encoding
br
server
nginx
x-minify
t
etag
W/13576-1684460849464.9626
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Mon, 12 Aug 2024 16:02:44 GMT
conversion.js
www.googleadservices.com/pagead/ 		49 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.66 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
acd67ad087fc6061dfdc4fb2c4ac89fb1cde0654225885b81a889dcbf75141d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18400
x-xss-protection
0
server
cafe
etag
8482130582040313580
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 14 Aug 2023 12:49:52 GMT
NYPICHPDPICT000021858641.jpg
pagesix.com/wp-content/uploads/sites/3/2023/08/ 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagesix.com/wp-content/uploads/sites/3/2023/08/NYPICHPDPICT000021858641.jpg?quality=90&strip=all&w=1024
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
685f3b9aa3522188ab3cfec3d88b949641c26b3297e965b6a0cfd8343cde3a6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
strict-transport-security
max-age=31536000
x-rq
mia6 80 86 443
last-modified
Mon, 14 Aug 2023 12:35:02 GMT
server
nginx
etag
"98f67c0929848be4"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
75336
THE-PROBLEMATICS-Risky-Business.jpg
decider.com/wp-content/uploads/2023/08/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://decider.com/wp-content/uploads/2023/08/THE-PROBLEMATICS-Risky-Business.jpg?quality=90&strip=all&w=322&h=215&crop=1
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.184 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
0db06895e7209c5b0ec1f4fa71a2ec9e03d9d5ee74d998725d4025d3dbe2309c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
strict-transport-security
max-age=31536000
x-rq
mia3 80 130 443
last-modified
Sat, 05 Aug 2023 16:15:32 GMT
server
nginx
etag
"c54c3c55e8e3f4b4"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
20216
global-assets.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/ 		88 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/global-assets.min.css?ver=63b45ff786592c163d0d
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
8434a17ad06183830bb3d064f158ed2166f9d2032e698b3d5236c299dcf8d4a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 08 Aug 2023 18:47:49 GMT
server
nginx
x-rq
mia6 96 184 443
etag
W/"64d28dd5-15f70"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
header-footer.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/ 		25 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/header-footer.min.css?ver=d5c1cf6d247924efa80d
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f4ef110f0003697ab6e2ed17072688e2e2530108fc9606930b7c5ec26aac54d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 08 Aug 2023 18:47:49 GMT
server
nginx
x-rq
mia6 96 184 443
etag
W/"64d28dd5-632b"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
blocks-core.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/ 		18 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/blocks-core.min.css?ver=56dba66099e8b2243450
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
65875d6e79bb192aca56647ef342b576d35e8c94bfcba84c61fb4e43892a9f44
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 08 Aug 2023 18:47:49 GMT
server
nginx
x-rq
mia6 96 185 443
etag
W/"64d28dd5-485e"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
zephr.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/ 		659 B
312 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/zephr.min.css?ver=efd9343055a8fc1e222f
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
4f32d102a1a3f45bac46140601a6f5d47e1a3e9711cbdc9f942e751f3354f2a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 08 Aug 2023 18:47:49 GMT
server
nginx
x-rq
mia6 96 185 443
etag
W/"64d28dd5-293"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
templates-shared-article-like.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/ 		19 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/templates-shared-article-like.min.css?ver=a527000ff0634f02c6f8
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
238a8058cd2844737df29521746c33e40c565822858a01e7ff33d4b8f14e3b57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Mon, 14 Aug 2023 12:25:58 GMT
server
nginx
x-rq
mia6 96 185 443
etag
W/"64da1d56-4a0f"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
templates-shared-article-like-scripts.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/ 		1 KB
515 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/templates-shared-article-like-scripts.min.css?ver=d2089e79aeab63db1ae4
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
9dd7f3509b0c04a53f7a60edd65fd4dafd9c5c8723ba3296de33dacb56e21ff2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 08 Aug 2023 18:47:49 GMT
server
nginx
x-rq
mia6 96 185 443
etag
W/"64d28dd5-411"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
templates-shared-interior-with-sidebar.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/ 		6 KB
901 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/templates-shared-interior-with-sidebar.min.css?ver=b8713a21f33c2d02f664
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
4e1dd78ad69fc4a0df1f0edb67f6c10bcbf16057588c2b6f7535930e967ef742
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 08 Aug 2023 18:47:49 GMT
server
nginx
x-rq
mia6 96 185 443
etag
W/"64d28dd5-16c2"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
membership-nypost.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/ 		55 B
100 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/membership-nypost.min.css?ver=8ab12ff3fda0296e33bb
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
b5f3bbe93348fab76879e3ab81573722f59275cac4ea155a61cc1c23d8e12491
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
strict-transport-security
max-age=31536000
x-rq
mia6 96 184 443
last-modified
Tue, 08 Aug 2023 18:47:49 GMT
server
nginx
etag
"64d28dd5-37"
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
55
membership-shared.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/ 		208 KB
51 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/membership-shared.min.css?ver=08167c8786e529ce9199
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
000a321a18985f99a6a890dd4159de196edc13d6515caf2163eec03f13da5b4c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Mon, 14 Aug 2023 12:25:58 GMT
server
nginx
x-rq
mia6 96 185 443
etag
W/"64da1d56-33eb6"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
truncated
/ 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0c66fcbd005b49322f31177cd407cb74dbcca28d8dd197efc3aa2e754e724450

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		500 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
20b7efe8486155db01ea1304479465917360eb8fec4092f7592b5eabc9b24d53

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		144 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bbf903684c94e204498e6645da2359da42517d09a3d9c330f43e9c66fa58b5b7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		419 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ba0e4777ade6e76d319d95ffe9cf484ea240834e319431ff6b0a2a09bd2e3107

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		607 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fa7791fec913342ea73faacc4e2b72f72e264b8d305946ddd559384bf4d124a1

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
569570d532fa6c2737ee3dccac947e9f02fbb9dde932e4f704d7ba37ca0fc7f1

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		353 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4808c8e8e2350265366b6e9b590043f18be423649ffdfaaa4a87c4edc2961d5b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		342 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
538be4d0f583d206b41eaf40ba202b642d3b7bca07ad734c834ef7ad8d13a700

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/svg+xml
button_3_bg-2.png
nypost.com/wp-content/uploads/sites/2/2023/02/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nypost.com/wp-content/uploads/sites/2/2023/02/button_3_bg-2.png?resize=231,45
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
73d3b0665c9ba0323fbadb5cd70a07ec2fdd1a7b2e550709a93c2a51027cfa15
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
strict-transport-security
max-age=31536000
x-rq
mia6 80 130 443
last-modified
Wed, 22 Feb 2023 16:52:01 GMT
server
nginx
etag
"103516fc588dae37"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
2882
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.39.0/ 		372 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ba033e6cb25fa6e20186d6d8113cc3821028b7891c93eebe671b75f6eebc3f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 14 Aug 2023 12:49:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Zp/CcrZmK7hQ2S6c/t9Tpw==
age
75944
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
90454
x-ms-lease-status
unlocked
last-modified
Fri, 26 Aug 2022 16:31:04 GMT
server
cloudflare
etag
0x8DA87805EB35DE2
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
526a626c-301e-007c-66e1-5a45d3000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7f6952006f918dfc-MIA
datalayer
zephr-v4.nypost.com/blaize/ 		61 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://zephr-v4.nypost.com/blaize/datalayer
Requested by
Host: nypost.com
URL: https://nypost.com/wp-content/plugins/nyp-membership/build/main.bundle.min.js?ver=990eeb4a409ae03a5bf4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.139.29.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-97.jfk50.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
application/json
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
via
1.1 45c692e896f6d5351f0f0a998ed4f588.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P2
x-cache
Error from cloudfront
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=86400
content-length
61
x-amz-cf-id
jNLj7XD5ex1hDcWaWjERoAGL5LKu4-dsHYSkQiUMvw8imVFRisNwBQ==
access-control-allow-headers
Accept,Origin,Keep-Alive,Content-Type,User-Agent,Referer,Accept-Language,Cookie,Authorization,Cache-Control,Expires,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
1630.4430baf296cafac9c7ab.bundle.min.js
nypost.com/wp-content/plugins/nyp-membership/build/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/plugins/nyp-membership/build/1630.4430baf296cafac9c7ab.bundle.min.js
Requested by
Host: nypost.com
URL: https://nypost.com/wp-content/plugins/nyp-membership/build/main.bundle.min.js?ver=990eeb4a409ae03a5bf4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a610a6a0c31cde4c57235319e2d87775c6edce8a7f34481da6b4566bb7c07501
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Mon, 14 Aug 2023 12:25:57 GMT
server
nginx
x-rq
mia6 96 185 443
etag
W/"64da1d55-8d0"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
5908.a28d8b1e605ac3e463e4.bundle.min.js
nypost.com/wp-content/plugins/nyp-membership/build/ 		605 B
485 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/plugins/nyp-membership/build/5908.a28d8b1e605ac3e463e4.bundle.min.js
Requested by
Host: nypost.com
URL: https://nypost.com/wp-content/plugins/nyp-membership/build/main.bundle.min.js?ver=990eeb4a409ae03a5bf4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
81fc1c1ca2aa23d5506d7e002e111e2ec455f7450c19707578f47b1c1d9c7f8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Mon, 14 Aug 2023 12:25:58 GMT
server
nginx
x-rq
mia6 96 185 443
etag
W/"64da1d56-25d"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
1706.e6b638d560f3f9c5fb0e.bundle.min.js
nypost.com/wp-content/plugins/nyp-membership/build/ 		618 B
497 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/plugins/nyp-membership/build/1706.e6b638d560f3f9c5fb0e.bundle.min.js
Requested by
Host: nypost.com
URL: https://nypost.com/wp-content/plugins/nyp-membership/build/main.bundle.min.js?ver=990eeb4a409ae03a5bf4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a793fd23a65e3aab644ce22fe8d78afb22e1e1b1237de32265dad49d3fd9823f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Mon, 14 Aug 2023 12:25:57 GMT
server
nginx
x-rq
mia6 96 185 443
etag
W/"64da1d55-26a"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
p.css
p.typekit.net/ 		5 B
172 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=pyz4pvc&ht=tk&f=39500.39501&a=738589&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/pyz4pvc.css?ver=fff68af0505af779fefa
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8252 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://use.typekit.net/pyz4pvc.css?ver=fff68af0505af779fefa
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
last-modified
Fri, 14 Jul 2023 12:43:54 GMT
server
nginx
etag
"64b1430a-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
decision-engine
zephr-v4.nypost.com/zephr/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://zephr-v4.nypost.com/zephr/decision-engine
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-97.jfk50.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://nypost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Origin,Keep-Alive,Content-Type,User-Agent,Referer,Accept-Language,Cookie,Authorization,Cache-Control,Expires,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
access-control-allow-methods
POST,PUT,PATCH,GET,DELETE,OPTIONS,HEAD
access-control-allow-origin
https://nypost.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Mon, 14 Aug 2023 12:49:52 GMT
via
1.1 8fd21502425077e617fde7325b45e112.cloudfront.net (CloudFront)
x-amz-cf-id
yx_X6sLZmqHx3Ixy87eASDMU1_gMuVKjmU1qwgudHDEG_C7Ok_RPNg==
x-amz-cf-pop
JFK50-P2
x-cache
Miss from cloudfront
plans
nypost.com/wp-json/nyp-membership/v1/ 		4 KB
954 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-json/nyp-membership/v1/plans
Requested by
Host: nypost.com
URL: https://nypost.com/wp-content/plugins/nyp-membership/build/main.bundle.min.js?ver=990eeb4a409ae03a5bf4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
8b400107ca6b7f71beac6707606d13af2ee13a8f52451d076f612e161f978834
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
age
240
x-cache
hit
content-length
622
x-rq
mia6 96 185 443
server
nginx
allow
GET
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
cache-control
max-age=300
accept-ranges
bytes
x-robots-tag
noindex
link
<https://nypost.com/wp-json/>; rel="https://api.w.org/"
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
decision-engine
zephr-v4.nypost.com/zephr/ 		266 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://zephr-v4.nypost.com/zephr/decision-engine
Requested by
Host: nypost.com
URL: https://nypost.com/wp-content/plugins/nyp-membership/build/main.bundle.min.js?ver=990eeb4a409ae03a5bf4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.139.29.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-97.jfk50.r.cloudfront.net
Software
/
Resource Hash
9fa030bd8c5330c2e8e981e3449f052b5bdf950bf9bd955d93e0c02518805ca8

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
via
1.1 45c692e896f6d5351f0f0a998ed4f588.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P2
x-cache
Miss from cloudfront
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=86400
content-length
266
x-amz-cf-id
OQJCbxmvMsKuMGBVN6b8hQxCPfBg7HKQwfIQPgX8-Vi-6xa-7nUh7g==
access-control-allow-headers
Accept,Origin,Keep-Alive,Content-Type,User-Agent,Referer,Accept-Language,Cookie,Authorization,Cache-Control,Expires,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
x-blaize-request
fffffffff6e258d6
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6Leg3vIiAAAAAByX7xhKbJS8ZzblWErZEWeeILD1&hl=en
Requested by
Host: nypost.com
URL: https://nypost.com/wp-content/plugins/nyp-membership/build/main.bundle.min.js?ver=990eeb4a409ae03a5bf4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2004 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
12f2773027db7060e60253f6d7a8d6143d079965de1b3257f34c9d350e089762
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
863
x-xss-protection
1; mode=block
expires
Mon, 14 Aug 2023 12:49:53 GMT
prebidrtdclient.js
warp.media.net/js/tags/ 		115 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warp.media.net/js/tags/prebidrtdclient.js?cid=8CU3I8M1G&dn=nypost.com
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/prebid/nyp/pb.js?ver=1.0.2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.36.23 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-36-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
711b60d9fc0432c82dfdc3785366c3bfb2278a511d6fd772d9918390ddc4e642
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
date
Mon, 14 Aug 2023 12:49:53 GMT
server
Apache
etag
18011594405055459531
vary
Accept-Encoding
x-mnet-h
E
content-type
text/javascript; charset=utf-8
cache-control
max-age=1800
content-length
37640
expires
Mon, 14 Aug 2023 13:19:53 GMT
clear.gif
cdn.flipboard.com/dev_O/ 		43 B
472 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flipboard.com/dev_O/clear.gif?utm_source=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26fa:de00:e:5a70:ca40:93a1 , United States, ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 11:59:13 GMT
via
1.1 6c1e463b1907685097cce9e63f1cf75a.cloudfront.net (CloudFront)
last-modified
Wed, 23 Dec 2020 17:41:53 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1608745226/ctime:1608745224/gid:20/gname:staff/md5:ad4b0f606e0f8465bc4c4c170b37e1a3/mode:33188/mtime:1608745180/uid:501/uname:greg
x-amz-cf-pop
JFK52-P1
age
3041
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
43
x-amz-cf-id
okZSlAaCO6vCZgAHJG2ZgSxxao-H7AcPHuEIdtHseUocdD0tyrtk7A==
events
direct-events-collector.spot.im/api/v2/ 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://direct-events-collector.spot.im/api/v2/events?stream_name=init
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_Sx8YukwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-91.jfk50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 14 Aug 2023 12:49:53 GMT
via
1.1 b4bbc10bb9b68293dc88560c2ddfcc2c.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P4
x-amz-cf-id
CXXUASQz9JYGd14Teg1sS3cM6rL9y0cl8zIrFOKKdOWtHMwaYJOYxw==
x-cache
Miss from cloudfront
386-bundle.js
static-cdn.spot.im/production/launcher/tags/v3.8.1/launcher/ 		65 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/launcher/tags/v3.8.1/launcher/386-bundle.js
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_Sx8YukwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.66 , United States, ASN (),
Reverse DNS
server-18-173-219-66.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
65d907d1b8033445e8bc4e7b6576892a78df5b8228e0cb23682e121373fca82b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 09:15:23 GMT
content-encoding
br
via
1.1 6d137176634825df2648120ac1bcc782.cloudfront.net (CloudFront)
x-amz-version-id
tDySzen9U2Si02KxdGCMT9BBtpBlBalH
x-amz-cf-pop
JFK52-P1
age
1913671
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
20136
last-modified
Wed, 19 Jul 2023 12:42:54 GMT
server
AmazonS3
etag
"af6b8e040e21abf74e4a0b821e11eec2"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
saIeKuPlg9Jd8UcTOFo3n0URlaTVVZJMUypxIw-Y1i6nK8ysky8Wzw==
480-bundle.js
static-cdn.spot.im/production/launcher/tags/v3.8.1/launcher/ 		99 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/launcher/tags/v3.8.1/launcher/480-bundle.js
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_Sx8YukwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.66 , United States, ASN (),
Reverse DNS
server-18-173-219-66.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4a4a10a664ff7f5a65f89c2a9ccb02a6c49cb144eb80c1ecc03745c7559cb4c7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 09:15:23 GMT
content-encoding
br
via
1.1 6d137176634825df2648120ac1bcc782.cloudfront.net (CloudFront)
x-amz-version-id
z3W6TvrHb.UFLS8IIT7bHQmKsJwTUxEM
x-amz-cf-pop
JFK52-P1
age
1913671
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
28312
last-modified
Wed, 19 Jul 2023 12:42:54 GMT
server
AmazonS3
etag
"d5007fa745e15409645bab7e1615ac17"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
9amaps4Esij7dwWOlsvvgRri0AqBgqf-3-pPVumiy3WG8leWPXbzRQ==
925-bundle.js
static-cdn.spot.im/production/launcher/tags/v3.8.1/launcher/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/launcher/tags/v3.8.1/launcher/925-bundle.js
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_Sx8YukwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.66 , United States, ASN (),
Reverse DNS
server-18-173-219-66.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eb0a28422de80a1127635064abbb693c00bb0199025346ab171840c99d1a18e9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 09:15:23 GMT
content-encoding
br
via
1.1 6d137176634825df2648120ac1bcc782.cloudfront.net (CloudFront)
x-amz-version-id
jUPT4ZlE_ECQuINqQ5zUX8Zfnic56Akj
x-amz-cf-pop
JFK52-P1
age
1913671
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
3165
last-modified
Wed, 19 Jul 2023 12:42:55 GMT
server
AmazonS3
etag
"73ad4b5dc46359e77c51990554136e4a"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
vLTBuKzfko4pa2HJWcogmfR6xeKjTROc3Unw5hhLK767AjPil1XPEQ==
initial-bundle.js
static-cdn.spot.im/production/launcher/tags/v3.8.1/launcher/ 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/launcher/tags/v3.8.1/launcher/initial-bundle.js
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_Sx8YukwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.66 , United States, ASN (),
Reverse DNS
server-18-173-219-66.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f4ede32d3a93f800a887100bba1f1b9de06a904fb84d4d2951f0f8538854d166

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 09:15:23 GMT
content-encoding
br
via
1.1 6d137176634825df2648120ac1bcc782.cloudfront.net (CloudFront)
x-amz-version-id
GUrDZdy206oxvurLiUZSbXFDfQfN2vTm
x-amz-cf-pop
JFK52-P1
age
1913671
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
8891
last-modified
Wed, 19 Jul 2023 12:42:55 GMT
server
AmazonS3
etag
"ac9e467afcda4bdc58bbbf7f35ca8579"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
MpaTsRApASHLttRLYkb2MkuljZFROWJn87mvqD18GBIUV7-ZhpSzWA==
pixel-ads-google-adsense.html
publisher-assets.spot.im/ad/event-tracking/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://publisher-assets.spot.im/ad/event-tracking/pixel-ads-google-adsense.html
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_Sx8YukwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.116.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-114.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 09:30:35 GMT
via
1.1 5a588475f9a075d76c33229107634f8e.cloudfront.net (CloudFront)
last-modified
Wed, 12 Aug 2020 13:25:53 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
11959
etag
"d41d8cd98f00b204e9800998ecf8427e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/html
accept-ranges
bytes
content-length
0
x-amz-cf-id
GcqnrhXUua6nXC5yjTDb9x_gItEfPAaJhuL_4hrevkcmPPkQCt2PBA==
en.json
cdn.cookielaw.org/consent/6c0f8417-b563-477c-8b00-33914cb4600e/d3fed764-fa9d-40e7-b202-00aae327b4c1/ 		693 KB
95 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/6c0f8417-b563-477c-8b00-33914cb4600e/d3fed764-fa9d-40e7-b202-00aae327b4c1/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de8a3d37d025e9675adca4cd831093b5400c7b76a96a6863a781f7ec1862b3b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 14 Aug 2023 12:49:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
76260
content-md5
q4LEjaF/VRSe7X45NEtdZA==
content-length
96769
x-ms-lease-status
unlocked
last-modified
Fri, 14 Jul 2023 15:38:06 GMT
server
cloudflare
etag
0x8DB848051AC6399
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
19d57089-301e-0137-0669-b6321c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7f6952033bfb0a1a-MIA
expires
Tue, 15 Aug 2023 12:49:53 GMT
truncated
/ 		649 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fb332f6a286fb2a19310350891eb32de8291a4e7291fec8e62f985aef8f4a208

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/svg+xml
messages-count
open-api.spot.im/v1/ 		58 B
682 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://open-api.spot.im/v1/messages-count?spot_id=sp_Sx8YukwE&posts_ids=26570027
Requested by
Host: nypost.com
URL: https://nypost.com/wp-content/plugins/nyp-membership/build/main.bundle.min.js?ver=990eeb4a409ae03a5bf4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.223.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-23.jfk51.r.cloudfront.net
Software
/
Resource Hash
057da4d9f7dbb19c543e3694492375c65de82e1fd8b3589cf29523e779f3a878
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:53 GMT
via
1.1 e60afe88b840ada9af7b8a328e52a866.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
JFK51-C1
x-cache
Miss from cloudfront
x-spotim-bid
x-spotim-rid
content-length
58
x-spotim-vid
access-control-max-age
86400
access-control-allow-methods
GET, POST, DELETE, PUT, PATCH, HEAD, OPTIONS
content-type
application/json
access-control-allow-origin
https://nypost.com
access-control-expose-headers
x-spotim-bid, x-spotim-rid, x-spotim-token, x-spotim-networkid, x-spotim-spotid, x-spotim-vid
access-control-allow-credentials
true
access-control-allow-headers
x-spotim-bid, x-spotim-rid, x-spotim-token, x-spotim-networkid, x-spotim-spotid, x-spotim-vid, Content-Type
x-amz-cf-id
AfbdKd4eadOCb7qazKDB7EiiIu-4unWTiWbylmcbcHY3ccrLTRTXYQ==
jwanalytics.bundle.min.js
nypost.com/wp-content/plugins/nyp-video-player/build/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/plugins/nyp-video-player/build/jwanalytics.bundle.min.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/spddoyds.js?ver=6.0.5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f5dc5dc201adf9ef2ed311d17f97ce68093d851f74c6b8f410974bfcef99e109
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 08 Aug 2023 18:47:49 GMT
server
nginx
x-rq
mia6 96 184 443
etag
W/"64d28dd5-2689"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
jwadvertise.bundle.min.js
nypost.com/wp-content/plugins/nyp-video-player/build/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/plugins/nyp-video-player/build/jwadvertise.bundle.min.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/spddoyds.js?ver=6.0.5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
bbf6000ae861eaaa745128dfb1d54a771fcb19d77ab2e07f8d089051c06cdcd5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 08 Aug 2023 18:47:49 GMT
server
nginx
x-rq
mia6 96 185 443
etag
W/"64d28dd5-11a6"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
streamingtag_plugin_jwplayer.js
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain
  • https://sb.scorecardresearch.com/c2/plugins/streamingtag_plugin_jwplayer.js
  • https://sb.scorecardresearch.com/internal-c2/default/streamingtag_plugin_jwplayer.js
210 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-c2/default/streamingtag_plugin_jwplayer.js
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Server
18.164.96.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-43.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
96281150fc4b153640ffd15f9ce9a133ee631aecb0f955cd67974e72af74ae64

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:41:01 GMT
content-encoding
gzip
via
1.1 eb2e4893b47f0d155cd51b82c2a8d596.cloudfront.net (CloudFront)
last-modified
Thu, 24 Feb 2022 15:25:16 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P5
age
533
x-amz-server-side-encryption
AES256
etag
W/"45e1b1186d270bf042fe7ed57882f85b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
RybsmRLb9hH5v54q9mr_Rfr2S0kjz9GsHZt3RyHcTh38pBoaGcWRQg==

Redirect headers

date
Mon, 14 Aug 2023 12:49:53 GMT
via
1.1 eb2e4893b47f0d155cd51b82c2a8d596.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
location
/internal-c2/default/streamingtag_plugin_jwplayer.js
content-length
0
x-amz-cf-id
S1AS2KKv2SCFOlwwZD7pQ71yFJrbWFAeSL-Xy0pt7RAof5cUYhVCkQ==
jwcomscore.bundle.min.js
nypost.com/wp-content/plugins/nyp-video-player/build/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/plugins/nyp-video-player/build/jwcomscore.bundle.min.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/spddoyds.js?ver=6.0.5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f56805665729555fb5796e32adc67dd4902763af47f2e0c778e5f3c4d05882c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Mon, 14 Aug 2023 12:25:58 GMT
server
nginx
x-rq
mia6 96 185 443
etag
W/"64da1d56-ab8"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
us.wtat.plugin-jw_ima.min.js
cdn.watchingthat.net/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.watchingthat.net/us.wtat.plugin-jw_ima.min.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/spddoyds.js?ver=6.0.5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
AmazonS3 /
Resource Hash
8aabf0113f8006f81da8b7164efce760ae81669f8c606f060cc2b375cc46728d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:53 GMT
content-encoding
gzip
x-amz-version-id
dNP2mGuwM2pOtpSnfnOgPTZ8IN7pssB9
last-modified
Sat, 03 Sep 2022 08:50:12 GMT
server
AmazonS3
x-amz-request-id
C2QR5P3E2Z7SNJP0
etag
"4070350269c67de441aae97b6abc6c83"
x-hw
1692017393.cds213.mi1.hn,1692017393.cds255.mi1.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2993
accept-ranges
bytes
content-length
6410
x-amz-id-2
G/MNMOA7R6EGu0ez5+DS4CG2VsOuCXpcc7j7FefqphK1VEk+0+yRlpxfI59UwzV3uMbURRxikuY=
jwcustomizations.bundle.min.js
nypost.com/wp-content/plugins/nyp-video-player/build/ 		352 B
401 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/plugins/nyp-video-player/build/jwcustomizations.bundle.min.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/spddoyds.js?ver=6.0.5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
3c735c4ebe1bb83751e8325342cba1b6b6044ac98ec1d9e14b63eac5603ec184
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:53 GMT
strict-transport-security
max-age=31536000
x-rq
mia6 96 184 443
last-modified
Tue, 08 Aug 2023 18:47:49 GMT
server
nginx
etag
"64d28dd5-160"
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
352
jwfloatingplayerdesktop.bundle.min.js
nypost.com/wp-content/plugins/nyp-video-player/build/ 		1 KB
754 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/plugins/nyp-video-player/build/jwfloatingplayerdesktop.bundle.min.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/spddoyds.js?ver=6.0.5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a3fdce8587c21fb3df135dc7761dd203b6883685d4f791045a673d7f1f59db47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 08 Aug 2023 18:47:49 GMT
server
nginx
x-rq
mia6 96 185 443
etag
W/"64d28dd5-535"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
googima.js
ssl.p.jwpcdn.com/player/v/8.27.1/ 		73 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.27.1/googima.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/spddoyds.js?ver=6.0.5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
778be0a20b795b24796a8bc78cad7d23ccbcf35d20d68c761527d57486605aaa

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:53 GMT
content-encoding
gzip
via
1.1 varnish
age
62729
x-cache
HIT
content-length
21963
x-served-by
cache-mia-kmia1760020-MIA
last-modified
Mon, 22 May 2023 06:27:35 GMT
server
AmazonS3
x-timer
S1692017393.352061,VS0,VE0
etag
"b08808f5729ce90fddf682e101a9691b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400, immutable
accept-ranges
bytes
x-cache-hits
24225
jwpsrv.js
ssl.p.jwpcdn.com/player/v/8.27.1/ 		64 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.27.1/jwpsrv.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/spddoyds.js?ver=6.0.5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5d43c598e2818c95943dae6325d770f93f7a2adf383d4df880766c077bfd0380

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:53 GMT
content-encoding
gzip
via
1.1 varnish
age
745
x-cache
HIT
content-length
19644
x-served-by
cache-mia-kmia1760020-MIA
last-modified
Wed, 26 Jul 2023 19:06:21 GMT
server
AmazonS3
x-timer
S1692017393.352520,VS0,VE0
etag
"33991e5d8ab91e3099e980e873ac383e"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=900, immutable
accept-ranges
bytes
x-cache-hits
546
gapro.js
ssl.p.jwpcdn.com/player/v/8.27.1/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.27.1/gapro.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/spddoyds.js?ver=6.0.5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e4b924a35823385fe5d1fbf922aa99d0e37d3aa5b08c30ed3517516e3515c6be

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:53 GMT
content-encoding
gzip
via
1.1 varnish
age
7061157
x-cache
HIT
content-length
1655
x-served-by
cache-mia-kmia1760020-MIA
last-modified
Mon, 22 May 2023 06:27:33 GMT
server
AmazonS3
x-timer
S1692017393.352247,VS0,VE0
etag
"13ccc48bd1c0243599a5885433bb0ad8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
136080
jwplayer.core.controls.js
ssl.p.jwpcdn.com/player/v/8.27.1/ 		317 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.27.1/jwplayer.core.controls.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/spddoyds.js?ver=6.0.5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f25b68cae995caaaaea17d890f255f8863419c6126a53322bb4469053acfc4c8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:53 GMT
content-encoding
gzip
via
1.1 varnish
age
7061158
x-cache
HIT
content-length
84863
x-served-by
cache-mia-kmia1760020-MIA
last-modified
Mon, 22 May 2023 06:27:29 GMT
server
AmazonS3
x-timer
S1692017393.352274,VS0,VE0
etag
"3141cfbc04d2f12e7e4047ffd289780c"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
427206
jw-player-skin.min.css
nypost.com/wp-content/plugins/nyp-video-player/build/css/ 		1 KB
561 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/plugins/nyp-video-player/build/css/jw-player-skin.min.css?4b14b722bb788c325d45
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/spddoyds.js?ver=6.0.5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
bd88b201f70def5559b62fe89e32bec4d0b0ac706cf657a5251ae6f1711b0d06
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 08 Aug 2023 18:47:49 GMT
server
nginx
x-rq
mia6 96 184 443
etag
W/"64d28dd5-57c"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
provider.hlsjs.js
ssl.p.jwpcdn.com/player/v/8.27.1/ 		412 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.27.1/provider.hlsjs.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/spddoyds.js?ver=6.0.5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5172dcf83f6d622751ea688d1ba4b507d54e3eeed9e933ac38f87ada5ecc87fd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:53 GMT
content-encoding
gzip
via
1.1 varnish
age
7061158
x-cache
HIT
content-length
125992
x-served-by
cache-mia-kmia1760020-MIA
last-modified
Mon, 22 May 2023 06:27:32 GMT
server
AmazonS3
x-timer
S1692017393.357211,VS0,VE0
etag
"4f4459c52455c57a5490992cac29595d"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
301675
pyz4pvc.css
use.typekit.net/ 		2 KB
873 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/pyz4pvc.css?ver=fff68af0505af779fefa
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8252 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
6f8b2b91c0a7c18a0eafd67bcaa80fdb350695ecc4d866f71728c74a8f886598
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Mon, 14 Aug 2023 12:49:53 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
650
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c4113ebc97841fdd4d6079742098c029077897bc029ae5e724a293fc1053a88c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8163e7149db361ed14b7555bca382bdd8f5d1c6ee6d33f9434a83c2f0420cff2

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/988380111/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/988380111/?random=1692017393285&cv=9&fst=1692017393285&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=-600&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&tiba=Secret%20Service%20tracking%20Onlyfans%2C%20Twitch%2C%20Pinterest%20websites&hn=www.googleadservices.com&us_privacy=1---&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a217ac70727c09f126d43089c261ea3d780f97fafcef709bace1ea27f42ff45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:53 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1426
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
p.js
cdn.parsely.com/keys/nypost.com/ 		81 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.parsely.com/keys/nypost.com/p.js
Requested by
Host: d1z2jf7jlzjs58.cloudfront.net
URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.101.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-101-60.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
2c49cb962ef8cde4b20f4c74d091646c3cd6189d05363f9082bb73f4d3d5dc74

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
public
date
Mon, 14 Aug 2023 07:06:42 GMT
content-encoding
gzip
via
1.1 ad22d4e4410fd07809425488bf6e79be.cloudfront.net (CloudFront)
last-modified
Tue, 25 Jul 2023 18:05:06 GMT
server
nginx
x-amz-cf-pop
JFK50-P5
age
20591
etag
W/"64c00ed2-144b5"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400, public
x-amz-cf-id
OKtqiM0sw2mn30zfsrHlVCtBW4Ix91EgILtvXxX4f38jTlS7uuUMfQ==
expires
Tue, 15 Aug 2023 07:06:42 GMT
sp_v2_17012023.js
storage.googleapis.com/nchq-nyp-nid/prod/ 		73 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/nchq-nyp-nid/prod/sp_v2_17012023.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TWX9Z9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2010 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
113a51e486fa9882fd4345ba3c1b3e7d4c99e858f6a37e4479d41305fd32b114

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:24:16 GMT
age
1537
x-guploader-uploadid
ADPycdtP2aW8Pw4amwt3d9YdBoVO7gwIMfzEVhCsPeeK0bsYwQt2UxNArwjocj5_fOXtgpWHJg7Qoi_3WYR3WH2ok6G3pA
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74301
last-modified
Tue, 17 Jan 2023 10:26:28 GMT
server
UploadServer
etag
"f5f9bf87bd245875dc96c326d0ffb77e"
x-goog-generation
1673951188412522
x-goog-hash
crc32c=OrhIzA==, md5=9fm/h70kWHXclsMm0P+3fg==
content-type
text/javascript
cache-control
public, max-age=3600
x-goog-stored-content-length
74301
accept-ranges
bytes
expires
Mon, 14 Aug 2023 13:24:16 GMT
js
www.googletagmanager.com/gtag/ 		244 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-0DZ7LHF5PZ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TWX9Z9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2008 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d30e9fe8c6581baecfae8f6f2ea1dce892f66a99554097d88655bcd792cea131
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:53 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85174
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 14 Aug 2023 12:49:53 GMT
otFlat.json
cdn.cookielaw.org/scripttemplates/6.39.0/assets/ 		13 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.39.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14e4d1596c6b58896dfce1fc1ec45372bab4d2259ba82828fa3f96cc4f859fc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 14 Aug 2023 12:49:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Xx897lTVYGjMQiwuGCrzDA==
age
12420
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
3007
x-ms-lease-status
unlocked
last-modified
Fri, 26 Aug 2022 16:30:55 GMT
server
cloudflare
etag
0x8DA87805972EF22
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
76a6d10c-f01e-00ad-3fe1-5af88c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7f6952050da40a1a-MIA
otPcPanel.json
cdn.cookielaw.org/scripttemplates/6.39.0/assets/v2/ 		64 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.39.0/assets/v2/otPcPanel.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd2879e3b0d373936b3a4f85f24bf5ae631ea76ec7c79b528b53bd4f3ea44de6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 14 Aug 2023 12:49:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Kw22gRKC0ogRtsT2RwAR9Q==
age
17921
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
13290
x-ms-lease-status
unlocked
last-modified
Fri, 26 Aug 2022 16:30:57 GMT
server
cloudflare
etag
0x8DA87805AF0078C
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
0a721946-b01e-010f-0ee1-5a7345000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7f6952050da50a1a-MIA
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/6.39.0/assets/ 		22 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.39.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb6bcf7d9261064812fe1b4d2b59b8c8ca52b7d0c522746ba9cec2dc01b3a7d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 14 Aug 2023 12:49:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
B55i3ZY9miZIaUrwjufy0w==
age
50401
x-ms-lease-status
unlocked
last-modified
Fri, 26 Aug 2022 16:31:09 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
fcd7a89c-501e-0105-61e1-5a6acc000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
7f6952050da70a1a-MIA
l
use.typekit.net/af/384d9b/00000000000000007735bb6a/30/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/384d9b/00000000000000007735bb6a/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/pyz4pvc.css?ver=fff68af0505af779fefa
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8252 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1047020444e0f9d5830f2d569440909a6aaf61ef5b6db572bc3b9987f4b4f741

Request headers

Referer
https://use.typekit.net/pyz4pvc.css?ver=fff68af0505af779fefa
Origin
https://nypost.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:53 GMT
server
nginx
etag
"23427917d6d72688888854d7151dc7962d8d8301"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
25828
l
use.typekit.net/af/fcc1c9/00000000000000007735bb6c/30/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/fcc1c9/00000000000000007735bb6c/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/pyz4pvc.css?ver=fff68af0505af779fefa
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8252 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
c8303d94c22f8d08a2bbf554557afbb554161aa594d248b2c77286b1d3c98252

Request headers

Referer
https://use.typekit.net/pyz4pvc.css?ver=fff68af0505af779fefa
Origin
https://nypost.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:53 GMT
server
nginx
etag
"4a18a3989731aaa007ed313e06dcae2e9eeac63d"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
27920
recaptcha__en.js
www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/ 		438 KB
177 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Leg3vIiAAAAAByX7xhKbJS8ZzblWErZEWeeILD1&hl=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2003 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
973351a8332ef14670e481d690b0e7d242a6b3c949fdcac75cb767068ee5241c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Origin
https://nypost.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 05:55:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
197659
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
180114
x-xss-protection
0
last-modified
Sun, 06 Aug 2023 12:02:10 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 11 Aug 2024 05:55:34 GMT
skeleton.gif
static.adsafeprotected.com/ 		43 B
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif?bannnerid=400989_advertisement_
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23ca:400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 19 May 2023 10:05:09 GMT
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via
1.1 d3041c3025b9205db460853b5b9626bc.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P2
age
7526684
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
u0NRUivrBiLYue1u8clY3ocV5__JtG-O7YmcT1GhF0eher2LvlOhiQ==
state
api.btloader.com/mw/ 		0
101 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/mw/state?bt_env=prod
Requested by
Host: nypost-com.videoplayerhub.com
URL: https://nypost-com.videoplayerhub.com/galleryplayer.js?ver=1.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 14 Aug 2023 12:49:53 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
px.gif
ad-delivery.net/ 		43 B
931 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:53 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1087873
x-guploader-uploadid
ADPycdt49IsmxBuBTzmmtWUHcXB3tppsbxDX6RE0h_Fan5GgWtQEApS-Yf9KEpRH5H_WYUCyU_wcsy0ySssKc7-3dLKVTQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E8GCO86a%2FsEv004YAUphhWq4818ZIIhTFCxgCvlmQ%2B1n%2FAjoWR4GwVWsoqrUFsNlkaM9HjSWe5nWOmXyMPrDTraqsMW0UoAGGLZDyk%2BsPPYIr2EKl4CHEwC5mMcuPoKBF2lr%2B1bp8WLxTUyCBw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
7f6952060c774c2c-MIA
expires
Tue, 01 Aug 2023 23:29:12 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.166 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 20:26:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
58990
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 14 Aug 2023 20:26:43 GMT
px.gif
ad-delivery.net/ 		43 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.23818712708311773
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:53 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1087873
x-guploader-uploadid
ADPycdt49IsmxBuBTzmmtWUHcXB3tppsbxDX6RE0h_Fan5GgWtQEApS-Yf9KEpRH5H_WYUCyU_wcsy0ySssKc7-3dLKVTQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t0h6uBVHFxP9NPptXXE6Vw%2FRcmbeTeaLBuqjzD9HLds2Cc0%2BAa5VHQzDXdF4IDU3vYzXoo%2B3eV7Ppn0%2Fo7LCphC2rNxJGk9lLehf%2F6irA21dSiksmap%2BrGBupfQoDcPFBeVUTXFk%2FAsQoF8wSw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
7f6952060c794c2c-MIA
expires
Tue, 01 Aug 2023 23:29:12 GMT
g.gif
pixel.wp.com/ 		50 B
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&j=1%3A11.3.2&blog=163456144&post=26570027&tz=-4&srv=nypost.com&hp=vip&host=nypost.com&ref=&fcp=1028&rand=0.3995997582234809
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 14 Aug 2023 12:49:53 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
metrics-reporter-bundle.js
static-cdn.spot.im/production/launcher/tags/v3.8.1/launcher/ 		38 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/launcher/tags/v3.8.1/launcher/metrics-reporter-bundle.js
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_Sx8YukwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.66 , United States, ASN (),
Reverse DNS
server-18-173-219-66.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1212aebf052f6f8132cec9e511eb780c9eb9efbaea9805ed1308e8c480fefcf0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 09:15:23 GMT
content-encoding
br
via
1.1 6d137176634825df2648120ac1bcc782.cloudfront.net (CloudFront)
x-amz-version-id
Lc9IClDvQHQ0VBmE3t9vUdsJzpPE0FkA
x-amz-cf-pop
JFK52-P1
age
1913671
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
12544
last-modified
Wed, 19 Jul 2023 12:42:55 GMT
server
AmazonS3
etag
"655aaf364a6920cfc8747a0f92755cd2"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
z6Xqz33Bb5xQqqFBDSSsIxme0JbRe1HetCMxT-GtvMTIl5_Fr2lpLQ==
181-bundle.js
static-cdn.spot.im/production/launcher/tags/v3.8.1/launcher/ 		161 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/launcher/tags/v3.8.1/launcher/181-bundle.js
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_Sx8YukwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.66 , United States, ASN (),
Reverse DNS
server-18-173-219-66.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
622d8b20aff13a9a96cecc1eff31d5336fa29a8fb3f4c97ef3a184217dc6c103

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 09:15:23 GMT
content-encoding
br
via
1.1 6d137176634825df2648120ac1bcc782.cloudfront.net (CloudFront)
x-amz-version-id
OcYr30t6nm0oYgmNZ8FH9mzwjw9GSGjM
x-amz-cf-pop
JFK52-P1
age
1913671
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
45269
last-modified
Wed, 19 Jul 2023 12:42:54 GMT
server
AmazonS3
etag
"ed83c71c15f3706f1bbb29e0fb6688cb"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
E93QLxvMXcgoehKjYcCZ-nELS2fwm_GKqilltdkw4d8bruSRzU-EGw==
shell-bundle.js
static-cdn.spot.im/production/launcher/tags/v3.8.1/launcher/ 		93 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/launcher/tags/v3.8.1/launcher/shell-bundle.js
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_Sx8YukwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.66 , United States, ASN (),
Reverse DNS
server-18-173-219-66.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9fd1bc93f7212dbd99739cfd9fd1607fbfdf193efdd761bd7b8d82cb0877453f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 08:01:02 GMT
content-encoding
br
via
1.1 6d137176634825df2648120ac1bcc782.cloudfront.net (CloudFront)
x-amz-version-id
9GliLRnk.aWaXjvu.3sFrMGjcmuVb8Ou
x-amz-cf-pop
JFK52-P1
age
1745332
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
20969
last-modified
Wed, 19 Jul 2023 12:42:55 GMT
server
AmazonS3
etag
"436870643d6a48a678c2398097e0fc9d"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
M-iCm9b2d8uC4xDLOEGLuyU4Lga3aJtqwBoU6qtPGC72v6xhjXv_Qw==
ncg.js
us.tags.newscgp.com/prod/ncg/ 		163 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://us.tags.newscgp.com/prod/ncg/ncg.js
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.63.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-36.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9a7e1baabdf40ac4f280d17a95f3798ebea8161a555d4ee1b698cc67cfc3a8e6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 04:54:01 GMT
Content-Encoding
gzip
Via
1.1 8ab0aef6448b5ee7c8ac1a76da988556.cloudfront.net (CloudFront)
Last-Modified
Wed, 26 Jul 2023 13:22:15 GMT
Server
AmazonS3
X-Amz-Cf-Pop
EWR53-C1
Age
28553
x-amz-server-side-encryption
AES256
ETag
W/"5bb224f7c74d23414a70df8e4b5672c8"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
CgKNVXKPeMyajaOSrqmbKhzyP7beNWkJbKM6Lx0XBtOcAbxzrS5wQA==
a-01qt.min.js
b-code.liadm.com/ 		44 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b-code.liadm.com/a-01qt.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TWX9Z9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23cb:a000:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
c204fa2213c75a59ca23145d972a116ad271a68f2d8878070a0b8d0b12b6d98b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:11:05 GMT
content-encoding
gzip
via
1.1 f5b36a6d650578e8cf7b1700c37caa00.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P1
age
9528
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
"public, max-age=86400"
x-amz-cf-id
W6dZCeWsn11uQsF1shEUoH3PaokxwGP5c-WyWLTR-xa-jzNbbaNsXQ==
tr
www.facebook.com/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr?id=905617079525218&ev=ViewContent
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 14 Aug 2023 12:49:53 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
config
platform.datazoom.io/beacon/v2/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://platform.datazoom.io/beacon/v2/config?configuration_id=d6ee0345-1775-424f-9589-5be490675ddc
Requested by
Host: platform.datazoom.io
URL: https://platform.datazoom.io/beacon/v1/config?configuration_id=d6ee0345-1775-424f-9589-5be490675ddc&ver=731dbefa1f90243b01b5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.197.65.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-197-65-5.compute-1.amazonaws.com
Software
/
Resource Hash
d0828341c0710f02e5a7400db548207eaf5e9220fea352fce5502ab3849e6a6f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 14 Aug 2023 12:49:53 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json
wExvYnLyEeyygEIIgluVXw.json
entitlements.jwplayer.com/ 		69 B
248 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://entitlements.jwplayer.com/wExvYnLyEeyygEIIgluVXw.json
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/spddoyds.js?ver=6.0.5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.5.228 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mic/9B27) /
Resource Hash
5427e10c23520fbca480e8750c7e03dc2858eee594081879ea72a559bbd9fa81

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:53 GMT
content-encoding
gzip
last-modified
Mon, 14 Aug 2023 12:48:11 GMT
server
ECAcc (mic/9B27)
age
102
vary
Accept-Encoding
x-cache
HIT
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=1800, s-maxage=6660
accept-ranges
bytes
content-length
80
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		345 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/spddoyds.js?ver=6.0.5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5e2f3ea6e601012859abbc5da7eef35d1cf45011a0275cd9a86dbd0f7fd4101
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
121804
x-xss-protection
0
expires
Mon, 14 Aug 2023 12:49:53 GMT
truncated
/ 		956 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3d799b8d6ab02987525e8b6762b44750c198a6f6a3f9e7753473ddef8094c83e

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
www.google.com/pagead/1p-user-list/988380111/ 		42 B
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/988380111/?random=1692017393285&cv=9&fst=1692014400000&num=1&guid=ON&eid=375603261%2C466465925%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=-600&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&tiba=Secret%20Service%20tracking%20Onlyfans%2C%20Twitch%2C%20Pinterest%20websites&fmt=3&is_vtc=1&random=2874873579&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2004 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:53 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
p1.parsely.com/px/ 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.parsely.com/px/?rand=1692017393936&plid=617e9bc7-c200-4042-b362-266166e83f3f&idsite=nypost.com&url=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22parsely%3Ametadata-detection%22%3A%7B%22version%22%3A0%2C%22url%22%3A%22https%3A%2F%2Fwww.foxbusiness.com%2Fpolitics%2Fsecret-service-tracking-onlyfans-pinterest-twitch-websites-documents-reveal%22%2C%22hash%22%3A-1710210594%7D%7D&sid=1&surl=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&sref=&sts=1692017393906&slts=0&title=Secret+Service+tracking+Onlyfans%2C+Twitch%2C+Pinterest+websites&date=Mon+Aug+14+2023+02%3A49%3A53+GMT-1000+(Hawaii-Aleutian+Standard+Time)&action=pageview&pvid=3ce83885-3ae5-426a-982d-306953618349&u=pid%3D29d8e12a-bdce-43f1-adac-e50b2e3fff4d
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.144.144.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-144-142.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 12:49:54 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
js
www.googletagmanager.com/gtag/ 		244 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-0DZ7LHF5PZ
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2008 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b16edd5668ea1f58ddfcfd7d2b4ae5fb7d3c99347cdf4a39de7304601c1fb98d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:54 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85149
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 14 Aug 2023 12:49:54 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::200e Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 14 Aug 2023 12:27:56 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
1318
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 14 Aug 2023 14:27:56 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		246 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.107.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-107-138.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
28168f094d3633fec225e7ecd9982c5405b51f2fceae610016b6ec9cc10606a9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:28:12 GMT
content-encoding
gzip
via
1.1 23c9ec01b6f4151f654547c0190aeebe.cloudfront.net (CloudFront), 1.1 01b6e75b22243ae76d6d282c014927c6.cloudfront.net (CloudFront)
last-modified
Thu, 10 Aug 2023 20:50:38 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3, JFK50-P3
age
1303
x-amz-server-side-encryption
AES256
etag
W/"93708b50a97059783aafdf3c6548167d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
El73yrLeP00yPhHmIG8k8xh7J-azu3WF7qKFw-l-kPT0vEV5SCs--Q==
i.js
tag.bounceexchange.com/2045/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.bounceexchange.com/2045/i.js
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.253.250 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
250.253.120.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
db12975962631f4072b35e95c67a12bf02290ae8d23e8caf46deac685bcb3930

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:48:54 GMT
content-encoding
gzip
via
1.1 google
age
60
x-envoy-upstream-service-time
1
x-region
us-central1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5525
server
istio-envoy
etag
20adf2ec15248f
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=60
timing-allow-origin
*
link
<https://assets.bounceexchange.com>; rel=dns-prefetch, <https://events.bouncex.net>; rel=dns-prefetch, <https://data.cdnbasket.net>; rel=dns-prefetch, <https://page.cdnbasket.net>; rel=dns-prefetch, <https://view.cdnbasket.net>; rel=dns-prefetch, <https://ids.cdnwidget.com>; rel=dns-prefetch, <https://pix.cdnwidget.com>; rel=dns-prefetch, <https://api.bounceexchange.com>; rel=preconnect, <https://pd.cdnwidget.com>; rel=preconnect
pushly-sdk.min.js
cdn.p-n.io/ 		303 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.p-n.io/pushly-sdk.min.js?domain_key=lGrO4sEYCy0zUu2DRBSBxuOWIGo8lGqPv8wE
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-120.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f33b318af6daf1ac1e6a7cea2758f883542c8c6378f02346fa9ce844747db6fd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:43:03 GMT
content-encoding
gzip
via
1.1 76d4de5b65bdf749a3f97445d1b9f4d2.cloudfront.net (CloudFront)
last-modified
Sat, 05 Aug 2023 00:50:18 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P2
age
412
x-amz-server-side-encryption
AES256
etag
W/"f0fe82b767b1b4fd095fcdd0f33b68f6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=900
x-amz-cf-id
zs2Z8EF00ADTmdKvzBFwnqfFnmHU0uIydIl3gDSJj5Tc8wToZsqXcw==
newscorpjs-1f38g3
segment-data.zqtk.net/ 		23 B
330 B 		Script
General
Check archive.org
Download Go to
Full URL
https://segment-data.zqtk.net/newscorpjs-1f38g3?url=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.165.119.46 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-165-119-46.compute-1.amazonaws.com
Software
nginx /
Resource Hash
558eb4d6de8f263a292d618186ac5d1270fdf3718f2b52277cb2ccf6cdfe6158

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 12:49:54 GMT
Last-Modified
Sun, 13 Aug 2023 19:35:12 GMT
Server
nginx
Content-Type
application/javascript; charset=UTF-8
X-Result-Id
CqTKW-3pkcz
Cache-Control
max-age=30
Connection
keep-alive
Content-Length
23
Expires
Mon, 14 Aug 2023 12:50:24 GMT
93051X1547088.skimlinks.js
s.skimresources.com/js/ 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.skimresources.com/js/93051X1547088.skimlinks.js?ver=1.0.0
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
AmazonS3 /
Resource Hash
6ad8f8c68fcd3042d30a385f8476c8ea8b6d53c8e3812e35b567f9bbb6bed177

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:54 GMT
content-encoding
gzip
last-modified
Mon, 12 Jun 2023 15:01:45 GMT
server
AmazonS3
x-amz-request-id
ZS9NWDCFYNRZ0NE0
etag
"2e4d1cc7479d136c7f4a0a10049a94c9"
x-hw
1692017394.cds204.mi1.hn,1692017394.cds039.mi1.c
content-type
application/octet-stream
cache-control
max-age=3600
accept-ranges
bytes
content-length
16136
x-amz-id-2
wWHf1x8Cj25h7fjxOlfhdMgkeXVYNLpwnbhXijT4mKLSo3S7eqUPW2KuTXLeGaugwgWQOSfuZQ0=
outbrain.js
widgets.outbrain.com/ 		233 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/outbrain.js?ver=1.0.0
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.220.189.76 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-189-76.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d5cdc58750167d7d4b95f6da1287723217f30edf895789d91d95e2bc565873f4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:54 GMT
content-encoding
gzip
last-modified
Mon, 14 Aug 2023 08:43:38 GMT
etag
"385-ma7xSRXR6BJKfqG/q1t+4eBbkHA"
vary
Accept-Encoding
edge-cache-tag
widget-cheetah-stg
content-type
application/x-javascript
access-control-allow-origin
*
access-control-allow-methods
GET,POST
cache-control
max-age=14500
access-control-allow-credentials
false
x-traceid
ac7db284e6642d4d806c6b0431df08b4
timing-allow-origin
*, *
content-length
86098
access-control-request-headers
X-OB-STG,X-OB-PRD
index.js
nypost.com/wp-content/plugins/nyp-aqfer/build/global-uid2/ 		1 KB
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/plugins/nyp-aqfer/build/global-uid2/index.js?ver=20fbeb0578e2bd852934
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
dc94c296cb4803ab1e1a492dc553b3c487adf23247708330dce7b7f09d05609f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 08 Aug 2023 18:47:48 GMT
server
nginx
x-rq
mia6 96 185 443
etag
W/"64d28dd4-4ff"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
index.js
nypost.com/wp-content/plugins/nyp-aqfer/build/global-aqfer/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/plugins/nyp-aqfer/build/global-aqfer/index.js?ver=b310e3eb23c1ec20bfcc
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
38c980c78bb071575a1684a76b7736c9fa3d58de5ef883184c5263001c701951
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 08 Aug 2023 18:47:48 GMT
server
nginx
x-rq
mia6 96 185 443
etag
W/"64d28dd4-1187"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
f34a8612-9c89-4e7a-adeb-71a2902d9634-web.js
0cf17917-395b-4f25-91cc-db3bdd6044b0.edge.permutive.app/ 		389 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://0cf17917-395b-4f25-91cc-db3bdd6044b0.edge.permutive.app/f34a8612-9c89-4e7a-adeb-71a2902d9634-web.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e1108d8337773ea47d4f9d3fa841339d918b2722ff1c87fee7e8a1194c03a73

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:54 GMT
content-encoding
br
cf-cache-status
HIT
x-goog-meta-oid
0cf17917-395b-4f25-91cc-db3bdd6044b0
age
0
x-guploader-uploadid
ADPycdvtitteiEv5b4upccmT7gLzYZWJUC3Vyoq6CWuM4KUau4QltLvpwKferOlrnIwKDOO4dq88fRFHkC2UXwxXnZZ2kQ
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
last-modified
Fri, 04 Aug 2023 14:26:10 GMT
server
cloudflare
etag
W/"cd38b80a9f28dfc8af8597903b4e06c6"
vary
Accept-Encoding
x-goog-generation
1691159170960516
content-type
application/javascript
x-goog-hash
crc32c=nbJN7w==, md5=zTi4Cp8o38ivhZeQO04Gxg==
cache-control
public, max-age=900
x-goog-stored-content-length
114726
timing-allow-origin
*
cf-ray
7f695209cdf06dd4-MIA
expires
Mon, 14 Aug 2023 13:04:54 GMT
op.js
tagan.adlightning.com/nc-nypost/ 		47 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/nc-nypost/op.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-92.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
81bd0df77dc7440397ca51114b1c136b79eef20fd7c2e36e82ebec07f393d337

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:33:19 GMT
content-encoding
gzip
via
1.1 e757cbc96b92081ef389914316ecb50c.cloudfront.net (CloudFront)
x-amz-version-id
3unorUinh3Yembv8dsCoEmJNJS5ypTNA
x-amz-cf-pop
EWR53-C3
age
996
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
18852
x-amz-meta-git_commit
e09f10f
last-modified
Sat, 12 Aug 2023 11:31:52 GMT
server
AmazonS3
etag
"9da036e42d1215ea283081919f49b270"
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
ihdvRcD33hmO-QsEXzoBVeu7xgbYFh0X6LxTR4J1g-XvHG4legtt0A==
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		85 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0d0201ae289abedb69462530b537bf214965f715981bfbc1332c8a4aa32e75ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28673
x-xss-protection
0
server
cafe
etag
802 / 19583 / 31076971 / config-hash: 9566803040182507923
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 14 Aug 2023 12:49:54 GMT
beacon.js
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain
  • https://sb.scorecardresearch.com/cs/6390601/beacon.js
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Server
18.164.96.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-43.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:04:41 GMT
content-encoding
gzip
via
1.1 eb2e4893b47f0d155cd51b82c2a8d596.cloudfront.net (CloudFront)
last-modified
Wed, 19 Jul 2023 09:10:12 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P5
age
38714
x-amz-server-side-encryption
AES256
etag
W/"77ff4ede4693897337a38594321529a3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
N3lDTqJzsClDKDLZRb-DNTCus_5rR25mCQpZEMnv-9q6ThjQ5vR14g==

Redirect headers

date
Mon, 14 Aug 2023 12:49:54 GMT
via
1.1 eb2e4893b47f0d155cd51b82c2a8d596.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
location
/internal-cs/default/beacon.js
content-length
0
x-amz-cf-id
ZpQUt4cEC4cyzp6DKrWOISHuRQUCMqNtevGKosW1sT6NPf0WSInP7g==
native-loader.js
video.unrulymedia.com/native/ 		7 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video.unrulymedia.com/native/native-loader.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:184e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39b8eb6f627d2b3b6087c9b80548a1822bfd63f5dcea868f996a4c5e0932863e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:54 GMT
x-amz-version-id
z_dySaxByB9wbNOD5Bjh5jqsWk6A7Mwx
cf-cache-status
HIT
x-amz-request-id
GF8GEYZWAJWWCY6E
age
4401
content-length
6659
x-amz-id-2
d+RgnIBCVZt2ZWRolz+CqlDUJL09unyyqXNx2aa1/ZQaR8mz+KfIZPafovBiJ6Xl9OrrzTRjmw4=
x-amz-expiration
expiry-date="Tue, 13 Nov 2029 00:00:00 GMT", rule-id="Delete after 7 years"
last-modified
Mon, 14 Nov 2022 15:41:58 GMT
server
cloudflare
etag
"aa008fe9bcc41b4a3eb716f1d30027b2"
vary
Accept-Encoding
content-type
application/octet-stream
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
7f69520a89d18dae-MIA
expires
Mon, 14 Aug 2023 16:49:54 GMT
zerg.js
www.zergnet.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zergnet.com/zerg.js?id=33405
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.210.73.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-210-73-124.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bfd73655552ce0e5e0587417bf9d08a6b1df69a425a569862454e7f883273628

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires
Mon, 21 Aug 2023 12:49:54 GMT
date
Mon, 14 Aug 2023 12:49:54 GMT
content-encoding
gzip
server
nginx
content-type
application/javascript; charset=UTF-8
download.png
cdn.cookielaw.org/logos/8930e991-baac-4a05-89f0-fc400879fa8a/3ebfa577-6728-4367-9384-2639ca4927aa/6777f08f-0b13-4889-8756-c821baee465b/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/8930e991-baac-4a05-89f0-fc400879fa8a/3ebfa577-6728-4367-9384-2639ca4927aa/6777f08f-0b13-4889-8756-c821baee465b/download.png
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5b616694f1262a8d042679be7f51e1b2a401bdd34329f6b72b164dd49cc4961
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 14 Aug 2023 12:49:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
7T3i6T4EXjFFdT0Pyanf0w==
age
20943
content-length
24499
x-ms-lease-status
unlocked
last-modified
Wed, 19 Apr 2023 18:21:04 GMT
server
cloudflare
etag
0x8DB4102D60FBC53
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
266c7acf-601e-012f-05ec-721f89000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7f695209c9a78dfc-MIA
powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/powered_by_logo.svg
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 14 Aug 2023 12:49:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
Y+c301RBZNK39PvKQWrIBw==
age
14744
x-ms-lease-status
unlocked
last-modified
Thu, 10 Aug 2023 17:49:56 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
d964fdaa-501e-0022-6cb5-cbfc9c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
7f695209c9aa8dfc-MIA
getEpochMillis
broker.datazoom.io/broker/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://broker.datazoom.io/broker/v1/getEpochMillis
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.55.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-55-225.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
cache-control
Access-Control-Request-Method
GET
Origin
https://nypost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-headers
cache-control
access-control-allow-methods
POST,OPTIONS,HEAD,GET
access-control-allow-origin
*
access-control-max-age
86400
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Mon, 14 Aug 2023 12:49:54 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
getEpochMillis
broker.datazoom.io/broker/v1/ 		30 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://broker.datazoom.io/broker/v1/getEpochMillis
Requested by
Host: platform.datazoom.io
URL: https://platform.datazoom.io/beacon/v1/config?configuration_id=d6ee0345-1775-424f-9589-5be490675ddc&ver=731dbefa1f90243b01b5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.55.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-55-225.compute-1.amazonaws.com
Software
/
Resource Hash
063d2750f41b88f89b69d29f07378e23b4f95f51992ca1767567f73b4927ce53

Request headers

cache-control
no-cache
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 14 Aug 2023 12:49:54 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json
country
api.btloader.com/ 		16 B
141 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/country
Requested by
Host: nypost-com.videoplayerhub.com
URL: https://nypost-com.videoplayerhub.com/galleryplayer.js?ver=1.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
30c714bf4216e577686d238b98561d093672cb25bf90baab50dd956f75cda4b3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:54 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
pv
api.btloader.com/ 		0
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=TvVoOnDOCF&w=5766767856058368&o=5747039208996864&cv=2.1.17-2-g0b33bd3&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&sid=SbI0eTQh&upapi=true
Requested by
Host: nypost-com.videoplayerhub.com
URL: https://nypost-com.videoplayerhub.com/galleryplayer.js?ver=1.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 14 Aug 2023 12:49:54 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
i
sac.nypost.com/ 		43 B
419 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sac.nypost.com/i?stm=1692017394237&e=pv&url=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&page=Secret%20Service%20tracking%20Onlyfans%2C%20Twitch%2C%20Pinterest%20websites&eid=4e079dc2-eccc-4e7a-814c-604a123deb2a&tv=js-3.8.0&tna=_nyp_nid&aid=ncg-nyp&p=web&cookie=1&cs=UTF-8&lang=en-US&res=1600x1200&cd=24&tz=Pacific%2FHonolulu&dtm=1692017394233&vp=1600x1200&ds=1600x6371&vid=1&sid=2f9b4024-b327-4809-9fcc-8756fd09ca4d&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoiaWdsdTpjb20ubmV3c2NncC9hcnRpY2xlL2pzb25zY2hlbWEvMS0wLTAiLCJkYXRhIjp7ImFydGljbGVfaWQiOiIyNjU3MDAyNyIsImFydGljbGVfc291cmNlIjoiRm94IEJ1c2luZXNzIiwiYXJ0aWNsZV9wdWJsaXNoZWRfdGltZSI6IjIwMjMvMDQvMTMgMDQ6MzU6MDMiLCJjb250ZW50X3R5cGUiOiJhcnRpY2xlIiwic2VjdGlvbiI6Im5ld3MiLCJzdWJzZWN0aW9uIjoic2VjcmV0IHNlcnZpY2UiLCJzdWJzdWJzZWN0aW9uIjoiIiwic3Vic3Vic3Vic2VjdGlvbiI6IiIsInN1YnN1YnN1YnN1YnNlY3Rpb24iOiIiLCJhcnRpY2xlX3BhaWRfY29udGVudF90eXBlIjoiIn19LHsic2NoZW1hIjoiaWdsdTpjb20ubmV3c2NncC9ha2EvanNvbnNjaGVtYS8xLTAtMCIsImRhdGEiOnsidXNlcl9pZCI6IiIsInVzZXJfcHJvdmlkZXIiOiIiLCJ1c2VyX21lbXR5cGUiOiJhbm9ueW1vdXMiLCJ1c2VyX25ld3NsZXR0ZXJfaWQiOiIiLCJ1c2VyX25ld3NsZXR0ZXJfcHJvdmlkZXIiOiIiLCJicm93c2VyX2RtcF9pZCI6IiIsImJyb3dzZXJfZG1wX3Byb3ZpZGVyIjoiIiwiYnJvd3Nlcl9hZHNfcHBpZCI6IiIsImJyb3dzZXJfYWRzX3Byb3ZpZGVyIjoiIiwiYnJvd3Nlcl9hbmFseXRpY3NfaWQiOiIiLCJicm93c2VyX2FuYWx5dGljc19wcm92aWRlciI6IiIsImJyb3dzZXJfbmNnX2lkIjoiIn19LHsic2NoZW1hIjoiaWdsdTpjb20uc25vd3Bsb3dhbmFseXRpY3Muc25vd3Bsb3cvd2ViX3BhZ2UvanNvbnNjaGVtYS8xLTAtMCIsImRhdGEiOnsiaWQiOiI2ZDlmODg0Yi1lNzg5LTRiOTUtOWU5ZC01YmRlZmM2YjI4ZjQifX1dfQ
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/nchq-nyp-nid/prod/sp_v2_17012023.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.110.220.19 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
19.220.110.34.bc.googleusercontent.com
Software
akka-http/10.2.7 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:53 GMT
via
1.1 google
server
akka-http/10.2.7
content-type
image/gif
access-control-allow-origin
https://nypost.com
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
config
prebid.media.net/rtb/prebid/analytics/ 		69 B
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid/analytics/config?cid=8CU3I8M1G&dn=nypost.com
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/prebid/nyp/pb.js?ver=1.0.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
bd53009baa81953a7b82428a4bd466c15dfadca2609b1915fa1a52afd4c03d30

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 14 Aug 2023 12:49:54 GMT
content-encoding
gzip
via
1.1 google
server
nginx
content-type
application/json;charset=utf-8
access-control-allow-origin
https://nypost.com
cache-control
max-age=900, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Mon, 14 Aug 2023 13:04:54 GMT
cookie.html
www.ncaudienceexchange.com/prod/ncg/ Frame C6E9 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.ncaudienceexchange.com/prod/ncg/cookie.html
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/ncg/ncg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.34.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-38.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
be33c364e784f14ebca2c4a7caba16a3b32046c6f0dedc1f1caf0d05d280a9c4

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
8943
content-encoding
gzip
content-type
text/html
date
Mon, 14 Aug 2023 10:20:52 GMT
etag
W/"27a77bbc87eed7c50fbccf9c936e316d"
last-modified
Wed, 28 Aug 2019 23:03:03 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 2f04b33f21912079fa9d6afaee0c5dd0.cloudfront.net (CloudFront)
x-amz-cf-id
gxgisp4i3bhMrdj365MSjBRKCbRHFqnNAGGCowPct1StMCZE85cAWg==
x-amz-cf-pop
EWR53-C2
x-cache
Hit from cloudfront
cookie.html
tags.realtor.com/prod/ncg/ Frame 334C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tags.realtor.com/prod/ncg/cookie.html
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/ncg/ncg.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.63.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-36.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
be33c364e784f14ebca2c4a7caba16a3b32046c6f0dedc1f1caf0d05d280a9c4

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Age
28561
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Mon, 14 Aug 2023 04:53:54 GMT
ETag
W/"27a77bbc87eed7c50fbccf9c936e316d"
Last-Modified
Wed, 28 Aug 2019 23:03:03 GMT
Server
AmazonS3
Transfer-Encoding
chunked
Vary
Accept-Encoding
Via
1.1 007ce3e1b06f57ef1a8d55f0923f723c.cloudfront.net (CloudFront)
X-Amz-Cf-Id
cJC35jKkHjVuhjwhXrM4ylDr3hur3TV_CQdK_kubJbT3m-UYDFz3cQ==
X-Amz-Cf-Pop
EWR53-C1
X-Cache
Hit from cloudfront
cookie.html
tags.barrons.com/prod/ncg/ Frame F8BC 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tags.barrons.com/prod/ncg/cookie.html
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/ncg/ncg.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.63.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-91.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
be33c364e784f14ebca2c4a7caba16a3b32046c6f0dedc1f1caf0d05d280a9c4

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Age
28561
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Mon, 14 Aug 2023 04:53:54 GMT
ETag
W/"27a77bbc87eed7c50fbccf9c936e316d"
Last-Modified
Wed, 28 Aug 2019 23:03:03 GMT
Server
AmazonS3
Transfer-Encoding
chunked
Vary
Accept-Encoding
Via
1.1 a74c33aabb438b6226856fa442878fa2.cloudfront.net (CloudFront)
X-Amz-Cf-Id
6pNl39lr-XqMBfw0LpBP9SHmUJeUAu-a4pvxCHwKLK13sD4HxVBmlA==
X-Amz-Cf-Pop
EWR53-C1
X-Cache
Hit from cloudfront
cookie.html
tags.mansionglobal.com/prod/ncg/ Frame 63CA 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tags.mansionglobal.com/prod/ncg/cookie.html
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/ncg/ncg.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.63.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-36.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
be33c364e784f14ebca2c4a7caba16a3b32046c6f0dedc1f1caf0d05d280a9c4

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Age
28561
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Mon, 14 Aug 2023 04:53:54 GMT
ETag
W/"27a77bbc87eed7c50fbccf9c936e316d"
Last-Modified
Wed, 28 Aug 2019 23:03:03 GMT
Server
AmazonS3
Transfer-Encoding
chunked
Vary
Accept-Encoding
Via
1.1 007ce3e1b06f57ef1a8d55f0923f723c.cloudfront.net (CloudFront)
X-Amz-Cf-Id
X7UdAIP5EkFhiNnU8EaIo8KFZPIdmuHhP1oaAQZ3l4--IgyOdb8u2g==
X-Amz-Cf-Pop
EWR53-C1
X-Cache
Hit from cloudfront
cookie.html
tags.marketwatch.com/prod/ncg/ Frame 14B9 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tags.marketwatch.com/prod/ncg/cookie.html
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/ncg/ncg.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.63.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-91.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
be33c364e784f14ebca2c4a7caba16a3b32046c6f0dedc1f1caf0d05d280a9c4

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Age
28561
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Mon, 14 Aug 2023 04:53:54 GMT
ETag
W/"27a77bbc87eed7c50fbccf9c936e316d"
Last-Modified
Wed, 28 Aug 2019 23:03:03 GMT
Server
AmazonS3
Transfer-Encoding
chunked
Vary
Accept-Encoding
Via
1.1 a171b1283e1187a443aee626cb753630.cloudfront.net (CloudFront)
X-Amz-Cf-Id
PPuza7uYKwnk2J4QAmcNsQJhJVwKfFXRf1v3O_KPJl1-J5mRP4sAdA==
X-Amz-Cf-Pop
EWR53-C1
X-Cache
Hit from cloudfront
cookie.html
tags.wsj.com/prod/ncg/ Frame AD3D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tags.wsj.com/prod/ncg/cookie.html
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/ncg/ncg.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.63.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-91.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
be33c364e784f14ebca2c4a7caba16a3b32046c6f0dedc1f1caf0d05d280a9c4

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Age
28561
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Mon, 14 Aug 2023 04:53:54 GMT
ETag
W/"27a77bbc87eed7c50fbccf9c936e316d"
Last-Modified
Wed, 28 Aug 2019 23:03:03 GMT
Server
AmazonS3
Transfer-Encoding
chunked
Vary
Accept-Encoding
Via
1.1 95a7b3c60127f88f316c1c042cf353c2.cloudfront.net (CloudFront)
X-Amz-Cf-Id
1v6CUCjEy2h5p8Q8uox3cOy376r4vnqStqF4aa929ziz75fVD1Z9Hw==
X-Amz-Cf-Pop
EWR53-C1
X-Cache
Hit from cloudfront
cookie.html
tags.decider.com/prod/ncg/ Frame 83CB 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tags.decider.com/prod/ncg/cookie.html
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/ncg/ncg.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.63.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-10.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
be33c364e784f14ebca2c4a7caba16a3b32046c6f0dedc1f1caf0d05d280a9c4

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Age
28561
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Mon, 14 Aug 2023 04:53:54 GMT
ETag
W/"27a77bbc87eed7c50fbccf9c936e316d"
Last-Modified
Wed, 28 Aug 2019 23:03:03 GMT
Server
AmazonS3
Transfer-Encoding
chunked
Vary
Accept-Encoding
Via
1.1 6cf3377e93378c7e591abeecafea2e6a.cloudfront.net (CloudFront)
X-Amz-Cf-Id
H3sk47GVFIV0e_oMETYx-lMUmA1IvZ_tCXIRq6DzTitip3KLcTy8FQ==
X-Amz-Cf-Pop
EWR53-C1
X-Cache
Hit from cloudfront
cookie.html
tags.pagesix.com/prod/ncg/ Frame 3264 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tags.pagesix.com/prod/ncg/cookie.html
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/ncg/ncg.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.63.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-10.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
be33c364e784f14ebca2c4a7caba16a3b32046c6f0dedc1f1caf0d05d280a9c4

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Age
28561
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Mon, 14 Aug 2023 04:53:54 GMT
ETag
W/"27a77bbc87eed7c50fbccf9c936e316d"
Last-Modified
Wed, 28 Aug 2019 23:03:03 GMT
Server
AmazonS3
Transfer-Encoding
chunked
Vary
Accept-Encoding
Via
1.1 96b6c9282feceea8aa00c25902322bb6.cloudfront.net (CloudFront)
X-Amz-Cf-Id
oKUY4ZlojNpVOGYyF4coAT_ILD2C4z7_0JzfuvrefisP5tzgTjk9bg==
X-Amz-Cf-Pop
EWR53-C1
X-Cache
Hit from cloudfront
cookie.html
tags.knewz.com/prod/ncg/ Frame 0C09 		0
0
cookie.html
tags.penews.com/prod/ncg/ Frame 2FF9 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tags.penews.com/prod/ncg/cookie.html
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/ncg/ncg.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.63.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-36.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
be33c364e784f14ebca2c4a7caba16a3b32046c6f0dedc1f1caf0d05d280a9c4

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Age
33241
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Mon, 14 Aug 2023 03:35:54 GMT
ETag
W/"27a77bbc87eed7c50fbccf9c936e316d"
Last-Modified
Wed, 28 Aug 2019 23:03:03 GMT
Server
AmazonS3
Transfer-Encoding
chunked
Vary
Accept-Encoding
Via
1.1 5ec6b37107376867228d2ed46a794602.cloudfront.net (CloudFront)
X-Amz-Cf-Id
9Ci0QapkQfkGQBVK2Zocb6YLifzJh0tEf1aocZi7x9zCI4e3geLhSQ==
X-Amz-Cf-Pop
EWR53-C1
X-Cache
Hit from cloudfront
i
v2.pixel.newscgp.com/ 		43 B
412 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://v2.pixel.newscgp.com/i?stm=1692017394376&e=se&se_ca=aka&se_ac=link%3Adomain&se_la=acced7cc-e7c0-4390-ae29-35396c2349c9&se_pr=nypost.com&eid=d704d571-01d2-4d79-81be-15c4b935a60d&tv=js-3.4.0&tna=_ncg__0&aid=newsconnect-global&p=web&cookie=1&cs=UTF-8&lang=en-US&res=1600x1200&cd=24&tz=Pacific%2FHonolulu&dtm=1692017394370&vp=1600x1200&ds=1600x6391&vid=1&sid=83b0ffdc-e8df-43d1-8c6a-21115ae84f1e&duid=acced7cc-e7c0-4390-ae29-35396c2349c9&url=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoiaWdsdTpjb20uc25vd3Bsb3dhbmFseXRpY3Muc25vd3Bsb3cvd2ViX3BhZ2UvanNvbnNjaGVtYS8xLTAtMCIsImRhdGEiOnsiaWQiOiJhZTExNWI0Zi1kZjljLTRmZWQtYWEzYi1jNzQ2NjcxM2ZjYTMifX1dfQ
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/ncg/ncg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.180.215 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
215.180.102.34.bc.googleusercontent.com
Software
akka-http/10.2.7 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:53 GMT
via
1.1 google
server
akka-http/10.2.7
content-type
image/gif
access-control-allow-origin
https://nypost.com
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
i
tags.nypost.com/cs/bounce/
Redirect Chain
  • https://tags.nypost.com/cs/sync/i
  • https://us.tags.newscgp.com/cs/sync/i?expiry_ts=1755089394312&origin=tags.nypost.com
  • https://us.tags.newscgp.com/cs/bounce/i?expiry_ts=1755089394312&origin=tags.nypost.com&fallback_id=b97c6e3e-5d02-4414-bea5-f504d547eb22.3.1692017394.1755089394312
  • https://tags.nypost.com/cs/bounce/i?expiry_ts=1755089394312&nuid=b97c6e3e-5d02-4414-bea5-f504d547eb22.3.1692017394.1755089394312
43 B
813 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.nypost.com/cs/bounce/i?expiry_ts=1755089394312&nuid=b97c6e3e-5d02-4414-bea5-f504d547eb22.3.1692017394.1755089394312
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
HTTP/1.1
Server
13.225.63.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-36.ewr53.r.cloudfront.net
Software
CloudFront /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 12:49:55 GMT
Via
1.1 16490f661d04b5f69e5cda7988ce930a.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
EWR53-C1
X-Cache
LambdaGeneratedResponse from cloudfront
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
X-Amz-Cf-Id
H5OfA8EYs5c-p7hvUmLHh9VRJ5LExJpgekq8_l0uHOifEAOrBeP1UQ==

Redirect headers

Date
Mon, 14 Aug 2023 12:49:55 GMT
Via
1.1 8ab0aef6448b5ee7c8ac1a76da988556.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
EWR53-C1
X-Cache
LambdaGeneratedResponse from cloudfront
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin
*
Location
https://tags.nypost.com/cs/bounce/i?expiry_ts=1755089394312&nuid=b97c6e3e-5d02-4414-bea5-f504d547eb22.3.1692017394.1755089394312
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-Amz-Cf-Id
W9bBaoKMVyG3NmOJvnBQIHA341HOG-zUwrfygfZejxXbQZgJyMhYwQ==
anchor
www.google.com/recaptcha/api2/ Frame 503E 		53 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Leg3vIiAAAAAByX7xhKbJS8ZzblWErZEWeeILD1&co=aHR0cHM6Ly9ueXBvc3QuY29tOjQ0Mw..&hl=en&v=3kTz7WGoZLQTivI-amNftGZO&size=invisible&cb=bwt9h2oraqm2
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2004 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e1b409240e0e8c2b231f6fb53cb8d6161f13c3c380c6e1cccf2eab57a8523b18
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-gpC9E756LqGMzaVCAIZuzQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
30293
content-security-policy
script-src 'report-sample' 'nonce-gpC9E756LqGMzaVCAIZuzQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 14 Aug 2023 12:49:54 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sprite.svg
static-cdn.spot.im/production/icons/sprites/ 		24 KB
10 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/icons/sprites/sprite.svg
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.8.1/launcher/initial-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.66 , United States, ASN (),
Reverse DNS
server-18-173-219-66.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
937085b9310af935b47f756a6326f86351c9fa0066de9e313e8cd6623ca0f888

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
pTYPLm0WXSUOn4wsgJLXLuv5LYGbB.2s
content-encoding
br
via
1.1 da8cb5b9fb94d7de03d8eaa20297debc.cloudfront.net (CloudFront)
date
Mon, 14 Aug 2023 06:56:06 GMT
x-amz-cf-pop
JFK52-P1
age
21229
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 24 May 2023 11:40:02 GMT
server
AmazonS3
etag
W/"2a4e43326a158b47d0598571fd4099b6"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-amz-cf-id
OALUqrJVbRp1rlYvoAIBp6bWzH8-XsTCn7tOZPS2o_IB9BAO-sX4Fg==
device-load
api-2-0.spot.im/v1.0.0/ 		36 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/device-load
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.8.1/launcher/initial-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-22.jfk50.r.cloudfront.net
Software
fasthttp /
Resource Hash
b3ce4d571ae95da3a6fed686eb4bde7d0d54d5fa1f8913b29e08e82b403f81a3
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:54 GMT
via
1.1 d8e93128b8c3fa45992684bc1f50eeb8.cloudfront.net (CloudFront)
x-spotim-device-uuid
a3319bef-f26a-424c-8ba0-adaa5e0ce096
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
strict-transport-security
max-age=31536000
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
content-length
36
x-guid
a3319bef-f26a-424c-8ba0-adaa5e0ce096
server
fasthttp
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://nypost.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url
x-amz-cf-id
Ckq1W4_8wVL8gkM55eZpflJe9Ca49Vcqhx5wyrJ79pKa4vC5t-O9SQ==
sync-container.js
b-code.liadm.com/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b-code.liadm.com/sync-container.js
Requested by
Host: b-code.liadm.com
URL: https://b-code.liadm.com/a-01qt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23cb:a000:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 10:11:05 GMT
x-amz-version-id
P2G05QRInXqMbYiaQAfs8F93v0Opxze8
content-encoding
gzip
last-modified
Mon, 24 Jul 2023 11:11:51 GMT
server
AmazonS3
via
1.1 f5b36a6d650578e8cf7b1700c37caa00.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P1
etag
W/"ae5e94de938b0387eda6df8f20da811a"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=2592000
age
527929
x-amz-cf-id
BAFcmqbx2rMHFHzio3aWKyCiL9YEb8PUCVNwIka8I7troWjxO5PZBg==
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.127.204.162 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://nypost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://nypost.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Mon, 14 Aug 2023 12:49:54 GMT
prebid
ib.adnxs.com/ut/v3/ 		143 B
956 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/prebid/nyp/pb.js?ver=1.0.2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.132 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
f22b62b3013e70a95dea269e3537500071d2de70839912ea420220d3fb04a8a0
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:54 GMT
an-x-request-uuid
6b3b535b-e7cc-42c7-b6b3-11985489272f
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nypost.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
38.132.118.69; 38.132.118.69; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
143
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
hbjson
grid.bidswitch.net/ 		23 B
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson?sp=trustx
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/prebid/nyp/pb.js?ver=1.0.2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.207.44.74 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
74.44.207.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
8e3e20ca112b01c60deb0b6c402991d3c456fb2508ab206b8e7cfb5304dc7879

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 14 Aug 2023 12:49:54 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
48
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
470 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/prebid/nyp/pb.js?ver=1.0.2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
84b849d4439de89b697d9a824f5837d503b0df9d63ce31729e2cf96d26852c52

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/1.127.0
Content-Type
application/json
access-control-allow-origin
https://nypost.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
Expires
0
unruly_prebid
targeting.unrulymedia.com/ 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/prebid/nyp/pb.js?ver=1.0.2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.127.204.162 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://nypost.com
pragma
no-cache
date
Mon, 14 Aug 2023 12:49:55 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
545 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=509523
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/prebid/nyp/pb.js?ver=1.0.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b87bb1163cd0e0d014117898793c9e359f9edafcfcbf263b1a81ec83f5ae91c3

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:54 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZkJFBsSdWMhXVnLEHhIjfqfKRuYw3WJUQs48oSDi7w20SvU9LUv19JtVMnvqhM9j%2BZ4ue0DiDsFFBX6N%2Fr7rX%2BJQNngzdyfGEjh52%2BX3kDBkZZ5OjOfR807XnnGLX5wanhYSYfjj"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://nypost.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7f69520cfc898dd3-MIA
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
auction
tlx.3lift.com/header/ 		19 B
523 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.39.0&referrer=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&tmax=6000&us_privacy=1---
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/prebid/nyp/pb.js?ver=1.0.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.84.197.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-197-253.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:54 GMT
accept-ch
sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		177 B
522 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3105&u=https%3A%2F%2Fnypost.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.107.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-107-138.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
52a6c0dc3a72a1f3b7202d7f33fdb147db367ce8b44f86e791814a9f079a5735

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:54 GMT
via
1.1 01b6e75b22243ae76d6d282c014927c6.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P3
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://nypost.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
177
x-amz-cf-id
voBs849vJbyn2rK6pjC_MmR4Z9kzkHJ4sqmv5hpfK8oU6HxYyxGDlg==
%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%223105%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat...
aax.amazon-adsystem.com/x/px/p/PH/ 		43 B
414 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%223105%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat%22%3A%22started%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fnypost.com%252F2023%252F04%252F13%252Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%252F%22%2C%22lv%22%3A%2223.725.1446%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.54.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-54-32.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:54 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 694c2ab22098fd212b8d6808ee6c5aaa.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P1
x-amz-rid
JS57T1WKGA0QM5628VTQ
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
no-cache
content-length
43
x-amz-cf-id
10ehEC-n2H8Ishr3VXIYRFjjssmXU9EMnQQlF8K0v-QNqxSlqqRffw==
%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%223105%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat...
aax.amazon-adsystem.com/x/px/p/PH/ 		43 B
414 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%223105%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat%22%3A%22started%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fnypost.com%252F2023%252F04%252F13%252Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%252F%22%2C%22lv%22%3A%2223.725.1446%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.54.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-54-32.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:54 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 694c2ab22098fd212b8d6808ee6c5aaa.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P1
x-amz-rid
6NC5MA0F5M3F5CMSYKB2
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
no-cache
content-length
43
x-amz-cf-id
stNwlRR-n6o23lUX-y9nmPpiqis78rn_-Cv-jOLHLPVWgaFMhwE-hw==
%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%223105%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat...
aax.amazon-adsystem.com/x/px/p/PH/ 		43 B
415 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%223105%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat%22%3A%22started%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fnypost.com%252F2023%252F04%252F13%252Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%252F%22%2C%22lv%22%3A%2223.725.1446%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.54.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-54-32.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:54 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 694c2ab22098fd212b8d6808ee6c5aaa.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P1
x-amz-rid
QD9AKGPVRD89BJ4MRZY2
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
no-cache
content-length
43
x-amz-cf-id
pGZlkegMmFEoDotgGz4RWYmTB4mGOPMoaJStHzMMHpfIX76nAhhWCw==
bid
aax.amazon-adsystem.com/e/dtb/ 		221 B
551 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3105&u=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&pid=enBxaSzyeoPUQ&cb=0&ws=1600x1200&v=23.725.1446&t=1500&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-rec_atf%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x251%22%2C%221x1%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F5850%2Fpost.desktop%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-billb_atf%22%2C%22s%22%3A%5B%22970x90%22%2C%22970x250%22%2C%22978x250%22%2C%221x1%22%2C%221x11%22%5D%2C%22sn%22%3A%22%2F5850%2Fpost.desktop%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-rec_btf%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x252%22%2C%22300x600%22%2C%221x1%22%5D%2C%22sn%22%3A%22%2F5850%2Fpost.desktop%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-rec_widget%22%2C%22s%22%3A%5B%22300x255%22%2C%22300x250%22%2C%22300x600%22%2C%221x1%22%5D%2C%22sn%22%3A%22%2F5850%2Fpost.desktop%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-custom%22%2C%22s%22%3A%5B%221x12%22%5D%2C%22sn%22%3A%22%2F5850%2Fpost.desktop%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-skin%22%2C%22s%22%3A%5B%221x2%22%2C%221x1%22%5D%2C%22sn%22%3A%22%2F5850%2Fpost.desktop%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-inline%22%2C%22s%22%3A%5B%221x7%22%2C%221x1%22%5D%2C%22sn%22%3A%22%2F5850%2Fpost.desktop%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-overlay_fullpage%22%2C%22s%22%3A%5B%221x4%22%2C%221x1%22%5D%2C%22sn%22%3A%22%2F5850%2Fpost.desktop%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-native%22%2C%22s%22%3A%5B%221x6%22%2C%221x1%22%5D%2C%22sn%22%3A%22%2F5850%2Fpost.desktop%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.54.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-54-32.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
56ca4f4ce6bd0aca06c71ca0202571897e0456a97a587e80827afb33fed418c4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:55 GMT
via
1.1 f577ca8c3771798c088df2efc06d2bc4.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P1
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://nypost.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
221
x-amz-cf-id
ziAYIx1w7aX_9IFwyyQMZ4aK2ME_rlzAW55UHDu02kW108PuHzCNcQ==
%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%223105%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat...
aax.amazon-adsystem.com/x/px/p/PH/ 		43 B
414 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%223105%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat%22%3A%22started%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fnypost.com%252F2023%252F04%252F13%252Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%252F%22%2C%22lv%22%3A%2223.725.1446%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.54.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-54-32.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:54 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 694c2ab22098fd212b8d6808ee6c5aaa.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P1
x-amz-rid
CSHFCE4H9PDY9WVQJTD0
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
no-cache
content-length
43
x-amz-cf-id
p_UY3UACqGnSHxTQ_ukTcdYXWASzgC6tF0hrAnVoa9cRoq8FCPjiFA==
bid
aax.amazon-adsystem.com/e/dtb/ 		221 B
659 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3105&u=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&pid=enBxaSzyeoPUQ&cb=1&ws=1600x1200&v=23.725.1446&t=6000&slots=%5B%7B%22id%22%3A%22videoSlotName1%22%2C%22mt%22%3A%22v%22%7D%2C%7B%22id%22%3A%22videoSlotName2%22%2C%22mt%22%3A%22v%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.54.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-54-32.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
1999dbeed949fa2152858c559d7ef95be2dae83bed0f1195e4c3569c0d2b9728
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:54 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 f577ca8c3771798c088df2efc06d2bc4.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P1
x-amz-rid
GHRHEF258AY1ZAKPNKFY
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://nypost.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
221
x-amz-cf-id
yFT3K5rvjmzHMzqZ4rJeUE4EK0rFlbvp1mlLINKdMQTEH7_zB340kQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.107.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-107-138.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 11:51:28 GMT
x-amz-version-id
rBtfgJUMGYsy5fZuQwMAU7hSD.fVdF76
content-encoding
gzip
via
1.1 836a4a85ed2221f76e2beedeab244eba.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P3
age
3507
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Sat, 24 Jun 2023 09:19:11 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
aQa_opoCuR-wL6xHqUPGX2YvcNeyd9tJWe0vX4aa7VlzpF-CBaVBZw==
%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%223105%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat...
aax.amazon-adsystem.com/x/px/p/PH/ 		43 B
413 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%223105%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat%22%3A%22cancelled%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fnypost.com%252F2023%252F04%252F13%252Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%252F%22%2C%22lv%22%3A%2223.725.1446%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.54.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-54-32.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:54 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 694c2ab22098fd212b8d6808ee6c5aaa.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P1
x-amz-rid
V6D21M7WAZ3JD69KKS8C
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
no-cache
content-length
43
x-amz-cf-id
plBIHpRkRkMNii66-dfoHDaxRuc3_0QAEtgvFD5grFS5Fxu4oL9OsQ==
styles__ltr.css
www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/ Frame 503E 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Leg3vIiAAAAAByX7xhKbJS8ZzblWErZEWeeILD1&co=aHR0cHM6Ly9ueXBvc3QuY29tOjQ0Mw..&hl=en&v=3kTz7WGoZLQTivI-amNftGZO&size=invisible&cb=bwt9h2oraqm2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2003 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 19:50:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
233986
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24605
x-xss-protection
0
last-modified
Sun, 06 Aug 2023 12:02:10 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 10 Aug 2024 19:50:08 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/ Frame 503E 		438 KB
176 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Leg3vIiAAAAAByX7xhKbJS8ZzblWErZEWeeILD1&co=aHR0cHM6Ly9ueXBvc3QuY29tOjQ0Mw..&hl=en&v=3kTz7WGoZLQTivI-amNftGZO&size=invisible&cb=bwt9h2oraqm2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2003 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
973351a8332ef14670e481d690b0e7d242a6b3c949fdcac75cb767068ee5241c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 05:55:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
197660
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
180114
x-xss-protection
0
last-modified
Sun, 06 Aug 2023 12:02:10 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 11 Aug 2024 05:55:34 GMT
runtime_b4ad65fa381da0648767eee58152de5e.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/runtime_b4ad65fa381da0648767eee58152de5e.br.js
Requested by
Host: tag.bounceexchange.com
URL: https://tag.bounceexchange.com/2045/i.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
8c0918c9505f3e9e1a402db8a8fd2134d799af574e639a3965a0a28ded8cc0b0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 19:01:04 GMT
content-encoding
br
age
1100930
x-guploader-uploadid
ADPycds5-iLiJPpxZLTrkuPGHDmm3PObdpvBWjgBHoFWD6RsObmXqxQ4sx5sTqSVCx1Bu91EZ_yPxPTBSvX6wq6DOXGtsw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
677
last-modified
Mon, 31 Jul 2023 21:36:01 GMT
server
UploadServer
etag
"eefae9361af612ce4ba4df40b85e8e22"
x-goog-generation
1690839361326372
x-goog-hash
crc32c=/u+Zbg==, md5=7vrpNhr2Es5LpN9AuF6OIg==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
677
accept-ranges
bytes
content-type
text/javascript
tcs.dhj
t.nypost.com/1/e/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.nypost.com/1/e/tcs.dhj?dmn=nypost.com
Requested by
Host: nypost.com
URL: https://nypost.com/wp-content/plugins/nyp-aqfer/build/global-aqfer/index.js?ver=b310e3eb23c1ec20bfcc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-8.jfk50.r.cloudfront.net
Software
/
Resource Hash
1e1bebd59e4649e258296b9ba145e36fa40b099cce03ddbdc11fcb1eaeb4ee4f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 0ac640943c2918c03a0350f4e8b083a8.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P5
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
private, max-age=3600
x-robots-tag
noindex, nofollow
content-length
1470
x-amz-cf-id
TeTBQgsFJCBg4m_OwTYZiiH9gVguzUVfmw993JOKdubXduclRWOdAg==
expires
Mon, 14 Aug 2023 13:49:54 GMT
robots.txt
t.skimresources.com/api/v2/ Frame BFB1 		0
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.4808754495638454
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.10 aiohttp/3.8.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:54 GMT
via
1.1 google
cache-control
private, no-store
server
Python/3.10 aiohttp/3.8.4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain charset=UTF-8
px.gif
p.skimresources.com/ 		43 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.skimresources.com/px.gif?ch=1&rn=10.843251493051692
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
date
Mon, 14 Aug 2023 12:49:54 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
px.gif
p.skimresources.com/ 		43 B
276 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.skimresources.com/px.gif?ch=2&rn=10.843251493051692
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
date
Mon, 14 Aug 2023 12:49:54 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
skin.js
player.aniview.com/script/custom/unruly/outstream/ 		58 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/custom/unruly/outstream/skin.js?site_id=622640
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/native-loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1402:b800:78d::2c79 Atlanta, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
250e2915fe1cc935369030d50d2ed1ffae880c8c984f8f8557c5f1600a7bfa68

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:54 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdtXT9DSaalHR6p-q9vkJQeqmKIv7rmRDVJSRF--u7vcm-mP0fJpNX14DrqQ4-tqU2gp7hPn3pcPPLf0trUiZIBvSEpjUQh9
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
13166
last-modified
Fri, 03 Feb 2023 12:20:02 GMT
server
UploadServer
etag
"bf7c4b787feae0241663d6bdd96d320c"
vary
Accept-Encoding
x-goog-generation
1675426801992604
content-type
application/javascript
content-language
en
x-goog-hash
crc32c=kXKgiA==, md5=v3xLeH/q4CQWY9a92W0yDA==
access-control-expose-headers
Content-Type
access-control-allow-origin
*
cache-control
public, no-transform, max-age=600
x-goog-stored-content-length
13166
accept-ranges
bytes
expires
Mon, 14 Aug 2023 12:59:54 GMT
pixels
aniview-diag-server.1rx.io/ 		0
76 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aniview-diag-server.1rx.io/pixels?adslotid=189f41884314621a74c6cd8&siteid=622640&iframe=false&siteenv=html&page=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&clientver=1.0.0&pageloadid=189f418843137656f4c9900&cb=1692017394737&event=tag_load&message=Ani%20View%20Wrapper%20load%20on%20the%20page&event_time=2023-08-14%2012%3A49%3A54
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.127.206.102 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:54 GMT
content-length
0
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=6390601&cs_it=b8&cv=3.6&ns__t=1692017394739&ns_c=UTF-8&cj=1&c7=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pintere...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6390601&cs_it=b8&cv=3.6&ns__t=1692017394739&ns_c=UTF-8&cj=1&c7=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinter...
0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=6390601&cs_it=b8&cv=3.6&ns__t=1692017394739&ns_c=UTF-8&cj=1&c7=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&c8=Secret%20Service%20tracking%20Onlyfans%2C%20Twitch%2C%20Pinterest%20websites&c9=
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Server
18.164.96.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-43.jfk50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:55 GMT
via
1.1 eb2e4893b47f0d155cd51b82c2a8d596.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
JFK50-P5
x-amz-cf-id
cVq1WzqgwvBMq17T3Lpyd0wwLRrHxoY7WgpcMBPld8lJhY5rrYcyfQ==
x-cache
Miss from cloudfront

Redirect headers

date
Mon, 14 Aug 2023 12:49:54 GMT
via
1.1 eb2e4893b47f0d155cd51b82c2a8d596.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
location
/b2?c1=2&c2=6390601&cs_it=b8&cv=3.6&ns__t=1692017394739&ns_c=UTF-8&cj=1&c7=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&c8=Secret%20Service%20tracking%20Onlyfans%2C%20Twitch%2C%20Pinterest%20websites&c9=
content-length
0
x-amz-cf-id
CjEmSTtcw6AMiZiiGtgbr43-k8HKgrQ2QPtq1R71fzA2hpn7KhXkmQ==
b-e09f10f-a7b8af42.js
tagan.adlightning.com/nc-nypost/ 		79 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/nc-nypost/b-e09f10f-a7b8af42.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-92.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e68d4edfd3b5b56d6eed01e4eb7dbf84b09cbedf45b75e469efd0037d1f18e8e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 04:25:16 GMT
content-encoding
gzip
via
1.1 e757cbc96b92081ef389914316ecb50c.cloudfront.net (CloudFront)
x-amz-version-id
6k5eMeThttbKLkbqFc7t6mVojRaDpPI7
x-amz-cf-pop
EWR53-C3
age
30279
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30187
x-amz-meta-git_commit
e09f10f
last-modified
Mon, 05 Jun 2023 16:32:15 GMT
server
AmazonS3
etag
"e38307f2b2c7da81aa3de8af486f6e21"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
L2L7cUWYA8xCsFLfH7asB0NR9QD70mwixjs8WZoJ27VXMovu4E8buQ==
bl-0211e21-8e8d3089.js
tagan.adlightning.com/nc-nypost/ 		70 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/nc-nypost/bl-0211e21-8e8d3089.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-92.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1bdec2c2ad47a9294d4692739fe33d05a37b89967be1e597306be24bb84515c6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 04:25:16 GMT
content-encoding
gzip
via
1.1 e757cbc96b92081ef389914316ecb50c.cloudfront.net (CloudFront)
x-amz-version-id
ZzPD82MtfkyzXFf5Yjqqbf_nNhzd6ury
x-amz-cf-pop
EWR53-C3
age
30279
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30114
x-amz-meta-git_commit
0211e21
last-modified
Sat, 12 Aug 2023 11:31:12 GMT
server
AmazonS3
etag
"db9187ac33943a893b5ebac7e271ab39"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
NYd1B6-dJBfty6FkyAsQCfl5aYa-ztkCDAezhZ4uJuaU5gW1dD400g==
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::200e Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:34:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
899
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
697
x-xss-protection
0
last-modified
Fri, 30 Jun 2023 18:58:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 14 Aug 2023 13:34:55 GMT
publisher:getClientId
ampcid.google.com/v1/ 		3 B
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200e Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 14 Aug 2023 12:49:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://nypost.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
ob_extra_injections.js
widgets.outbrain.com/keystone/injections/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/keystone/injections/ob_extra_injections.js?e=2
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.220.189.76 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-189-76.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
8f6e1c5cf951a248d57f249395b07aeaaaff351fcc118d5ef0da05de5e642cb5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-request-headers
X-OB-STG,X-OB-PRD
date
Mon, 14 Aug 2023 12:49:54 GMT
content-encoding
gzip
content-length
1813
last-modified
Wed, 26 Jul 2023 13:21:49 GMT
server
AkamaiNetStorage
etag
"2214623448090610e00b44c2c239442d:1690378104.417626"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=3600
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
expires
Mon, 14 Aug 2023 13:49:54 GMT
px.gif
widget-pixels.outbrain.com/widget/detect/ 		43 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.220.189.76 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-189-76.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires
Wed, 13 Sep 2023 12:49:54 GMT
date
Mon, 14 Aug 2023 12:49:54 GMT
last-modified
Wed, 30 Sep 2020 14:22:29 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
43
access-control-request-headers
X-OB-STG,X-OB-PRD
output.js
www.zergnet.com/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zergnet.com/output.js?id=33405&time=1692017394938&sc=1&callback=json6163575
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.210.73.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-210-73-124.compute-1.amazonaws.com
Software
nginx /
Resource Hash
00c77ac833f1a05fc40097b5b433b5e30a0d3c0c4d93ec95aacb4ba5c5bcaaa9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:54 GMT
content-encoding
gzip
server
nginx
p3p
CP="ZergNet does not have a P3P policy. Learn why here: http://www.zergnet.com/p3p"
content-type
application/javascript; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Mon, 26 Jul 1997 05:00:00 GMT
j
rp4.liadm.com/
Redirect Chain
  • https://rp.liadm.com/j?dtstmp=1692017394940&aid=a-01qt&se=e30&duid=37577191df7a--01h7t1h0vpksc8abk7zsfr004m&tna=v2.7.10&pu=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfa...
  • https://rp4.liadm.com/j?dtstmp=1692017394940&aid=a-01qt&se=e30&duid=37577191df7a--01h7t1h0vpksc8abk7zsfr004m&tna=v2.7.10&pu=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyf...
43 B
582 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rp4.liadm.com/j?dtstmp=1692017394940&aid=a-01qt&se=e30&duid=37577191df7a--01h7t1h0vpksc8abk7zsfr004m&tna=v2.7.10&pu=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&ext__pubcid=e27f856b-b396-4c82-98f1-d0573477e720&us_privacy=1---&wpn=lc-bundle&c=PHRpdGxlPlNlY3JldCBTZXJ2aWNlIHRyYWNraW5nIE9ubHlmYW5zLCBUd2l0Y2gsIFBpbnRlcmVzdCB3ZWJzaXRlczwvdGl0bGU-PGxpbmsgcmVsPSJjYW5vbmljYWwiIGhyZWY9Imh0dHBzOi8vd3d3LmZveGJ1c2luZXNzLmNvbS9wb2xpdGljcy9zZWNyZXQtc2VydmljZS10cmFja2luZy1vbmx5ZmFucy1waW50ZXJlc3QtdHdpdGNoLXdlYnNpdGVzLWRvY3VtZW50cy1yZXZlYWwiPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSJEb2N1bWVudHMgc2hvdyB0aGUgVVMgU2VjcmV0IFNlcnZpY2UgaGFzIGJlZW4gdHJhY2tpbmcgd2Vic2l0ZXMgbGlrZSBPbmx5RmFucywgUGludGVyZXN0IGFuZCBUd2l0Y2ggYWxvbmcgd2l0aCBzb2NpYWwgbWVkaWEgcGxhdGZvcm1zIEZhY2Vib29rIGFuZCBUd2l0dGVyLiI-PGgxIGNsYXNzPSJoZWFkbGluZSBoZWFkbGluZS0tc2luZ2xlIj4KCQlTZWNyZXQgU2VydmljZSB0cmFja2luZyBPbmx5RmFucywgUGludGVyZXN0LCBUd2l0Y2ggd2Vic2l0ZXMsIGRvY3VtZW50cyByZXZlYWwJPC9oMT48dGl0bGU-QmFjayBCdXR0b248L3RpdGxlPjx0aXRsZT5TZWFyY2ggSWNvbjwvdGl0bGU-PHRpdGxlPkZpbHRlciBJY29uPC90aXRsZT4&i6=MjAwMTo1NTA6MWQwNToxOjo5&n3pc=true
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Server
44.213.233.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-213-233-180.compute-1.amazonaws.com
Software
/
Resource Hash
561f49e7560b02f72da6625f7acdbc628765225984bbed60c93209020471620b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:55 GMT
x-pixel-event-id
d3d98a7c-0769-4c3e-9f6e-3ae1f124b460
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
strict-transport-security
max-age=31536000; includeSubDomains
x-frame-options
DENY
vary
Origin
content-type
application/json
request-time
0
access-control-allow-origin
null
access-control-allow-credentials
true
trace-id
c36ed7c11186c622
content-length
43
x-xss-protection
1; mode=block

Redirect headers

date
Mon, 14 Aug 2023 12:49:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
vary
Origin
location
https://rp4.liadm.com/j?dtstmp=1692017394940&aid=a-01qt&se=e30&duid=37577191df7a--01h7t1h0vpksc8abk7zsfr004m&tna=v2.7.10&pu=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&ext__pubcid=e27f856b-b396-4c82-98f1-d0573477e720&us_privacy=1---&wpn=lc-bundle&c=PHRpdGxlPlNlY3JldCBTZXJ2aWNlIHRyYWNraW5nIE9ubHlmYW5zLCBUd2l0Y2gsIFBpbnRlcmVzdCB3ZWJzaXRlczwvdGl0bGU-PGxpbmsgcmVsPSJjYW5vbmljYWwiIGhyZWY9Imh0dHBzOi8vd3d3LmZveGJ1c2luZXNzLmNvbS9wb2xpdGljcy9zZWNyZXQtc2VydmljZS10cmFja2luZy1vbmx5ZmFucy1waW50ZXJlc3QtdHdpdGNoLXdlYnNpdGVzLWRvY3VtZW50cy1yZXZlYWwiPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSJEb2N1bWVudHMgc2hvdyB0aGUgVVMgU2VjcmV0IFNlcnZpY2UgaGFzIGJlZW4gdHJhY2tpbmcgd2Vic2l0ZXMgbGlrZSBPbmx5RmFucywgUGludGVyZXN0IGFuZCBUd2l0Y2ggYWxvbmcgd2l0aCBzb2NpYWwgbWVkaWEgcGxhdGZvcm1zIEZhY2Vib29rIGFuZCBUd2l0dGVyLiI-PGgxIGNsYXNzPSJoZWFkbGluZSBoZWFkbGluZS0tc2luZ2xlIj4KCQlTZWNyZXQgU2VydmljZSB0cmFja2luZyBPbmx5RmFucywgUGludGVyZXN0LCBUd2l0Y2ggd2Vic2l0ZXMsIGRvY3VtZW50cyByZXZlYWwJPC9oMT48dGl0bGU-QmFjayBCdXR0b248L3RpdGxlPjx0aXRsZT5TZWFyY2ggSWNvbjwvdGl0bGU-PHRpdGxlPkZpbHRlciBJY29uPC90aXRsZT4&i6=MjAwMTo1NTA6MWQwNToxOjo5&n3pc=true
access-control-allow-origin
https://nypost.com
request-time
0
access-control-allow-credentials
true
trace-id
5a20d75459ba2cd0
content-length
0
x-xss-protection
1; mode=block
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308090102/ 		400 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308090102/pubads_impl.js?cb=31076971
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
238331d3bee21cf334365e5e4f91796e9cc156e3c01c4f0f07cb11a4883158ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:55:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
6885
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129196
x-xss-protection
0
server
cafe
etag
4052064757744512332
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 13 Aug 2024 10:55:09 GMT
pxid
0cf17917-395b-4f25-91cc-db3bdd6044b0.prmutv.co/v2.0/ 		46 B
388 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://0cf17917-395b-4f25-91cc-db3bdd6044b0.prmutv.co/v2.0/pxid?k=8716c0bf-3e57-4603-9c05-89d10477c922
Requested by
Host: 0cf17917-395b-4f25-91cc-db3bdd6044b0.edge.permutive.app
URL: https://0cf17917-395b-4f25-91cc-db3bdd6044b0.edge.permutive.app/f34a8612-9c89-4e7a-adeb-71a2902d9634-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.9.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.9.241.35.bc.googleusercontent.com
Software
Permutive /
Resource Hash
a9b168a2a7b125d366fb25871096baff96192b60fb25e9dd524b0fe5399dca59

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 14 Aug 2023 12:49:55 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://nypost.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64
getuidj
ib.adnxs.com/ 		29 B
701 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/getuidj
Requested by
Host: 0cf17917-395b-4f25-91cc-db3bdd6044b0.edge.permutive.app
URL: https://0cf17917-395b-4f25-91cc-db3bdd6044b0.edge.permutive.app/f34a8612-9c89-4e7a-adeb-71a2902d9634-web.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.132 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
3bc623916f9da4e29b62d5682392830eebc2511cd1ec62c96b3b6a0306af02e9
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:55 GMT
an-x-request-uuid
89596d08-2303-4cd5-b1c1-8be4062737f6
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nypost.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
38.132.118.69; 38.132.118.69; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
29
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
r.skimresources.com/api/ 		208 B
405 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.skimresources.com/api/
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/93051X1547088.skimlinks.js?ver=1.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
101.59.190.35.bc.googleusercontent.com
Software
openresty/1.19.9.1 /
Resource Hash
cc69cfc4dafc52b381c78e94b540956947b479478ff005b2b8fd8f15091fece8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 14 Aug 2023 12:49:55 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
gzip
server
openresty/1.19.9.1
via
1.1 google
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://nypost.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
00d8a118-ead8-4ad9-89d2-2943345db32c
https://nypost.com/ 		106 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://nypost.com/00d8a118-ead8-4ad9-89d2-2943345db32c
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0f3c3764cca0c1427274c98291edacac65a70e577e7a31cf1b42a01741490b8e

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Length
108644
Content-Type
0ae73c44-921f-4d33-b24a-7d2fca98a10b
https://nypost.com/ 		106 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://nypost.com/0ae73c44-921f-4d33-b24a-7d2fca98a10b
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0f3c3764cca0c1427274c98291edacac65a70e577e7a31cf1b42a01741490b8e

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Length
108644
Content-Type
iu3
s.amazon-adsystem.com/ Frame 1D15
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&dcc=t
350 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&dcc=t
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
2dccdd26bcba69a611b2c82493a7ec52efb25a1156d9b1a3e4b0ab68ba98405b
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
350
Content-Type
text/html;charset=ISO-8859-1
Date
Mon, 14 Aug 2023 12:49:55 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
ZXEJTTXMQA7EAMZQR8BJ

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Mon, 14 Aug 2023 12:49:55 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
XAXYHGVPG7TCV71JGYR7
flyout
api.nypdev.com/cdp/zephr/content/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.nypdev.com/cdp/zephr/content/flyout?gaClientId=1624615099.1692017395
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.172.4.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-4-172.compute-1.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-eval' 'unsafe-inline'; object-src 'none'
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
GET
Origin
https://nypost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,Authorization
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
*
content-length
0
content-security-policy
default-src https: 'unsafe-eval' 'unsafe-inline'; object-src 'none'
content-type
application/json
date
Mon, 14 Aug 2023 12:49:55 GMT
server
nginx
strict-transport-security
max-age=63072000
x-content-type-options
nosniff
x-frame-options
DENY
flyout
api.nypdev.com/cdp/zephr/content/ 		89 B
437 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.nypdev.com/cdp/zephr/content/flyout?gaClientId=1624615099.1692017395
Requested by
Host: nypost.com
URL: https://nypost.com/wp-content/plugins/nyp-zephr/build/app.bundle.min.js?ver=fff68af0505af779fefa
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.172.4.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-4-172.compute-1.amazonaws.com
Software
nginx /
Resource Hash
2cb3bbe98fc61e41a70ef122d0128c5db5d8a835bd0253df0c0be75b626fac7f
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-eval' 'unsafe-inline'; object-src 'none'
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
accept-language
en-US,en;q=0.9
Authorization
Basic QGxsZXk6dmZEVEJPM1Y3cnJ5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 14 Aug 2023 12:49:55 GMT
content-security-policy
default-src https: 'unsafe-eval' 'unsafe-inline'; object-src 'none'
x-content-type-options
nosniff
strict-transport-security
max-age=63072000
server
nginx
x-frame-options
DENY
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
access-control-allow-headers
Content-Type,Authorization
content-length
89
get
mv.outbrain.com/Multivac/api/ 		21 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&idx=0&rand=87109&widgetJSId=SL_2&va=true&format=vjapi&pubInState=0&settings=true&recs=true&key=NANOWDGT01&adblck=false&abwl=false&ab=0&wl=0&umv=1&activeTab=true&version=2010414&sig=NCKxbSGa&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpa=1---&ccpaStat=1&chs=1&ogn=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.30.132 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a4dd1cd805b5b06bdd8d29fcbfefc39bf617dcb6c6cdccb9cca67d0b504cad8a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-cache-hits
0
date
Mon, 14 Aug 2023 12:49:55 GMT
content-encoding
br
via
1.1 varnish
traffic-path
NYDC1, IAD, USA_EAST1
x-cache
MISS
p3p
policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
x-traceid
8b0499ebc50f4e710c83820855fb187e
content-length
9997
x-served-by
cache-iad-kiad7000168-IAD
pragma
no-cache
x-timer
S1692017395.385752,VS0,VE68
vary
Accept-Encoding, User-Agent
content-type
text/x-json; charset=UTF-8
cache-control
no-cache
accept-ranges
bytes
expires
Thu, 01 Jan 1970 00:00:00 GMT
f34a8612-9c89-4e7a-adeb-71a2902d9634-models.bin
cdn.permutive.com/models/v2/ 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.permutive.com/models/v2/f34a8612-9c89-4e7a-adeb-71a2902d9634-models.bin
Requested by
Host: 0cf17917-395b-4f25-91cc-db3bdd6044b0.edge.permutive.app
URL: https://0cf17917-395b-4f25-91cc-db3bdd6044b0.edge.permutive.app/f34a8612-9c89-4e7a-adeb-71a2902d9634-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.150.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78c494f627e3b2e9caf4bd092dab298329ab49eba6cc059d3fc698d1077417a7

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 14 Aug 2023 12:49:55 GMT
content-encoding
gzip
cf-cache-status
HIT
x-goog-meta-oid
0cf17917-395b-4f25-91cc-db3bdd6044b0
age
0
x-guploader-uploadid
ADPycdvWe2lIGMLuoCOR7r_ohAiCP-L99c9RGL_nl3cC5aTEuaqYxhELmjD7HJH8j-EN9XgQIqN0w2Hq1OGsb0frWUt9sVXadxz-
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
5155
last-modified
Mon, 14 Aug 2023 06:03:13 GMT
server
cloudflare
etag
"a98323a885b80c9cb2c1026bef4b7899"
vary
Accept-Encoding
x-goog-generation
1691992993306128
content-type
application/x-binary
access-control-allow-origin
*
x-goog-hash
crc32c=aQZTlg==, md5=qYMjqIW4DJyywQJr70t4mQ==
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=900, no-transform
x-goog-stored-content-length
5155
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7f695210fcb7221a-MIA
expires
Mon, 14 Aug 2023 12:22:42 GMT
geoip
api.permutive.com/v2.0/ 		285 B
391 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=8716c0bf-3e57-4603-9c05-89d10477c922
Requested by
Host: 0cf17917-395b-4f25-91cc-db3bdd6044b0.edge.permutive.app
URL: https://0cf17917-395b-4f25-91cc-db3bdd6044b0.edge.permutive.app/f34a8612-9c89-4e7a-adeb-71a2902d9634-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
f826f59070a141c3599d0b89ee2683cb7bf9527dd350a227096f62f45f9144fa

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 14 Aug 2023 12:49:55 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://nypost.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
201
watson
api.permutive.com/v2.0/ 		2 B
87 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/watson?k=8716c0bf-3e57-4603-9c05-89d10477c922
Requested by
Host: 0cf17917-395b-4f25-91cc-db3bdd6044b0.edge.permutive.app
URL: https://0cf17917-395b-4f25-91cc-db3bdd6044b0.edge.permutive.app/f34a8612-9c89-4e7a-adeb-71a2902d9634-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 14 Aug 2023 12:49:55 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://nypost.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22
i
v2.pixel.newscgp.com/ 		43 B
203 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://v2.pixel.newscgp.com/i?stm=1692017395276&e=pv&url=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&page=Page-View&eid=dea0fbfa-5704-4315-818c-7254acd59eca&tv=js-3.4.0&tna=_ncg__0&aid=newsconnect-global&p=web&cookie=1&cs=UTF-8&lang=en-US&res=1600x1200&cd=24&tz=Pacific%2FHonolulu&dtm=1692017395272&vp=1600x1200&ds=1600x6391&vid=1&sid=83b0ffdc-e8df-43d1-8c6a-21115ae84f1e&duid=acced7cc-e7c0-4390-ae29-35396c2349c9&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoiaWdsdTpjb20ubmV3c2NncC9ha2EvanNvbnNjaGVtYS8xLTAtMCIsImRhdGEiOnsidXNlcl9pZCI6IiIsInVzZXJfcHJvdmlkZXIiOiIiLCJ1c2VyX21lbXR5cGUiOiJhbm9ueW1vdXMiLCJ1c2VyX25ld3NsZXR0ZXJfaWQiOiIiLCJ1c2VyX25ld3NsZXR0ZXJfcHJvdmlkZXIiOiIiLCJicm93c2VyX2RtcF9pZCI6IjdlNTE0YWJjLTBhMzEtNGYwMy05MGNhLWJhYWNlODZjMmIyYSIsImJyb3dzZXJfZG1wX3Byb3ZpZGVyIjoicGVybXV0aXZlIiwiYnJvd3Nlcl9hZHNfcHBpZCI6IiIsImJyb3dzZXJfYWRzX3Byb3ZpZGVyIjoiIiwiYnJvd3Nlcl9hbmFseXRpY3NfaWQiOiIiLCJicm93c2VyX2FuYWx5dGljc19wcm92aWRlciI6IiIsImJyb3dzZXJfbmNnX2lkIjoiIn19LHsic2NoZW1hIjoiaWdsdTpjb20ubmV3c2NncC9hcnRpY2xlL2pzb25zY2hlbWEvMS0wLTAiLCJkYXRhIjp7ImFydGljbGVfaWQiOiIyNjU3MDAyNyIsImFydGljbGVfc291cmNlIjoiRm94IEJ1c2luZXNzIiwiYXJ0aWNsZV9wdWJsaXNoZWRfdGltZSI6IjIwMjMvMDQvMTMgMDQ6MzU6MDMiLCJjb250ZW50X3R5cGUiOiJhcnRpY2xlIiwic2VjdGlvbiI6Im5ld3MiLCJzdWJzZWN0aW9uIjoic2VjcmV0IHNlcnZpY2UiLCJzdWJzdWJzZWN0aW9uIjoiIiwic3Vic3Vic3Vic2VjdGlvbiI6IiIsInN1YnN1YnN1YnN1YnNlY3Rpb24iOiIiLCJhcnRpY2xlX3BhaWRfY29udGVudF90eXBlIjoiIn19LHsic2NoZW1hIjoiaWdsdTpjb20uc25vd3Bsb3dhbmFseXRpY3Muc25vd3Bsb3cvd2ViX3BhZ2UvanNvbnNjaGVtYS8xLTAtMCIsImRhdGEiOnsiaWQiOiJhZTExNWI0Zi1kZjljLTRmZWQtYWEzYi1jNzQ2NjcxM2ZjYTMifX1dfQ
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/ncg/ncg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.180.215 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
215.180.102.34.bc.googleusercontent.com
Software
akka-http/10.2.7 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:54 GMT
via
1.1 google
server
akka-http/10.2.7
content-type
image/gif
access-control-allow-origin
https://nypost.com
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
26570027
api-2-0.spot.im/v1.0.0/config/ab_test/sp_Sx8YukwE/ 		141 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/config/ab_test/sp_Sx8YukwE/26570027
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.8.1/launcher/480-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-22.jfk50.r.cloudfront.net
Software
fasthttp /
Resource Hash
fdf5974389a7888219f4128e059af26e59f2cfe4244aaefd58f00aa4e0d7b58b
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

Accept
application/json
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
x-spotim-device-uuid
a3319bef-f26a-424c-8ba0-adaa5e0ce096
x-spotim-page-view-id
9221dbf5-e9ec-44c1-b0d4-bb1aa758a98a
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 14 Aug 2023 12:49:55 GMT
via
1.1 d8e93128b8c3fa45992684bc1f50eeb8.cloudfront.net (CloudFront)
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
strict-transport-security
max-age=31536000
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
content-length
141
x-request-id
11a95350-3aa1-11ee-82ff-76d1ecac74c7
server
fasthttp
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://nypost.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url
x-amz-cf-id
QZRSE1OWV41xdAfwuj4m_trUYQO5qQ_vOba1i1gSlVpcOx1wovJifQ==
26570027
api-2-0.spot.im/v1.0.0/config/ab_test/sp_Sx8YukwE/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/config/ab_test/sp_Sx8YukwE/26570027
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-22.jfk50.r.cloudfront.net
Software
fasthttp /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-spotim-device-uuid,x-spotim-page-view-id
Access-Control-Request-Method
GET
Origin
https://nypost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://nypost.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age
86400
content-length
0
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
date
Mon, 14 Aug 2023 12:49:55 GMT
server
fasthttp
strict-transport-security
max-age=31536000
via
1.1 b5fe18267507cb61755963d8928a60f4.cloudfront.net (CloudFront)
x-amz-cf-id
t5D63rgQaQFYycquhJwZf9S3e-Cp6teVcMD2a-Pw6cL9B3NGnxpYBg==
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 503E 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2003 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 17:24:31 GMT
x-content-type-options
nosniff
age
242724
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Fri, 18 Aug 2023 17:24:31 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 503E 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Leg3vIiAAAAAByX7xhKbJS8ZzblWErZEWeeILD1&co=aHR0cHM6Ly9ueXBvc3QuY29tOjQ0Mw..&hl=en&v=3kTz7WGoZLQTivI-amNftGZO&size=invisible&cb=bwt9h2oraqm2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2003 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 07:41:31 GMT
x-content-type-options
nosniff
age
277704
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Aug 2024 07:41:31 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 503E 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Leg3vIiAAAAAByX7xhKbJS8ZzblWErZEWeeILD1&co=aHR0cHM6Ly9ueXBvc3QuY29tOjQ0Mw..&hl=en&v=3kTz7WGoZLQTivI-amNftGZO&size=invisible&cb=bwt9h2oraqm2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2003 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 10:39:53 GMT
x-content-type-options
nosniff
age
439802
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 08 Aug 2024 10:39:53 GMT
main-v2_484755c27a072c7ddf441cedd48102db.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		593 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_484755c27a072c7ddf441cedd48102db.br.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
38235bc84ace333aca458c28a8919c858d979260405df01652aaaedda904aff7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 10 Aug 2023 20:26:18 GMT
content-encoding
br
age
318217
x-guploader-uploadid
ADPycdtEJvkuj_2TJLoHLY0n1r5a_1AGt0tUvpmL4lKK6vWLaBSq8VJnmqggURg7aG2PL2KaoyR8STq9qqZr7NZxuaHPkg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
116164
last-modified
Thu, 10 Aug 2023 20:26:09 GMT
server
UploadServer
etag
"b91cc81b29226769f8e2880bf090eac1"
x-goog-generation
1691699169185494
x-goog-hash
crc32c=XndOOw==, md5=uRzIGykiZ2n44ogL8JDqwQ==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
116164
accept-ranges
bytes
content-type
text/javascript
cjs_min_0c63e4216cfe4fb383696453c6313332.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		72 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_0c63e4216cfe4fb383696453c6313332.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
ae0f5662b237fd882a27992f48cb371a9e23549295d4b3c85aea0b1de5890938

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 05:11:30 GMT
content-encoding
gzip
age
459505
x-guploader-uploadid
ADPycdtnC7UBNNFPCS6cl40LfwVqPHY9S7PyMwAbR0NJnIzmNQuNTkaxfjyYhWK2lEm7YzZQCKKPiOLA7GhkKftOFqvb
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26227
last-modified
Thu, 03 Aug 2023 17:22:50 GMT
server
UploadServer
etag
"962eb8585706622fb5f4759e98e08b64"
x-goog-generation
1691083370812015
x-goog-hash
crc32c=sD+XZA==, md5=li64WFcGYi+19HWemOCLZA==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000,no-transform
x-goog-stored-content-length
26227
accept-ranges
bytes
content-type
text/javascript; charset=utf-8
ts_.htm
t.nypost.com/a/ Frame 4709 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://t.nypost.com/a/ts_.htm?ver=1.1229.65&cid=c057
Requested by
Host: t.nypost.com
URL: https://t.nypost.com/1/e/tcs.dhj?dmn=nypost.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-8.jfk50.r.cloudfront.net
Software
/
Resource Hash
f52a25986db575f3b50734266b36cfe7d8e6889805d089e9963ae3b064aa7dc3

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=604800
content-encoding
gzip
content-length
1149
content-type
text/html
date
Mon, 14 Aug 2023 12:49:55 GMT
expires
Mon, 21 Aug 2023 12:49:55 GMT
via
1.1 0ac640943c2918c03a0350f4e8b083a8.cloudfront.net (CloudFront)
x-amz-cf-id
3pM61KtEWA7Oc4de91b414wUHyLmmULC6pqu0OsyON401hA_rrlM6w==
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-robots-tag
noindex, nofollow
collect
www.google-analytics.com/j/ 		3 B
23 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1381752064&t=pageview&_s=1&dl=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&ul=en-us&de=UTF-8&dt=Secret%20Service%20tracking%20Onlyfans%2C%20Twitch%2C%20Pinterest%20websites&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAiEAjBAQCACAAI~&jid=790072370&gjid=1596975082&cid=1624615099.1692017395&tid=UA-3922003-6&_gid=853817950.1692017395&_slc=1&cd88=1624615099.1692017395&cd8=desktop&cd3=facebook%2Conlyfans%2Cpinterest%2Csecret%20service%2CTwitch%2Ctwitter&cd2=Fox%20Business&cd1=article&cd5=standard&cd6=Secret%20Service%20tracking%20OnlyFans%2C%20Pinterest%2C%20Twitch%20websites%2C%20documents%20reveal&cd7=Secret%20Service%20tracking%20OnlyFans%2C%20Pinterest%2C%20Twitch%20websites%3A%20documents&cd12=Secret%20Service%20tracking%20OnlyFans%2C%20Pinterest%2C%20Twitch%20websites%2C%20documents%20reveal&cd9=2023-04-13&cd10=04%3A%2035&cd11=26570027&cd4=news&cd15=secret%20service&cd87=Outbrain%20Guarantee&cd16=349&cd17=no&cd40=no&cd44=no&cd54=true&cd76=In-line&cd21=yes&cd46=false&cg1=article&cg2=news&cg3=nypost.com&z=754371825
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::200e Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		2 B
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-3922003-6&cid=1624615099.1692017395&jid=790072370&gjid=1596975082&_gid=853817950.1692017395&_u=aGBAiEAjBAQCAGAAI~&z=421513426
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 14 Aug 2023 12:49:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
skin-622640.json
video.unrulymedia.com/native/skins/ 		2 KB
1021 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.unrulymedia.com/native/skins/skin-622640.json
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/custom/unruly/outstream/skin.js?site_id=622640
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:184e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f11fff395615749f7d73545799ed746cab0761185e45db32432454cdbf7cfa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:55 GMT
x-amz-version-id
4fvlVpFMHlqUKCISxwDuMyS3IMa8ZXSc
content-encoding
gzip
cf-cache-status
DYNAMIC
x-amz-request-id
ZT0QRXC9AQBBCCE0
x-amz-server-side-encryption
AES256
x-amz-id-2
wIQMIqkWtqEkBmIdyddbJrOFOv81xiSNa3SWXAA1EXHcNKOM5Hg7wKZ6/SRgY/p2df2meCLstKA=
x-amz-expiration
expiry-date="Sat, 03 Aug 2030 00:00:00 GMT", rule-id="Delete after 7 years"
last-modified
Fri, 04 Aug 2023 18:40:58 GMT
server
cloudflare
etag
W/"1dea42d96c6ebb0a28394c7bfacb01b5"
access-control-max-age
3000
access-control-allow-methods
HEAD, GET
content-type
application/json
access-control-allow-origin
https://nypost.com
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-credentials
true
cache-control
max-age=3600
cf-ray
7f6952112a018dae-MIA
track
track1.aniview.com/ 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?pid=603f65a2e291680ef30af9c7&cid=6265145b67ce6a604d44ebf5&cb=1692017395365&r=nypost.com&stagid=62af35d851923c62777207b4&stplid=&cd10=&e=c9&cd11=1-run
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.206.193.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-193-111.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:55 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/ 		0
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?pid=603f65a2e291680ef30af9c7&cid=6265145b67ce6a604d44ebf5&cb=1692017395365&r=nypost.com&stagid=62af35d851923c62777207b4&stplid=&cd10=622640&e=c9&cd11=2-tag
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.206.193.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-193-111.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:55 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/png
webworker.js
www.google.com/recaptcha/api2/ Frame 503E 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=3kTz7WGoZLQTivI-amNftGZO
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Leg3vIiAAAAAByX7xhKbJS8ZzblWErZEWeeILD1&co=aHR0cHM6Ly9ueXBvc3QuY29tOjQ0Mw..&hl=en&v=3kTz7WGoZLQTivI-amNftGZO&size=invisible&cb=bwt9h2oraqm2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2004 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
0d62c80e8180a2c275d761c5fb681cc5b0e41fff53d32926ebed430f91f511c9
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Leg3vIiAAAAAByX7xhKbJS8ZzblWErZEWeeILD1&co=aHR0cHM6Ly9ueXBvc3QuY29tOjQ0Mw..&hl=en&v=3kTz7WGoZLQTivI-amNftGZO&size=invisible&cb=bwt9h2oraqm2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112
x-xss-protection
1; mode=block
expires
Mon, 14 Aug 2023 12:49:55 GMT
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:3800:a:e047:753:6381 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
null
Date
Mon, 14 Aug 2023 09:10:38 GMT
Via
1.1 079cd4553da15b2329bffae6abe6157e.cloudfront.net (CloudFront)
Last-Modified
Thu, 04 May 2023 00:14:06 GMT
Server
AmazonS3
X-Amz-Cf-Pop
JFK50-P6
Age
13158
x-amz-server-side-encryption
AES256
ETag
"4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1858
X-Amz-Cf-Id
4ubnpt8mUXJFKQTGlYejSmZ9kkcjsbAneSsFiAxDMokvD4G-vTgR_A==
esp.js
cdn.id5-sync.com/api/1.0/ 		112 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0c750b97759124bffe209a81cfb7a3aa05dd20ca1168314348cb865254f1ce2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:55 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 02 Aug 2023 11:32:19 GMT
server
cloudflare
x-amz-request-id
S6NP39NVV7GDMDPE
age
715
etag
W/"25c6f4638264ba52fb77e06351d38d61"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7f6952127e45da73-MIA
x-amz-id-2
mWn9g5Y/TntRtzz/Q6fU730GNOS70YiyysGsoRwtYwppv6MNaBbIfCYzWZR8bkcZWyeVgmOhur0=
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-34.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:15:10 GMT
content-encoding
gzip
via
1.1 c3e66686bc7ab6e675ee9210e15097b6.cloudfront.net (CloudFront)
last-modified
Wed, 31 May 2023 20:34:33 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
age
2086
etag
W/"550ead3a95bd6cfcd917d45c5f8f4553"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
pyYUsx6T_w0VVosuZNTTZcSVTyoYV8NWZAPv271_xXXs8-MPWwsP0Q==
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:55 GMT
via
1.1 google, 1.1 google
last-modified
Thu, 03 Aug 2023 03:28:51 GMT
server
Google Frontend
etag
fc4e6bfe266081c4873c6f08c8298e5c
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
f02a52ea9e2fa21c9ab5ec5e2512389a
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1207
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
901 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 14 Aug 2023 12:49:55 GMT
x-content-type-options
nosniff
content-encoding
br
age
5379
x-jsd-version
master
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
439
x-served-by
cache-fra-eddf8230042-FRA, cache-mia-kmia1760070-MIA
x-jsd-version-type
branch
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
publishertag.ids.js
static.criteo.net/js/ld/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
14b4caf239342334bf7b8280605e60f67c33c589762047b8bd67c0552fdb80a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:55 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 03 Aug 2023 11:12:29 GMT
server
nginx
etag
W/"64cb8b9d-aa04"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 15 Aug 2023 12:49:55 GMT
ob.js
cdn-ima.33across.com/ 		40 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ob.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.112 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41fd4ed5ad93e39cd84d043e905e66e3bbb9dbb50cf2d7bbf68bfeef79f3d3cc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:55 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 04 Aug 2023 18:38:49 GMT
server
cloudflare
age
332126
etag
W/"64cd45b9-a13f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
7f6952129d9125be-MIA
expires
Thu, 17 Aug 2023 12:49:55 GMT
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 11:30:01 GMT
content-encoding
gzip
age
1559994
x-guploader-uploadid
ADPycduZeMOdpcxYBkiLrPf9w7igF41p4Ei9bN_IcL1P85eMdLV2LUwDM211oYBRl5pXHgJhsx3CYK81JCHc4yvrVwPKUg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Fri, 26 Jul 2024 11:30:01 GMT
ScrNykYo-120.vtt
assets-jpcust.jwpsrv.com/strips/
Redirect Chain
  • https://cdn.jwplayer.com/strips/ScrNykYo-120.vtt
  • https://assets-jpcust.jwpsrv.com/strips/ScrNykYo-120.vtt
2 KB
667 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://assets-jpcust.jwpsrv.com/strips/ScrNykYo-120.vtt
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a17854e578b5d293036c60bbad19647a50911232b844893802cf3da03f98059a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:55 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
810
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
296
x-served-by
cache-iad-kjyo7100143-IAD, cache-mia-kmia1760068-MIA
last-modified
Sun, 13 Aug 2023 13:57:35 GMT
server
nginx
x-timer
S1692017396.941729,VS0,VE0
etag
"bf828fa6d56e7e4ea8abe31052ac8468"
vary
Accept-Encoding
content-type
text/vtt
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
1108, 6

Redirect headers

date
Mon, 14 Aug 2023 12:49:51 GMT
via
1.1 284419e56e7f935ce4c1c55765241348.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
EWR53-C1
age
4
x-cache
Hit from cloudfront
content-type
text/html
location
https://assets-jpcust.jwpsrv.com/strips/ScrNykYo-120.vtt
access-control-allow-origin
*
x-robots-tag
noindex, indexifembedded
content-length
166
x-amz-cf-id
FdIxOn6AVBK2qcMG6fAz10aeDsBYDO_sY_NSpXNSmTxe6andL2e5Ng==
related.js
ssl.p.jwpcdn.com/player/v/8.27.1/ 		102 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.27.1/related.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0292c490af46fed8c95fb0d728a9db44f964cd7f997af76f9bc95daf7b5f7259

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:55 GMT
content-encoding
gzip
via
1.1 varnish
age
7061157
x-cache
HIT
content-length
24956
x-served-by
cache-mia-kmia1760020-MIA
last-modified
Mon, 22 May 2023 06:27:33 GMT
server
AmazonS3
x-timer
S1692017396.582694,VS0,VE0
etag
"8852a3bfeb824346f0798be2a04f58d1"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
363403
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-0DZ7LHF5PZ&gtm=45je3890&_p=1381752064&cid=1624615099.1692017395&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1692017395&sct=1&seg=0&dl=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&dt=Secret%20Service%20tracking%20Onlyfans%2C%20Twitch%2C%20Pinterest%20websites&en=Buffer&_fv=1&_ss=1&_ee=1&ep.event_category=JW%20Player%20Video&ep.event_label=https%3A%2F%2Fcdn.jwplayer.com%2Fmanifests%2FScrNykYo.m3u8&ep.event_action=Buffer&ep.non_interaction=true
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0DZ7LHF5PZ&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::200e Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:55 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1381752064&t=event&_s=2&dl=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&ul=en-us&de=UTF-8&dt=Secret%20Service%20tracking%20Onlyfans%2C%20Twitch%2C%20Pinterest%20websites&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Player%20Load&ea=SPdDOYds&el=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&_u=aHBAiEAjBAQCAGAAI~&jid=&gjid=&cid=1624615099.1692017395&tid=UA-3922003-6&_gid=853817950.1692017395&cd88=1624615099.1692017395&cd8=desktop&cd3=facebook%2Conlyfans%2Cpinterest%2Csecret%20service%2CTwitch%2Ctwitter&cd2=Fox%20Business&cd1=article&cd5=standard&cd6=Secret%20Service%20tracking%20OnlyFans%2C%20Pinterest%2C%20Twitch%20websites%2C%20documents%20reveal&cd7=Secret%20Service%20tracking%20OnlyFans%2C%20Pinterest%2C%20Twitch%20websites%3A%20documents&cd12=Secret%20Service%20tracking%20OnlyFans%2C%20Pinterest%2C%20Twitch%20websites%2C%20documents%20reveal&cd9=2023-04-13&cd10=04%3A%2035&cd11=26570027&cd4=news&cd15=secret%20service&cd87=Outbrain%20Guarantee&cd16=349&cd17=no&cd40=no&cd44=no&cd54=true&cd76=In-line&cd21=yes&cd46=false&cg1=article&cg2=news&cg3=nypost.com&cd25=&cd28=SPdDOYds&cd35=no&cd36=1&cd43=featured&z=954298800
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::200e Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 09:41:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
11282
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1381752064&t=event&_s=3&dl=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&ul=en-us&de=UTF-8&dt=Secret%20Service%20tracking%20Onlyfans%2C%20Twitch%2C%20Pinterest%20websites&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Video%20Load%20Start&ea=Today%27s%20Video%20Headlines%3A%208%2F13%2F23%20%7C%2054%20seconds%20%7C%202023-08-13&el=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&_u=aHBAiEAjBAQCAGAAI~&jid=&gjid=&cid=1624615099.1692017395&tid=UA-3922003-6&_gid=853817950.1692017395&cd88=1624615099.1692017395&cd8=desktop&cd3=facebook%2Conlyfans%2Cpinterest%2Csecret%20service%2CTwitch%2Ctwitter&cd2=Fox%20Business&cd1=article&cd5=standard&cd6=Secret%20Service%20tracking%20OnlyFans%2C%20Pinterest%2C%20Twitch%20websites%2C%20documents%20reveal&cd7=Secret%20Service%20tracking%20OnlyFans%2C%20Pinterest%2C%20Twitch%20websites%3A%20documents&cd12=Secret%20Service%20tracking%20OnlyFans%2C%20Pinterest%2C%20Twitch%20websites%2C%20documents%20reveal&cd9=2023-04-13&cd10=04%3A%2035&cd11=26570027&cd4=news&cd15=secret%20service&cd87=Outbrain%20Guarantee&cd16=349&cd17=no&cd40=no&cd44=no&cd54=true&cd76=In-line&cd21=yes&cd46=false&cg1=article&cg2=news&cg3=nypost.com&cd25=&cd28=SPdDOYds&cd35=no&cd36=1&cd43=featured&cd22=ScrNykYo&cd23=Sun%20Aug%2013%202023&cd24=news%2Cfair%20use%2CTODAYS-HEADLINES%2CHeadlines%3A%20no-playlist&cd26=video%20landing%20page&cd38=1&z=93602276
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::200e Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 09:41:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
11282
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
bridge3.584.2_en.html
imasdk.googleapis.com/js/core/ Frame 0C37 		718 KB
231 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ef0267d5ec7e7ef7a525893a3fe2d6833c3a3810a12d45907c2017e9c45159a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
524888
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
235822
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Tue, 08 Aug 2023 11:01:47 GMT
expires
Wed, 07 Aug 2024 11:01:47 GMT
last-modified
Wed, 02 Aug 2023 14:27:41 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.166 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f6.1e100.net
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 14 Aug 2023 12:49:55 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 21B9 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:16:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2007
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 14 Aug 2023 13:16:28 GMT
identify
api.permutive.com/v2.0/ 		50 B
88 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/identify?k=8716c0bf-3e57-4603-9c05-89d10477c922
Requested by
Host: 0cf17917-395b-4f25-91cc-db3bdd6044b0.edge.permutive.app
URL: https://0cf17917-395b-4f25-91cc-db3bdd6044b0.edge.permutive.app/f34a8612-9c89-4e7a-adeb-71a2902d9634-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
98dc2fbe32b46dca7cca91570af0fcbb2f09d331ae236bd7c92585c84a7b1e3f

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 14 Aug 2023 12:49:55 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://nypost.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70
page
t.skimresources.com/api/v2/ 		22 B
88 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.skimresources.com/api/v2/page
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/93051X1547088.skimlinks.js?ver=1.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.10 aiohttp/3.8.4 /
Resource Hash
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:55 GMT
via
1.1 google
x-content-type-options
nosniff
server
Python/3.10 aiohttp/3.8.4
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8, application/javascript
access-control-allow-origin
https://nypost.com
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
content-length
22
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
link
t.skimresources.com/api/v2/ 		22 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.skimresources.com/api/v2/link
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/93051X1547088.skimlinks.js?ver=1.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.10 aiohttp/3.8.4 /
Resource Hash
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:55 GMT
via
1.1 google
x-content-type-options
nosniff
server
Python/3.10 aiohttp/3.8.4
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8, application/javascript
access-control-allow-origin
https://nypost.com
warning
299 - "Deprecated API"
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
content-length
22
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
71582a0711f2554fb81483ba3a699723bc2e66d95
rebelhen.com/4596af21acb/ 		198 B
225 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rebelhen.com/4596af21acb/71582a0711f2554fb81483ba3a699723bc2e66d95
Requested by
Host: rebelhen.com
URL: https://rebelhen.com/v2csnUsFoH1XR1oW51-C6NQBdGmIS6hRimi-eyRebi0VRmqDrwM_hCHQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:7416::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
f73e5da3c86a48d12d6c1712a2cd7a86fae5ac5892847fef6bd00e9597d2acf4
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Mon, 14 Aug 2023 12:49:55 GMT
via
1.1 google
x-buildnumber
960914163
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
198
x-datacenter
gce-us-east1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nypost.com
x-hostname
fen-hoothoot-us-east1-test-jrrc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Mon, 14 Aug 2023 12:49:54 GMT
24aec7b7-34ac-4418-a3f8-451c303ab239
https://nypost.com/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://nypost.com/24aec7b7-34ac-4418-a3f8-451c303ab239
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
a-01qt
i.liadm.com/s/c/ Frame 4296 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://i.liadm.com/s/c/a-01qt?s=&cim=&ps=true&ls=true&duid=37577191df7a--01h7t1h0vpksc8abk7zsfr004m&ppid=0&euns=1&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1---&
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.23.70.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-23-70-212.compute-1.amazonaws.com
Software
/
Resource Hash
c2cde34834b982a9deb57720370764bc7d37392b7b69309b24d355092f6d8cae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-cache, max-age=0
Connection
keep-alive
Content-Encoding
gzip
Content-Length
696
Content-Type
text/html; charset=UTF-8
Date
Mon, 14 Aug 2023 12:49:55 GMT
Request-Time
28
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
baker
sli.nypost.com/ 		0
306 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sli.nypost.com/baker?dtstmp=1692017395702
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23ca:fe00:9:41bd:8d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:55 GMT
via
1.1 8ca36406fe3aa11c1641e5bc917c8a74.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
JFK50-P2
x-cache
FunctionGeneratedResponse from cloudfront
content-type
image/gif
content-length
0
x-amz-cf-id
nzMeQ9XjH8phVblWo6hsMgJOe1o-DDVc3n_idUQWIBTyx0MHtk4OQQ==
api
ls.skimresources.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ls.skimresources.com/api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.117.212 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
212.117.120.34.bc.googleusercontent.com
Software
Python/3.10 aiohttp/3.8.4 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://nypost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://nypost.com
access-control-max-age
1728000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain charset=UTF-8
date
Mon, 14 Aug 2023 12:49:55 GMT
server
Python/3.10 aiohttp/3.8.4
via
1.1 google
api
ls.skimresources.com/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ls.skimresources.com/api
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/93051X1547088.skimlinks.js?ver=1.0.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.117.212 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
212.117.120.34.bc.googleusercontent.com
Software
Python/3.10 aiohttp/3.8.4 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-type
application/json

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:55 GMT
via
1.1 google
x-content-type-options
nosniff
server
Python/3.10 aiohttp/3.8.4
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nypost.com
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
content-length
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pr
s.amazon-adsystem.com/v3/ Frame 25DD 		3 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
cca23143ebf37532b958d2f5c4714d8e6c2a6da3434769a4503361cd69671f54
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
3195
Content-Type
text/html;charset=ISO-8859-1
Date
Mon, 14 Aug 2023 12:49:55 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
KAYHTKM62P3M7H8XG993
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-3922003-6&cid=1624615099.1692017395&jid=790072370&_u=aGBAiEAjBAQCAGAAI~&z=1236671518
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2004 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.1.1/ Frame D6F6 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/custom/unruly/outstream/skin.js?site_id=622640
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::200a Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 17:17:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
243158
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30244
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Aug 2024 17:17:18 GMT
cookie_sync
pg-prebid-server.rubiconproject.com/ 		3 KB
870 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pg-prebid-server.rubiconproject.com/cookie_sync
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/prebid/nyp/pb.js?ver=1.0.2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
2689e04993ea216d08ca70fed81820dc0c3add7b106c72dc136e5f84eb3c9ce6

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
Content-Type
application/json
access-control-allow-origin
https://nypost.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
603
Expires
0
auction
pg-prebid-server.rubiconproject.com/openrtb2/ 		186 B
472 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pg-prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/prebid/nyp/pb.js?ver=1.0.2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
f94e678ac837b79270f596a071ab5cb73a9527606d3528c2bd7f4f0bb83855c2

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/1.127.0
Content-Type
application/json
access-control-allow-origin
https://nypost.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
177
Expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
334 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=214337
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/prebid/nyp/pb.js?ver=1.0.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5201d037f3fe8601635742a2349c32b57c0f088e1962f25307452db32a907bb

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:56 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iNOgUBNEhmkpxEQXXbAX32uRojdUrwiUstmZlCoyXixdvfbMn%2BRPpYESOnsiEJ26eoOqM0wN4p3i6zihSpZOkmsgmcLDlA%2F7NmK17OuCv9IyYDz%2BFmNGsb5e4YexzteKrSryctnV"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://nypost.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7f6952144df28dd3-MIA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
prebid
ib.adnxs.com/ut/v3/ 		483 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/prebid/nyp/pb.js?ver=1.0.2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.132 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
b2b70ce5a2f2465de003e045f72fd3c665deb75e199d3dc1f3cac8b2330c550a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:56 GMT
an-x-request-uuid
6dc40406-5032-4cd7-a724-44a98c698bbd
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nypost.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
38.132.118.69; 38.132.118.69; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
483
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
prebid.media.net/rtb/ 		1 KB
1008 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU3I8M1G
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/prebid/nyp/pb.js?ver=1.0.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
dd65833f02dc4f3993499ab953fc281a487c0162a043d687ec1823a9e7d3062c

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:56 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=utf-8
access-control-allow-origin
https://nypost.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Mon, 14 Aug 2023 12:49:56 GMT
auction
tlx.3lift.com/header/ 		19 B
522 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.39.0&referrer=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&tmax=2000&us_privacy=1---
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/prebid/nyp/pb.js?ver=1.0.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.84.197.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-197-253.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:56 GMT
accept-ch
sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
adreq
ads.servenobid.com/ 		10 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=5874
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/prebid/nyp/pb.js?ver=1.0.2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.181.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-181-173.compute-1.amazonaws.com
Software
/
Resource Hash
437f7ed45b365db0e1c6468b30311091e263cc9397687c3ec3967c5731361ca5

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 14 Aug 2023 12:49:56 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://nypost.com
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ 		557 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11076&site_id=26782&zone_id=111194&size_id=57&p_pos=atf&us_privacy=1---&eid_pubcid.org=e27f856b-b396-4c82-98f1-d0573477e720%5E1&rf=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&kw=News%2Cfacebook%2Conlyfans%2Cpinterest%2Csecret%20service%2CTwitch%2Ctwitter%2C&tg_i.page=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&tg_i.domain=nypost.com&tg_i.name=nypost.com&tg_i.cat=IAB1%2CIAB12%2CIAB17&tg_i.page_type=article&tg_i.testgroup=85&tg_i.pagesection=news&tg_i.pagetype=article&tg_i.pbadslot=%2F5850%2Fpost.desktop%2Fbillb_atf%2Fnews%2Fstories&tk_flint=pbjs_lite_v7.39.0&x_source.tid=8c42e3b5-0b11-4d88-b423-c9d07ea7e5e9&l_pb_bid_id=47282eb0928412c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F5850%2Fpost.desktop%2Fbillb_atf%2Fnews%2Fstories&slots=1&rand=0.5293989466083189
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/prebid/nyp/pb.js?ver=1.0.2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::43 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
1d960633f9d4f3883fc4e37c17124c015600d49f67bb331eb110ccbf1a885933

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:56 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
557
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		575 B
939 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11076&site_id=26782&zone_id=111194&size_id=15&alt_size_ids=10&p_pos=atf&us_privacy=1---&eid_pubcid.org=e27f856b-b396-4c82-98f1-d0573477e720%5E1&rf=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&kw=News%2Cfacebook%2Conlyfans%2Cpinterest%2Csecret%20service%2CTwitch%2Ctwitter%2C&tg_i.page=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&tg_i.domain=nypost.com&tg_i.name=nypost.com&tg_i.cat=IAB1%2CIAB12%2CIAB17&tg_i.page_type=article&tg_i.testgroup=85&tg_i.pagesection=news&tg_i.pagetype=article&tg_i.pbadslot=%2F5850%2Fpost.desktop%2Frec_atf%2Fnews%2Fstories&tk_flint=pbjs_lite_v7.39.0&x_source.tid=9862f9a1-cf8e-46b0-81bf-710b1cae7568&l_pb_bid_id=488172c32c99e38&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F5850%2Fpost.desktop%2Frec_atf%2Fnews%2Fstories&slots=1&rand=0.3057885474818325
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/prebid/nyp/pb.js?ver=1.0.2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::43 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
2d57d64b0d7464fe9fe09cac21d5d21701de75215eae7c14af52ad51cc78245a

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:57 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
575
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		575 B
914 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11076&site_id=26782&zone_id=199542&size_id=15&alt_size_ids=10&p_pos=atf&us_privacy=1---&eid_pubcid.org=e27f856b-b396-4c82-98f1-d0573477e720%5E1&rf=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&kw=News%2Cfacebook%2Conlyfans%2Cpinterest%2Csecret%20service%2CTwitch%2Ctwitter%2C&tg_i.page=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&tg_i.domain=nypost.com&tg_i.name=nypost.com&tg_i.cat=IAB1%2CIAB12%2CIAB17&tg_i.page_type=article&tg_i.testgroup=85&tg_i.pagesection=news&tg_i.pagetype=article&tg_i.pbadslot=%2F5850%2Fpost.desktop%2Frec_btf%2Fnews%2Fstories&tk_flint=pbjs_lite_v7.39.0&x_source.tid=1fd8fc27-30bd-456d-aa73-567b85a80ac3&l_pb_bid_id=4959900be19859a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F5850%2Fpost.desktop%2Frec_btf%2Fnews%2Fstories&slots=1&rand=0.8183269615749127
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/prebid/nyp/pb.js?ver=1.0.2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::43 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
a76674ac30c78c1540d744665ed5ccef621d3ee9fd2fda70761b35fc5358fd96

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:56 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
575
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		578 B
919 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11076&site_id=26782&zone_id=199544&size_id=15&alt_size_ids=10&p_pos=atf&us_privacy=1---&eid_pubcid.org=e27f856b-b396-4c82-98f1-d0573477e720%5E1&rf=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&kw=News%2Cfacebook%2Conlyfans%2Cpinterest%2Csecret%20service%2CTwitch%2Ctwitter%2C&tg_i.page=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&tg_i.domain=nypost.com&tg_i.name=nypost.com&tg_i.cat=IAB1%2CIAB12%2CIAB17&tg_i.page_type=article&tg_i.testgroup=85&tg_i.pagesection=news&tg_i.pagetype=article&tg_i.pbadslot=%2F5850%2Fpost.desktop%2Frec_widget%2Fnews%2Fstories&tk_flint=pbjs_lite_v7.39.0&x_source.tid=03834d8c-be5e-4559-8e92-d3358d6e26f4&l_pb_bid_id=50fe78d24d34edc&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F5850%2Fpost.desktop%2Frec_widget%2Fnews%2Fstories&slots=1&rand=0.1495304971215774
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/prebid/nyp/pb.js?ver=1.0.2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::43 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
b38f3fd75de23296536e7e330c028000af88eb0f228959eb3b1d55920fd63af0

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:56 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
578
expires
Wed, 17 Sep 1975 21:32:10 GMT
auction
elb.the-ozone-project.com/openrtb2/ 		129 B
993 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/openrtb2/auction
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/prebid/nyp/pb.js?ver=1.0.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.6.50 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1934e5d5035066a6841b2f752c8b943a09442a2bee1903a8729eb441e1b3b9f6

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:56 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7f6952150c398daf-MIA
expires
0
hbjson
grid.bidswitch.net/ 		24 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson?sp=trustx
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/prebid/nyp/pb.js?ver=1.0.2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.207.44.74 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
74.44.207.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
3deca228885e45583293924edf896128b563691f6d7ec3527f2dbba703ffed90

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 14 Aug 2023 12:49:56 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
501 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969d8c0175756611146b215ea900ca&pos=8a969c7d017676f2e531f77e856a00f8&cmd=bid&eidpubcid.org=e27f856b-b396-4c82-98f1-d0573477e720&secure=1&us_privacy=1---
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/prebid/nyp/pb.js?ver=1.0.2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
0d1a994269a6be2e3504c4f2dce71980d8c9b8be12cdedb9997da9f18362ebfa

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 14 Aug 2023 12:49:56 GMT
content-encoding
gzip
server
ATS/9.1.10.57
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://nypost.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969d8c0175756611146b215ea900ca&pos=8a9694bc017676612aaf6290836e00de&cmd=bid&eidpubcid.org=e27f856b-b396-4c82-98f1-d0573477e720&secure=1&us_privacy=1---
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/prebid/nyp/pb.js?ver=1.0.2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
6bc8568545c1b9f2a3c6ee7892cdef2ff0d5a75e7157559e0124c0aa5d2766d1

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 14 Aug 2023 12:49:56 GMT
content-encoding
gzip
server
ATS/9.1.10.57
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://nypost.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969d8c0175756611146b215ea900ca&pos=8a9691300176766126a26290a8ec00f4&cmd=bid&eidpubcid.org=e27f856b-b396-4c82-98f1-d0573477e720&secure=1&us_privacy=1---
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/prebid/nyp/pb.js?ver=1.0.2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
16b301cfef6fed7abfc211fc81211e98c5a6c5dd7f906dbd39d6545835c1cda3

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 14 Aug 2023 12:49:56 GMT
content-encoding
gzip
server
ATS/9.1.10.57
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://nypost.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969d8c0175756611146b215ea900ca&pos=8a9694bc017676612aaf6290bac700ec&cmd=bid&eidpubcid.org=e27f856b-b396-4c82-98f1-d0573477e720&secure=1&us_privacy=1---
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/prebid/nyp/pb.js?ver=1.0.2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
a72d67ceee9fabb9f63fa3dea4b94ef32c1a2c3d22b7b653e4a0ff96bdb2a3a6

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 14 Aug 2023 12:49:56 GMT
content-encoding
gzip
server
ATS/9.1.10.57
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://nypost.com
access-control-allow-credentials
true
content-length
80
cdb
bidder.criteo.com/ 		0
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.39.0&cb=33603008569&lsavail=1
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/prebid/nyp/pb.js?ver=1.0.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://nypost.com
date
Mon, 14 Aug 2023 12:49:56 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
bid
krk.kargo.com/api/v2/ 		2 B
655 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://krk.kargo.com/api/v2/bid?json=%7B%22sessionId%22%3A%22603c7a19-f503-4d8f-b293-802b25959e04%22%2C%22requestCount%22%3A0%2C%22timeout%22%3A2000%2C%22currency%22%3A%22USD%22%2C%22cpmGranularity%22%3A1%2C%22timestamp%22%3A1692017395905%2C%22cpmRange%22%3A%7B%22floor%22%3A0%2C%22ceil%22%3A20%7D%2C%22bidIDs%22%3A%7B%22723acadfd099ba6%22%3A%22_fomZp7UJsG%22%2C%2273c765aa14aa5cf%22%3A%22_o5pE7T6j5A%22%2C%227425b405b0361d2%22%3A%22_o5pE7T6j5A%22%2C%22750cff8fdc5ca23%22%3A%22_o5pE7T6j5A%22%7D%2C%22bidSizes%22%3A%7B%22723acadfd099ba6%22%3A%5B%5B970%2C250%5D%5D%2C%2273c765aa14aa5cf%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%2C%227425b405b0361d2%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%2C%22750cff8fdc5ca23%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%7D%2C%22device%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%2C%22sua%22%3A%7B%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%7D%7D%2C%22prebidRawBidRequests%22%3A%5B%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_fomZp7UJsG%22%7D%2C%22userId%22%3A%7B%22pubcid%22%3A%22e27f856b-b396-4c82-98f1-d0573477e720%22%7D%2C%22userIdAsEids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22e27f856b-b396-4c82-98f1-d0573477e720%22%2C%22atype%22%3A1%7D%5D%7D%5D%2C%22ortb2Imp%22%3A%7B%22ext%22%3A%7B%22tid%22%3A%228c42e3b5-0b11-4d88-b423-c9d07ea7e5e9%22%2C%22data%22%3A%7B%22adserver%22%3A%7B%22name%22%3A%22gam%22%2C%22adslot%22%3A%22%2F5850%2Fpost.desktop%2Fbillb_atf%2Fnews%2Fstories%22%7D%2C%22pbadslot%22%3A%22%2F5850%2Fpost.desktop%2Fbillb_atf%2Fnews%2Fstories%22%7D%2C%22gpid%22%3A%22%2F5850%2Fpost.desktop%2Fbillb_atf%2Fnews%2Fstories%22%7D%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22pos%22%3A1%2C%22sizes%22%3A%5B%5B970%2C250%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22div-gpt-ad-billb_atf%22%2C%22transactionId%22%3A%228c42e3b5-0b11-4d88-b423-c9d07ea7e5e9%22%2C%22sizes%22%3A%5B%5B970%2C250%5D%5D%2C%22bidId%22%3A%22723acadfd099ba6%22%2C%22bidderRequestId%22%3A%2271f7fa3d2856e67%22%2C%22auctionId%22%3A%229f29a693-8066-49c2-8257-d87e5ecc29e3%22%2C%22src%22%3A%22client%22%2C%22metrics%22%3A%7B%22userId.init.gdpr%22%3A%5B0%5D%2C%22userId.mod.init%22%3A%5B6.3000030517578125%2C2.1999969482421875%2C0.5999984741210938%5D%2C%22userId.mods.sharedId.init%22%3A%5B6.3000030517578125%5D%2C%22userId.mods.uid2.init%22%3A%5B2.1999969482421875%5D%2C%22userId.mods.unifiedId.init%22%3A%5B0.5999984741210938%5D%2C%22userId.init.modules%22%3A%5B14.200004577636719%5D%2C%22requestBids.usp%22%3A0.40000152587890625%2C%22requestBids.userId%22%3A0.5999984741210938%2C%22requestBids.rtd%22%3A141.4000015258789%2C%22requestBids.validate%22%3A0.5999984741210938%2C%22requestBids.makeRequests%22%3A8.699996948242188%2C%22adapter.client.validate%22%3A0.09999847412109375%2C%22adapters.client.kargo.validate%22%3A0.09999847412109375%7D%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%2C%22ortb2%22%3A%7B%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F%22%2C%22domain%22%3A%22nypost.com%22%2C%22keywords%22%3A%22News%2Cfacebook%2Conlyfans%2Cpinterest%2Csecret%20service%2CTwitch%2Ctwitter%22%2C%22publisher%22%3A%7B%22domain%22%3A%22nypost.com%22%7D%2C%22name%22%3A%22nypost.com%22%2C%22cat%22%3A%5B%22IAB1%22%2C%22IAB12%22%2C%22IAB17%22%5D%2C%22page_type%22%3A%22article%22%2C%22testgroup%22%3A%2285%22%2C%22ext%22%3A%7B%22data%22%3A%7B%22pagesection%22%3A%22news%22%2C%22pagetype%22%3A%22article%22%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F115.0.5790.170%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D%7D%7D%7D%2C%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_o5pE7T6j5A%22%7D%2C%22userId%22%3A%7B%22pubcid%22%3A%22e27f856b-b396-4c82-98f1-d0573477e720%22%7D%2C%22userIdAsEids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22e27f856b-b396-4c82-98f1-d0573477e720%22%2C%22atype%22%3A1%7D%5D%7D%5D%2C%22ortb2Imp%22%3A%7B%22ext%22%3A%7B%22tid%22%3A%229862f9a1-cf8e-46b0-81bf-710b1cae7568%22%2C%22data%22%3A%7B%22adserver%22%3A%7B%22name%22%3A%22gam%22%2C%22adslot%22%3A%22%2F5850%2Fpost.desktop%2Frec_atf%2Fnews%2Fstories%22%7D%2C%22pbadslot%22%3A%22%2F5850%2Fpost.desktop%2Frec_atf%2Fnews%2Fstories%22%7D%2C%22gpid%22%3A%22%2F5850%2Fpost.desktop%2Frec_atf%2Fnews%2Fstories%22%7D%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22pos%22%3A1%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22div-gpt-ad-rec_atf%22%2C%22transactionId%22%3A%229862f9a1-cf8e-46b0-81bf-710b1cae7568%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%2C%22bidId%22%3A%2273c765aa14aa5cf%22%2C%22bidderRequestId%22%3A%2271f7fa3d2856e67%22%2C%22auctionId%22%3A%229f29a693-8066-49c2-8257-d87e5ecc29e3%22%2C%22src%22%3A%22client%22%2C%22metrics%22%3A%7B%22userId.init.gdpr%22%3A%5B0%5D%2C%22userId.mod.init%22%3A%5B6.3000030517578125%2C2.1999969482421875%2C0.5999984741210938%5D%2C%22userId.mods.sharedId.init%22%3A%5B6.3000030517578125%5D%2C%22userId.mods.uid2.init%22%3A%5B2.1999969482421875%5D%2C%22userId.mods.unifiedId.init%22%3A%5B0.5999984741210938%5D%2C%22userId.init.modules%22%3A%5B14.200004577636719%5D%2C%22requestBids.usp%22%3A0.40000152587890625%2C%22requestBids.userId%22%3A0.5999984741210938%2C%22requestBids.rtd%22%3A141.4000015258789%2C%22requestBids.validate%22%3A0.5999984741210938%2C%22requestBids.makeRequests%22%3A8.699996948242188%2C%22adapter.client.validate%22%3A0.09999847412109375%2C%22adapters.client.kargo.validate%22%3A0.09999847412109375%7D%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%2C%22ortb2%22%3A%7B%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F%22%2C%22domain%22%3A%22nypost.com%22%2C%22keywords%22%3A%22News%2Cfacebook%2Conlyfans%2Cpinterest%2Csecret%20service%2CTwitch%2Ctwitter%22%2C%22publisher%22%3A%7B%22domain%22%3A%22nypost.com%22%7D%2C%22name%22%3A%22nypost.com%22%2C%22cat%22%3A%5B%22IAB1%22%2C%22IAB12%22%2C%22IAB17%22%5D%2C%22page_type%22%3A%22article%22%2C%22testgroup%22%3A%2285%22%2C%22ext%22%3A%7B%22data%22%3A%7B%22pagesection%22%3A%22news%22%2C%22pagetype%22%3A%22article%22%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F115.0.5790.170%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D%7D%7D%7D%2C%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_o5pE7T6j5A%22%7D%2C%22userId%22%3A%7B%22pubcid%22%3A%22e27f856b-b396-4c82-98f1-d0573477e720%22%7D%2C%22userIdAsEids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22e27f856b-b396-4c82-98f1-d0573477e720%22%2C%22atype%22%3A1%7D%5D%7D%5D%2C%22ortb2Imp%22%3A%7B%22ext%22%3A%7B%22tid%22%3A%221fd8fc27-30bd-456d-aa73-567b85a80ac3%22%2C%22data%22%3A%7B%22adserver%22%3A%7B%22name%22%3A%22gam%22%2C%22adslot%22%3A%22%2F5850%2Fpost.desktop%2Frec_btf%2Fnews%2Fstories%22%7D%2C%22pbadslot%22%3A%22%2F5850%2Fpost.desktop%2Frec_btf%2Fnews%2Fstories%22%7D%2C%22gpid%22%3A%22%2F5850%2Fpost.desktop%2Frec_btf%2Fnews%2Fstories%22%7D%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22pos%22%3A1%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22div-gpt-ad-rec_btf%22%2C%22transactionId%22%3A%221fd8fc27-30bd-456d-aa73-567b85a80ac3%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%2C%22bidId%22%3A%227425b405b0361d2%22%2C%22bidderRequestId%22%3A%2271f7fa3d2856e67%22%2C%22auctionId%22%3A%229f29a693-8066-49c2-8257-d87e5ecc29e3%22%2C%22src%22%3A%22client%22%2C%22metrics%22%3A%7B%22userId.init.gdpr%22%3A%5B0%5D%2C%22userId.mod.init%22%3A%5B6.3000030517578125%2C2.1999969482421875%2C0.5999984741210938%5D%2C%22userId.mods.sharedId.init%22%3A%5B6.3000030517578125%5D%2C%22userId.mods.uid2.init%22%3A%5B2.1999969482421875%5D%2C%22userId.mods.unifiedId.init%22%3A%5B0.5999984741210938%5D%2C%22userId.init.modules%22%3A%5B14.200004577636719%5D%2C%22requestBids.usp%22%3A0.40000152587890625%2C%22requestBids.userId%22%3A0.5999984741210938%2C%22requestBids.rtd%22%3A141.4000015258789%2C%22requestBids.validate%22%3A0.5999984741210938%2C%22requestBids.makeRequests%22%3A8.699996948242188%2C%22adapter.client.validate%22%3A0.09999847412109375%2C%22adapters.client.kargo.validate%22%3A0.09999847412109375%7D%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%2C%22ortb2%22%3A%7B%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F%22%2C%22domain%22%3A%22nypost.com%22%2C%22keywords%22%3A%22News%2Cfacebook%2Conlyfans%2Cpinterest%2Csecret%20service%2CTwitch%2Ctwitter%22%2C%22publisher%22%3A%7B%22domain%22%3A%22nypost.com%22%7D%2C%22name%22%3A%22nypost.com%22%2C%22cat%22%3A%5B%22IAB1%22%2C%22IAB12%22%2C%22IAB17%22%5D%2C%22page_type%22%3A%22article%22%2C%22testgroup%22%3A%2285%22%2C%22ext%22%3A%7B%22data%22%3A%7B%22pagesection%22%3A%22news%22%2C%22pagetype%22%3A%22article%22%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F115.0.5790.170%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D%7D%7D%7D%2C%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_o5pE7T6j5A%22%7D%2C%22userId%22%3A%7B%22pubcid%22%3A%22e27f856b-b396-4c82-98f1-d0573477e720%22%7D%2C%22userIdAsEids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22e27f856b-b396-4c82-98f1-d0573477e720%22%2C%22atype%22%3A1%7D%5D%7D%5D%2C%22ortb2Imp%22%3A%7B%22ext%22%3A%7B%22tid%22%3A%2203834d8c-be5e-4559-8e92-d3358d6e26f4%22%2C%22data%22%3A%7B%22adserver%22%3A%7B%22name%22%3A%22gam%22%2C%22adslot%22%3A%22%2F5850%2Fpost.desktop%2Frec_widget%2Fnews%2Fstories%22%7D%2C%22pbadslot%22%3A%22%2F5850%2Fpost.desktop%2Frec_widget%2Fnews%2Fstories%22%7D%2C%22gpid%22%3A%22%2F5850%2Fpost.desktop%2Frec_widget%2Fnews%2Fstories%22%7D%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22pos%22%3A1%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22div-gpt-ad-rec_widget%22%2C%22transactionId%22%3A%2203834d8c-be5e-4559-8e92-d3358d6e26f4%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%2C%22bidId%22%3A%22750cff8fdc5ca23%22%2C%22bidderRequestId%22%3A%2271f7fa3d2856e67%22%2C%22auctionId%22%3A%229f29a693-8066-49c2-8257-d87e5ecc29e3%22%2C%22src%22%3A%22client%22%2C%22metrics%22%3A%7B%22userId.init.gdpr%22%3A%5B0%5D%2C%22userId.mod.init%22%3A%5B6.3000030517578125%2C2.1999969482421875%2C0.5999984741210938%5D%2C%22userId.mods.sharedId.init%22%3A%5B6.3000030517578125%5D%2C%22userId.mods.uid2.init%22%3A%5B2.1999969482421875%5D%2C%22userId.mods.unifiedId.init%22%3A%5B0.5999984741210938%5D%2C%22userId.init.modules%22%3A%5B14.200004577636719%5D%2C%22requestBids.usp%22%3A0.40000152587890625%2C%22requestBids.userId%22%3A0.5999984741210938%2C%22requestBids.rtd%22%3A141.4000015258789%2C%22requestBids.validate%22%3A0.5999984741210938%2C%22requestBids.makeRequests%22%3A8.699996948242188%2C%22adapter.client.validate%22%3A0.09999847412109375%2C%22adapters.client.kargo.validate%22%3A0.09999847412109375%7D%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%2C%22ortb2%22%3A%7B%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F%22%2C%22domain%22%3A%22nypost.com%22%2C%22keywords%22%3A%22News%2Cfacebook%2Conlyfans%2Cpinterest%2Csecret%20service%2CTwitch%2Ctwitter%22%2C%22publisher%22%3A%7B%22domain%22%3A%22nypost.com%22%7D%2C%22name%22%3A%22nypost.com%22%2C%22cat%22%3A%5B%22IAB1%22%2C%22IAB12%22%2C%22IAB17%22%5D%2C%22page_type%22%3A%22article%22%2C%22testgroup%22%3A%2285%22%2C%22ext%22%3A%7B%22data%22%3A%7B%22pagesection%22%3A%22news%22%2C%22pagetype%22%3A%22article%22%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F115.0.5790.170%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D%7D%7D%7D%5D%2C%22userIDs%22%3A%7B%22crbIDs%22%3A%7B%7D%2C%22usp%22%3A%221---%22%7D%2C%22pageURL%22%3A%22https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/prebid/nyp/pb.js?ver=1.0.2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.175.87.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-175-87-143.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 14 Aug 2023 12:49:56 GMT
Content-Encoding
gzip
X-Accel-Expires
0
Nbr
510
Vary
Accept-Encoding
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://nypost.com
Cache-Control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
26
Expires
Thu, 01 Jan 1970 00:00:00 UTC
nypost
direct.adsrvr.org/bid/bidder/ 		0
394 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://direct.adsrvr.org/bid/bidder/nypost
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/prebid/nyp/pb.js?ver=1.0.2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.250.161.129 , United States, ASN26459 (TTD-ASN-01, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 14 Aug 2023 12:49:55 GMT
x-openrtb-version
2.3
server
Kestrel
content-type
application/json
access-control-allow-origin
https://nypost.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
0
obUserSync.html
widgets.outbrain.com/widgetOBUserSync/ Frame 6AFB 		19 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.220.189.76 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-189-76.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
ee8686e5b72a3d816d62a607cd65e758e9c258ae8a2f941a5413dc6d2e64df13

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
access-control-request-headers
X-OB-STG,X-OB-PRD
cache-control
max-age=604800
content-encoding
gzip
content-length
6040
content-type
text/html
date
Mon, 14 Aug 2023 12:49:55 GMT
etag
"37202485ed061a936935162db30e773e:1683701449.34879"
expires
Mon, 21 Aug 2023 12:49:55 GMT
last-modified
Wed, 10 May 2023 06:16:26 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
vary
Accept-Encoding
l
mcdp-nydc1.outbrain.com/ 		2 B
356 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=475f888df8ebb5eeba23bd665a46f434_770_1692017395441&tm=1038&eT=0&wRV=2010414&pVis=0&lsd=3ebbb7b7-7e3b-46d4-93bf-dc08b9e67ea7&eIdx=&ccpa=1---&cheq=0&oo=false&lo=3105&obreq=2938&mvreq=3930&cet=4g&to=1692017391278.3&umv=1&ll=0&chs=1&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js?ver=1.0.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.255 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 12:49:56 GMT
content-encoding
br
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
content-range
X-TraceId
0a5398984ec92a237210a7d990acd0b6
Content-Length
6
get
mv.outbrain.com/Multivac/api/ 		239 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&idx=1&rand=50158&widgetJSId=AR_3&va=true&et=true&format=html&t=ZjViYTljZDZmZDYxNDE3ZDFjYmZkZDc3YzMwYmViNzk=&px=268&py=3522&vpd=2322&pubInState=0&cw=734&seid=0516ccbb-2895-e51b-0000-0189f41886c6%7C0%7C1&settings=true&recs=true&key=NANOWDGT01&adblck=false&abwl=false&ab=0&wl=0&umv=1&activeTab=true&version=2010414&sig=NCKxbSGa&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpa=1---&ccpaStat=1&chs=1&ogn=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.30.132 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9343caf16ea460f4018323aa5bb980df9dfc65fa7059e8a2a3381d6f2efe1b95

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-cache-hits
0
date
Mon, 14 Aug 2023 12:49:56 GMT
content-encoding
br
via
1.1 varnish
traffic-path
NYDC1, IAD, USA_EAST1
x-timer
S1692017396.958270,VS0,VE869
vary
Accept-Encoding, User-Agent
x-cache
MISS
p3p
policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
content-type
text/javascript; charset=UTF-8
expires
Thu, 01 Jan 1970 00:00:00 GMT
x-traceid
52a1c04d8af503b53a0f3e393127bff3
accept-ranges
bytes
content-length
29818
x-served-by
cache-iad-kiad7000168-IAD
decision-engine
zephr-v4.nypost.com/zephr/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://zephr-v4.nypost.com/zephr/decision-engine?brand=nypost&content_id=26570027&env=production&isExclusiveArticle=&isSportsArticle=&isSportsArticleNonBetting=&primarySection=news&primaryTag=secret-service&sections=news
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.139.29.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-97.jfk50.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://nypost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Origin,Keep-Alive,Content-Type,User-Agent,Referer,Accept-Language,Cookie,Authorization,Cache-Control,Expires,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
access-control-allow-methods
POST,PUT,PATCH,GET,DELETE,OPTIONS,HEAD
access-control-allow-origin
https://nypost.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Mon, 14 Aug 2023 12:49:55 GMT
via
1.1 ef73a156d5c211fdbb7e4231f2a0edca.cloudfront.net (CloudFront)
x-amz-cf-id
MwDv6N7wwrVZ2XCRtKKA3-d-0bmji7LUhNimj4MtG_v6_d27cSQzlA==
x-amz-cf-pop
JFK50-P2
x-cache
Miss from cloudfront
decision-engine
zephr-v4.nypost.com/zephr/ 		22 KB
22 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://zephr-v4.nypost.com/zephr/decision-engine?brand=nypost&content_id=26570027&env=production&isExclusiveArticle=&isSportsArticle=&isSportsArticleNonBetting=&primarySection=news&primaryTag=secret-service&sections=news
Requested by
Host: nypost.com
URL: https://nypost.com/wp-content/plugins/nyp-zephr/build/app.bundle.min.js?ver=fff68af0505af779fefa
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.139.29.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-97.jfk50.r.cloudfront.net
Software
/
Resource Hash
3e7e6ddedaafc66b9f94c08002441292efb61a9d80cd0aca4d808011d32371a5

Request headers

Accept
application/json
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 14 Aug 2023 12:49:56 GMT
via
1.1 45c692e896f6d5351f0f0a998ed4f588.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P2
x-cache
Miss from cloudfront
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=86400
content-length
22102
x-amz-cf-id
e_xwBNXZvxJAEkuI2kBmf3H9pbVniPriWu3JoOszXWOM1l4Ws3_RaA==
access-control-allow-headers
Accept,Origin,Keep-Alive,Content-Type,User-Agent,Referer,Accept-Language,Cookie,Authorization,Cache-Control,Expires,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
x-blaize-request
ffffffffe80083a0
eyJpdSI6IjI1N2E2ZWIzNTYwNmE2ZDUwMTYxZTg1NWVkZmIwNTQwN2E4OWY2YjNlMDU5NjQ0NmU0MzJlNmViNjFlYWFiZmEiLCJ3Ijo5MCwiaCI6NjAsImQiOjEuMCwiY3MiOjAsImYiOjR9.webp
images.outbrainimg.com/transform/v3/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjI1N2E2ZWIzNTYwNmE2ZDUwMTYxZTg1NWVkZmIwNTQwN2E4OWY2YjNlMDU5NjQ0NmU0MzJlNmViNjFlYWFiZmEiLCJ3Ijo5MCwiaCI6NjAsImQiOjEuMCwiY3MiOjAsImYiOjR9.webp
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.37.207 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-37-207.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4a8285f69819693db719ed5f41249c26952db347e7c93a0ee7b0cf3433231b23

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:56 GMT
last-modified
Sat, 12 Aug 2023 03:19:21 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2255433
access-control-allow-credentials
false
x-traceid
2e6ecf9d68a88761287a71a79161a26b
timing-allow-origin
*, *
content-length
1766
eyJpdSI6IjU1NDkzZGQzYjE2ZGYyZjU3OTEzNjg4MTlmYmVjYjgyZTEyYTRiOWZiZmVhMDAzZGVkOTYwZTRhYzhlM2Y3YzEiLCJ3Ijo5MCwiaCI6NjAsImQiOjEuMCwiY3MiOjAsImYiOjR9.webp
images.outbrainimg.com/transform/v3/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjU1NDkzZGQzYjE2ZGYyZjU3OTEzNjg4MTlmYmVjYjgyZTEyYTRiOWZiZmVhMDAzZGVkOTYwZTRhYzhlM2Y3YzEiLCJ3Ijo5MCwiaCI6NjAsImQiOjEuMCwiY3MiOjAsImYiOjR9.webp
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.37.207 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-37-207.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
940d7a58531c070a01b7dbaec7a6772e890427ec91e6d4235efd5214d6548425

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:56 GMT
last-modified
Sun, 13 Aug 2023 21:01:31 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2405552
access-control-allow-credentials
false
x-traceid
c97ac51b4273889b7c1d8109487896b0
timing-allow-origin
*, *
content-length
1652
eyJpdSI6Ijg0YzJjNDZkOWU5ZWJmZjc2YTUyZTUzMGJiZjhmYjFiZmMwOTU2YzEzNTVkY2I3ZjY5NjczYjMyYjhmOWFjYWIiLCJ3Ijo5MCwiaCI6NjAsImQiOjEuMCwiY3MiOjAsImYiOjR9.webp
images.outbrainimg.com/transform/v3/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6Ijg0YzJjNDZkOWU5ZWJmZjc2YTUyZTUzMGJiZjhmYjFiZmMwOTU2YzEzNTVkY2I3ZjY5NjczYjMyYjhmOWFjYWIiLCJ3Ijo5MCwiaCI6NjAsImQiOjEuMCwiY3MiOjAsImYiOjR9.webp
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.37.207 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-37-207.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5066b8428ed1902196c54ede48f78c637da47acdadfe22c10442cb676da0afde

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:56 GMT
last-modified
Sun, 13 Aug 2023 16:57:43 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2390915
access-control-allow-credentials
false
x-traceid
ab06119ca175747b346347594d90a16b
timing-allow-origin
*, *
content-length
2320
eyJpdSI6ImVkMzJjZjgwZTQ5NDU4ZTRlZDg5N2Q2ZmNjNzU3NWNlMGFkYTk1NDY0ODFiZWQ2NThkZmM3ZjcxMjYyZjY4YzEiLCJ3Ijo5MCwiaCI6NjAsImQiOjEuMCwiY3MiOjAsImYiOjR9.webp
images.outbrainimg.com/transform/v3/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImVkMzJjZjgwZTQ5NDU4ZTRlZDg5N2Q2ZmNjNzU3NWNlMGFkYTk1NDY0ODFiZWQ2NThkZmM3ZjcxMjYyZjY4YzEiLCJ3Ijo5MCwiaCI6NjAsImQiOjEuMCwiY3MiOjAsImYiOjR9.webp
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.37.207 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-37-207.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c6bc5755c6646844a8e300cac5bc87acc2306e4c4c4b80929a270c01b7708256

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:56 GMT
last-modified
Sun, 13 Aug 2023 13:53:18 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2379881
access-control-allow-credentials
false
x-traceid
db4ac21053b3fa39fe64352f9bfcd2ba
timing-allow-origin
*, *
content-length
2126
eyJpdSI6ImU1YjQ2NGRjODk4NThlZWIyZTk1ZDg3NDdkNTM1ZDc5OGY0MjAwNTJlMDQ5ZTI1Y2M0ODFlOTQyMTA5OGQwMTIiLCJ3Ijo5MCwiaCI6NjAsImQiOjEuMCwiY3MiOjAsImYiOjR9.webp
images.outbrainimg.com/transform/v3/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImU1YjQ2NGRjODk4NThlZWIyZTk1ZDg3NDdkNTM1ZDc5OGY0MjAwNTJlMDQ5ZTI1Y2M0ODFlOTQyMTA5OGQwMTIiLCJ3Ijo5MCwiaCI6NjAsImQiOjEuMCwiY3MiOjAsImYiOjR9.webp
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.37.207 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-37-207.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
df578fdb7cfa4868794f149c238af7d0173925c4090c0454a214ac6a3c7e2bc5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:56 GMT
last-modified
Sun, 13 Aug 2023 19:52:00 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2401388
access-control-allow-credentials
false
x-traceid
32ecf4cfd9516c6c448e7976b3781001
timing-allow-origin
*, *
content-length
2056
eyJpdSI6Ijg5OTJiZTExNDE5YzJhOTMyNjkzNGMzMWFiOWNlNDAzYTk1OTZiM2M1MDc2ODM5MWQ3ODIxZjY2ZTQ3ZmU3ZDYiLCJ3Ijo5MCwiaCI6NjAsImQiOjEuMCwiY3MiOjAsImYiOjR9.webp
images.outbrainimg.com/transform/v3/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6Ijg5OTJiZTExNDE5YzJhOTMyNjkzNGMzMWFiOWNlNDAzYTk1OTZiM2M1MDc2ODM5MWQ3ODIxZjY2ZTQ3ZmU3ZDYiLCJ3Ijo5MCwiaCI6NjAsImQiOjEuMCwiY3MiOjAsImYiOjR9.webp
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.37.207 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-37-207.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
32a9284c528855fe0a7713b3d136cbf6447a57ed63667c5cbe14f66006519cb3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:56 GMT
last-modified
Sun, 13 Aug 2023 20:45:10 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2404948
access-control-allow-credentials
false
x-traceid
ad61722252dfd95dad965405d5d81872
timing-allow-origin
*, *
content-length
1384
ecm3
s.amazon-adsystem.com/ Frame 25DD
Redirect Chain
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E
  • https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3350189961523764000V10
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3350189961523764000V10
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Aug 2023 12:49:56 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
G04WYKQTB21E5XHY4QVK
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:56 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3350189961523764000V10
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Mon, 14 Aug 2023 12:49:56 GMT
in
us.q2s15.com/v5/ 		2 B
171 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://us.q2s15.com/v5/in
Requested by
Host: cdn.watchingthat.net
URL: https://cdn.watchingthat.net/us.wtat.plugin-jw_ima.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.17.205.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-205-49.compute-1.amazonaws.com
Software
/ Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundary72AB3oU5MpByPB9N

Response headers

access-control-allow-origin
https://nypost.com
date
Mon, 14 Aug 2023 12:49:56 GMT
access-control-allow-credentials
true
x-powered-by
Express
content-length
2
vary
Origin
content-type
text/plain; charset=utf-8
ScrNykYo-120.jpg
assets-jpcust.jwpsrv.com/strips/
Redirect Chain
  • https://cdn.jwplayer.com/strips/ScrNykYo-120.jpg
  • https://assets-jpcust.jwpsrv.com/strips/ScrNykYo-120.jpg
86 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/strips/ScrNykYo-120.jpg
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
85bb7b589a04b78b76ebf311878c885c83a89856e59ebae4061a944d0ed2b9a8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:56 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
763
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
87112
x-served-by
cache-iad-kcgs7200077-IAD, cache-mia-kmia1760020-MIA
last-modified
Sun, 13 Aug 2023 14:07:45 GMT
server
nginx
x-timer
S1692017396.481220,VS0,VE0
etag
"8718616c1668617b4b8157fceff2cfa0"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
115, 2

Redirect headers

date
Mon, 14 Aug 2023 12:48:53 GMT
via
1.1 978e367a2ce2a1259e8f24bc2370ca50.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
EWR53-C1
age
63
x-cache
Hit from cloudfront
content-type
text/html
location
https://assets-jpcust.jwpsrv.com/strips/ScrNykYo-120.jpg
access-control-allow-origin
*
x-robots-tag
noindex, indexifembedded
content-length
166
x-amz-cf-id
hc2YGXOKhkxuOcOsbPt8v0eyqwZmebej-6KRNMzLqOrjW0f8ZFzTvg==
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&rid=esp&cc=1
85 B
203 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&rid=esp&cc=1
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Server
34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.107.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
6b2541c52d3cdf7127c3ac76c935018f94c7280cafb00e7aca48a8d4603e1e20

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:56 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-Dbj02KGSWjjMQEVyDmrIi4NDvZ0"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nypost.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Mon, 14 Aug 2023 12:49:56 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://nypost.com
location
/esp?url=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
increment
id5-sync.com/api/esp/ 		0
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://nypost.com
date
Mon, 14 Aug 2023 12:49:55 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
/
data.cdnbasket.net/ 		14 B
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.cdnbasket.net/
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_0c63e4216cfe4fb383696453c6313332.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.2.25 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
25.2.149.34.bc.googleusercontent.com
Software
/
Resource Hash
dddf4638077ce5f0bca405063a219d921a39106985507d768c4eeb8859e1b1b1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Aug 2023 12:49:56 GMT
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Access-Control-Allow-Headers
Origin, Content-Type, Accept
Expires
0
/
page.cdnbasket.net/ 		14 B
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://page.cdnbasket.net/
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_0c63e4216cfe4fb383696453c6313332.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.244.216.63 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
63.216.244.35.bc.googleusercontent.com
Software
/
Resource Hash
bafc057ab257c7b3b70c1d4a8ac9dea811b129932ebe197450560d4bfcb2eee4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Aug 2023 12:49:56 GMT
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Access-Control-Allow-Headers
Origin, Content-Type, Accept
Expires
0
/
view.cdnbasket.net/ 		14 B
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://view.cdnbasket.net/
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_0c63e4216cfe4fb383696453c6313332.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.227.254.22 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
22.254.227.35.bc.googleusercontent.com
Software
/
Resource Hash
1b8ba4868781f0b66efefdaa399da69c291235688dd9123ea45d31a44a6992da

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Aug 2023 12:49:56 GMT
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Access-Control-Allow-Headers
Origin, Content-Type, Accept
Expires
0
Toq2ZZoq
cdn.jwplayer.com/v2/playlists/ 		124 KB
20 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jwplayer.com/v2/playlists/Toq2ZZoq?related_media_id=ScrNykYo&page_domain=nypost.com
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/spddoyds.js?ver=6.0.5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:7600:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
70cac5af8c6518f461619e1a96a8ee2e08f022683bca955d429abfa49652db7a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:52 GMT
content-encoding
gzip
via
1.1 284419e56e7f935ce4c1c55765241348.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
EWR53-C1
age
4
x-cache
Hit from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-robots-tag
noindex, indexifembedded
content-length
20249
x-amz-cf-id
ftcjud0Xn1k-gmFWiSHTA9Y64IzUsbbAVprhEUGzdTBSfFY3TKkEeQ==
expires
Mon, 14 Aug 2023 12:50:05
encrypt
esp.rtbhouse.com/ 		265 B
539 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://esp.rtbhouse.com/encrypt
Requested by
Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
69cb5404dde4842704b5d0120ae553f33e4f7a50e2f25b765254ffac34de0732

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 14 Aug 2023 12:49:56 GMT
via
1.1 google, 1.1 google
server
Google Frontend
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
*
x-cloud-trace-context
25d4f6385f9096edaebbdb8b269b045c
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With
content-length
265
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
syncframe
gum.criteo.com/ Frame 3F7D 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=nypost.com&us_privacy=1---
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
c5f572ed80485a43331f587039ef455ab7400d278434cdee0965a0fea35befcf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 14 Aug 2023 12:49:56 GMT
server
Kestrel
server-processing-duration-in-ticks
224162
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
onsite-v2_f5621c2976725f038c9eb38c5d0b25c6.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/onsite-v2_f5621c2976725f038c9eb38c5d0b25c6.br.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
21655d9fabe294c06d30757dcab3766717c260d8e75e750b4135b03541dca772

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 10 Aug 2023 20:26:22 GMT
content-encoding
br
age
318214
x-guploader-uploadid
ADPycdutuQCm5H4xybGOzjvBoFIBI-rqhMZOexa-fqwLu45M0N8NQZpgB1CoXhS4Ph_77eWLn3WeEAvt5Wrd-kOFXP-f0eoFh7ZS
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5971
last-modified
Thu, 10 Aug 2023 20:26:14 GMT
server
UploadServer
etag
"9ffebc5293840744051e8084c779d23a"
x-goog-generation
1691699174297836
x-goog-hash
crc32c=SFjcBA==, md5=n/68UpOEB0QFHoCEx3nSOg==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
5971
accept-ranges
bytes
content-type
text/javascript
ads-v2_06e78f7b51587a9fadbeab532c140800.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		247 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/ads-v2_06e78f7b51587a9fadbeab532c140800.br.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
822c116fa47de1d63672cbb1acc99bf2ea7e35ce7c498dc8e880e83e516e4ef4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 10 Aug 2023 20:26:05 GMT
content-encoding
br
age
318231
x-guploader-uploadid
ADPycdu4nZfcXCabE-CHbXx4qmlRz97Ycp0tNCBEg5svZkvhGkQOAtkak55sdYp2XeecCmJU_343D23V2k9yZ0XGnE0UT3l0rcOU
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44340
last-modified
Thu, 10 Aug 2023 20:25:58 GMT
server
UploadServer
etag
"5403a49b045d3ae0e5915c9e4b40c876"
x-goog-generation
1691699158661162
x-goog-hash
crc32c=RqTxGg==, md5=VAOkmwRdOuDlkVyeS0DIdg==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
44340
accept-ranges
bytes
content-type
text/javascript
e381bc70310e5a66bfd79df777fbf79f.br.json
assets.bounceexchange.com/assets/gam/5850/ 		22 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/gam/5850/e381bc70310e5a66bfd79df777fbf79f.br.json
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_484755c27a072c7ddf441cedd48102db.br.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
65fae40aecaa4a2551aee0826fe9ff3fc02b2c92ca6ac7c21d45d6a5b0e0fe5c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 22:04:09 GMT
content-encoding
br
age
225947
x-guploader-uploadid
ADPycdsMOcOcU8L0R19JInQeq5AI5pmpZ8Omf6fRgX015q00xi0aJ06AJCyPWNNrq1e7ZVtMfnovt4aK31bSga_paexsDm059ObL
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5960
last-modified
Fri, 11 Aug 2023 22:03:31 GMT
server
UploadServer
etag
"dadbc7759e878a611500f49226b2e9f8"
x-goog-generation
1691791411948663
x-goog-hash
crc32c=YcLjbw==, md5=2tvHdZ6HimEVAPSSJrLp+A==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace, etag
cache-control
public,max-age=31536000
x-goog-stored-content-length
5960
accept-ranges
bytes
content-type
text/plain; charset=UTF-8
sync
pippio.com/api/ Frame 4296
Redirect Chain
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=98e88688-0673-4918-b58d-6b26411ac6e7&us_privacy=1---
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=a92192c3-6390-4b70-861a-56d497938f37%3A1692017396.5221553&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3Da92192c3-6390-4b70...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=969188718189332721&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3Da92192c...
  • https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=a92192c3-6390-4b70-861a-56d497938f37%3A1692017396.5221553&pid=500040&it=1&iv=a92192c3-6390-4b70-861a-56d497938f37%3A1692017396.5221553&_=169...
  • https://pippio.com/api/sync?it=1&pid=500040&_=1692017396.527568&iv=a92192c3-6390-4b70-861a-56d497938f37:1692017396.5221553
42 B
203 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pippio.com/api/sync?it=1&pid=500040&_=1692017396.527568&iv=a92192c3-6390-4b70-861a-56d497938f37:1692017396.5221553
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-01qt?s=&cim=&ps=true&ls=true&duid=37577191df7a--01h7t1h0vpksc8abk7zsfr004m&ppid=0&euns=1&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1---&
Protocol
H2
Server
107.178.254.65 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
65.254.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:57 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

Location
https://pippio.com/api/sync?it=1&pid=500040&_=1692017396.527568&iv=a92192c3-6390-4b70-861a-56d497938f37:1692017396.5221553
Date
Mon, 14 Aug 2023 12:49:57 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
3
28292
i6.liadm.com/s/ Frame 4296
Redirect Chain
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D&us_privacy=1---
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=4086215225291572915&us_privacy=1---
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@&us_privacy=1---
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-RbNkiiZmUz-AGAn3HgYorfG9jDsaXKjrA4S4Hw&us_privacy=1---
  • https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-RbNkiiZmUz-AGAn3HgYorfG9jDsaXKjrA4S4Hw&us_privacy=1---&us_privacy=1---
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-RbNkiiZmUz-AGAn3HgYorfG9jDsaXKjrA4S4Hw&us_privacy=1---&us_privacy=1---
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-01qt?s=&cim=&ps=true&ls=true&duid=37577191df7a--01h7t1h0vpksc8abk7zsfr004m&ppid=0&euns=1&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1---&
Protocol
HTTP/1.1
Server
2600:1f18:ed:550a:fdb3:b355:1994:e0eb Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 12:49:57 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
0
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-RbNkiiZmUz-AGAn3HgYorfG9jDsaXKjrA4S4Hw&us_privacy=1---&us_privacy=1---
Date
Mon, 14 Aug 2023 12:49:57 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
5
35759
i6.liadm.com/s/ Frame 4296
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0&us_privacy=1---
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0&us_privacy=1---
  • https://i.liadm.com/s/35759?bidder_id=44489&bidder_uuid=885e676c-3a70-45fe-acfc-e7ad294a43e8
  • https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=885e676c-3a70-45fe-acfc-e7ad294a43e8
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=885e676c-3a70-45fe-acfc-e7ad294a43e8
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-01qt?s=&cim=&ps=true&ls=true&duid=37577191df7a--01h7t1h0vpksc8abk7zsfr004m&ppid=0&euns=1&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1---&
Protocol
HTTP/1.1
Server
2600:1f18:ed:550a:fdb3:b355:1994:e0eb Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 12:49:57 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
0
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=885e676c-3a70-45fe-acfc-e7ad294a43e8
Date
Mon, 14 Aug 2023 12:49:57 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
1
syncd
x.bidswitch.net/ Frame 4296 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/syncd?dsp_id=256&user_group=2&user_id=98e88688-0673-4918-b58d-6b26411ac6e7&redir=//i.liadm.com/s/52176?bidder_id%3D5298%26bidder_uuid%3D$%7BBSW_UID%7D&us_privacy=1---
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-01qt?s=&cim=&ps=true&ls=true&duid=37577191df7a--01h7t1h0vpksc8abk7zsfr004m&ppid=0&euns=1&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1---&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 12:49:56 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
img
sync.mathtag.com/sync/ Frame 4296 		43 B
589 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/sync/img?mt_exid=36&98e88688-0673-4918-b58d-6b26411ac6e7&us_privacy=1---
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-01qt?s=&cim=&ps=true&ls=true&duid=37577191df7a--01h7t1h0vpksc8abk7zsfr004m&ppid=0&euns=1&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1---&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.200.232.249 Frederick, United States, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 1031 59fd23a master ord ord-pixel-x49 config_version:"1969" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 12:49:56 GMT
Server
MT3 1031 59fd23a master ord ord-pixel-x49 config_version:"1969"
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
43
Expires
Mon, 14 Aug 2023 12:49:55 GMT
35004
i.liadm.com/s/ Frame 4296
Redirect Chain
  • https://b1sync.zemanta.com/usersync/liveintent/?cb=//i.liadm.com/s/35004?bidder_id%3D98254%26bidder_uuid%3D__ZUID__&us_privacy=1---
  • https://stags.bluekai.com/site/23178?id=JJ-Bcr2ZgPSZovj0FZ9P&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DF4XWSLTMNFQWI3JOMNXW2L3TF4ZTKMBQGQ7WE2LEMRSXEX3JMQ6TSOBS...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=F4XWSLTMNFQWI3JOMNXW2L3TF4ZTKMBQGQ7WE2LEMRSXEX3JMQ6TSOBSGU2CMYTJMRSGK4S7OV2WSZB5JJFC2QTDOIZFUZ2QKNNG65TKGBDFUOKQEZSXQY3IMFXGOZJ5NRUXMZLJNZ2GK...
  • https://i.liadm.com/s/35004?bidder_id=98254&bidder_uuid=JJ-Bcr2ZgPSZovj0FZ9P&us_privacy=1---
43 B
644 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/35004?bidder_id=98254&bidder_uuid=JJ-Bcr2ZgPSZovj0FZ9P&us_privacy=1---
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-01qt?s=&cim=&ps=true&ls=true&duid=37577191df7a--01h7t1h0vpksc8abk7zsfr004m&ppid=0&euns=1&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1---&
Protocol
HTTP/1.1
Server
23.23.70.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-23-70-212.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 12:49:57 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
2
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 14 Aug 2023 12:49:57 GMT
Content-Type
text/html; charset=utf-8
Location
//i.liadm.com/s/35004?bidder_id=98254&bidder_uuid=JJ-Bcr2ZgPSZovj0FZ9P&us_privacy=1---
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
117
Expires
Thu, 01 Dec 1994 16:00:00 GMT
live_intent_sync
x.dlx.addthis.com/e/ Frame 4296
Redirect Chain
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=98e88688-0673-4918-b58d-6b26411ac6e7&us_privacy=1---
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=98e88688-0673-4918-b58d-6b26411ac6e7&us_privacy=1---&rd=Y
43 B
595 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=98e88688-0673-4918-b58d-6b26411ac6e7&us_privacy=1---&rd=Y
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-01qt?s=&cim=&ps=true&ls=true&duid=37577191df7a--01h7t1h0vpksc8abk7zsfr004m&ppid=0&euns=1&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1---&
Protocol
H2
Server
104.126.112.185 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=2628000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires
Mon, 14 Aug 2023 12:49:57 GMT
pragma
no-cache
date
Mon, 14 Aug 2023 12:49:57 GMT
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=2628000
content-length
43
content-type
image/gif

Redirect headers

location
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=98e88688-0673-4918-b58d-6b26411ac6e7&us_privacy=1---&rd=Y
pragma
no-cache
date
Mon, 14 Aug 2023 12:49:56 GMT
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=2628000
content-length
0
expires
Mon, 14 Aug 2023 12:49:56 GMT
audiences
api.permutive.com/audience-matching/v1/id/7e514abc-0a31-4f03-90ca-baace86c2b2a/ 		12 B
75 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/audience-matching/v1/id/7e514abc-0a31-4f03-90ca-baace86c2b2a/audiences?k=8716c0bf-3e57-4603-9c05-89d10477c922
Requested by
Host: 0cf17917-395b-4f25-91cc-db3bdd6044b0.edge.permutive.app
URL: https://0cf17917-395b-4f25-91cc-db3bdd6044b0.edge.permutive.app/f34a8612-9c89-4e7a-adeb-71a2902d9634-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
/
Resource Hash
2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 14 Aug 2023 12:49:56 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12
content-type
application/json
amzns2s
rtb.gumgum.com/usync/ Frame 93CF 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.236.116.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-236-116-166.compute-1.amazonaws.com
Software
nginx /
Resource Hash
f44b5426e3273934f005eeff3ac530e79bc33bbe9f9ac046a393fc6e295b6d48

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Mon, 14 Aug 2023 12:49:56 GMT
etag
W/"05a478b1123fa43ff2e5ee8a624f62ba6"
server
nginx
timing-allow-origin
*
feature-decisions
zephr-v4.nypost.com/zephr/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://zephr-v4.nypost.com/zephr/feature-decisions
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.139.29.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-97.jfk50.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://nypost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Origin,Keep-Alive,Content-Type,User-Agent,Referer,Accept-Language,Cookie,Authorization,Cache-Control,Expires,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
access-control-allow-methods
POST,PUT,PATCH,GET,DELETE,OPTIONS,HEAD
access-control-allow-origin
https://nypost.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Mon, 14 Aug 2023 12:49:56 GMT
via
1.1 ef73a156d5c211fdbb7e4231f2a0edca.cloudfront.net (CloudFront)
x-amz-cf-id
pDt60L4hmD6kpzzCWEKz4XPM3VHGhw131rGzLKGg_iEG1BUaYg54sg==
x-amz-cf-pop
JFK50-P2
x-cache
Miss from cloudfront
feature-decisions
zephr-v4.nypost.com/zephr/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://zephr-v4.nypost.com/zephr/feature-decisions
Requested by
Host: nypost.com
URL: https://nypost.com/wp-content/plugins/nyp-zephr/build/app.bundle.min.js?ver=fff68af0505af779fefa
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.139.29.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-97.jfk50.r.cloudfront.net
Software
/
Resource Hash
7f07d2473e618f397d51504108584d8e704b48cf948cea60309e7c5c7721a687

Request headers

Accept
application/json
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 14 Aug 2023 12:49:56 GMT
content-encoding
br
via
1.1 45c692e896f6d5351f0f0a998ed4f588.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P2
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=86400
access-control-allow-headers
Accept,Origin,Keep-Alive,Content-Type,User-Agent,Referer,Accept-Language,Cookie,Authorization,Cache-Control,Expires,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
x-amz-cf-id
K9093gR0ZlAUrgMnqCWMfO35qaA425r3Ur6ie2z-grb6kC5-N_OX1A==
x-blaize-request
16bf02b
ads.js
static-cdn.spot.im/production/ads/tags/v22.3.0/ads/ 		209 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/ads/tags/v22.3.0/ads/ads.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.66 , United States, ASN (),
Reverse DNS
server-18-173-219-66.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8382149949830c4a71cb4d1dc6d30676fd897b85872489c91e1b333d2b0692b4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
PTn50eifMPBihN4VVEZFTblp_kQ_pW.j
content-encoding
br
via
1.1 6d137176634825df2648120ac1bcc782.cloudfront.net (CloudFront)
date
Mon, 14 Aug 2023 08:09:31 GMT
last-modified
Fri, 14 Jul 2023 08:04:48 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P1
age
16825
x-amz-server-side-encryption
AES256
etag
W/"6297d2eda122c4cc36db128ed878ba28"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-replication-status
COMPLETED
x-amz-cf-id
dooIIz8GyldOo-J5Zh1mV2kj036a_dDOBJjJ5m6nHNTEPYCnBR_E_w==
ads.css
static-cdn.spot.im/production/ads/tags/v22.3.0/ads/ 		7 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/ads/tags/v22.3.0/ads/ads.css
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.8.1/launcher/initial-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.66 , United States, ASN (),
Reverse DNS
server-18-173-219-66.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
46cd024c098a819457a86a965c1831e29b4f107fc1fc6efdc150a768658fced6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
sui9ZmWXGhJ7TGf_9mD3DgrQHTC8FLjV
content-encoding
br
via
1.1 da8cb5b9fb94d7de03d8eaa20297debc.cloudfront.net (CloudFront)
date
Mon, 14 Aug 2023 08:09:42 GMT
x-amz-cf-pop
JFK52-P1
age
16815
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Fri, 14 Jul 2023 08:04:48 GMT
server
AmazonS3
etag
W/"c47e9f8f1f372713f50ca1952b693104"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-amz-cf-id
X-X88QIw46s_tGPSPla0T3Ede6cUPEcJhbLlRs5pKCYLbV27Dw8y1Q==
map
bcp.crwdcntrl.net/6/ 		156 B
609 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.126.51 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-126-51.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
3033d18780c31430ee49929988186914528e96a29a2a416b46639e7d77e8ef64

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:56 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://nypost.com
cache-control
no-cache
x-server
10.40.9.246
access-control-allow-credentials
true
content-length
156
expires
0
setuid
prebid-server.rubiconproject.com/
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=rp-pbs&gdpr=&gdpr_consent=&account=11076&us_privacy=1---&gpp_sid=&gpp=
  • https://prebid-server.rubiconproject.com/setuid?bidder=rubicon&account=11076&uid=LLAVGYIH-G-GET7&us_privacy=1---
86 B
575 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=rubicon&account=11076&uid=LLAVGYIH-G-GET7&us_privacy=1---
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
HTTP/1.1
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/png
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-encoding
gzip
transfer-encoding
chunked
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid-server.rubiconproject.com/setuid?bidder=rubicon&account=11076&uid=LLAVGYIH-G-GET7&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
966e54b6201ecd300c4db0efc0f5781a
Expires
0
db_sync
px.ads.linkedin.com/ Frame 6AFB
Redirect Chain
  • https://idsync.rlcdn.com/420046.gif?partner_uid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR
  • https://idsync.rlcdn.com/1000.gif?memo=CM7RGRJMCkgIARC-ngEaQEtRQjh1UUZRRHlUT1pqb1ozMktaWGFpaGJiYmdQTlM1UkVCNVhXNVR1UHJmc2lWX3p1VmlKNS1FNnRCZG96alIQABoNCPTF6KYGEgUI6AcQAEIASgA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=5a7b2f2fa797d115ed9eab627b6556bf468f9ee5ecbec57a0c7162de5c07df17791426b5417dce21&_=2
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=5a7b2f2fa797d115ed9eab627b6556bf468f9ee5ecbec57a0c7162de5c07df17791426b5417dce21&rand=05740494
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=5a7b2f2fa797d115ed9eab627b6556bf468f9ee5ecbec57a0c7162de5c07df17791426b5417dce21&rand=05740494&expected_cookie=77df87ea-9b77-4e9f-a267-e06d623381da
0
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=5a7b2f2fa797d115ed9eab627b6556bf468f9ee5ecbec57a0c7162de5c07df17791426b5417dce21&rand=05740494&expected_cookie=77df87ea-9b77-4e9f-a267-e06d623381da
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:57 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: F46D9271152D4E6686EF44EC43216EA9 Ref B: MIA301000101051 Ref C: 2023-08-14T12:49:58Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYC4X/3igoSx1wJK7ASYw==

Redirect headers

date
Mon, 14 Aug 2023 12:49:56 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 53AB3450D91342E49EF9BC07783D8914 Ref B: MIA301000101051 Ref C: 2023-08-14T12:49:57Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
location
/db_sync?pid=10339&puuid=5a7b2f2fa797d115ed9eab627b6556bf468f9ee5ecbec57a0c7162de5c07df17791426b5417dce21&rand=05740494&expected_cookie=77df87ea-9b77-4e9f-a267-e06d623381da
x-li-proto
http/2
content-length
0
x-li-uuid
AAYC4X/y5P5GUp5AdIVmgg==
cookie-sync
sync.outbrain.com/ Frame 6AFB
Redirect Chain
  • https://b1sync.zemanta.com/usersync/outbrain/?puid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
  • https://b1sync.zemanta.com/usersync/outbrain/?gdpr=0&gdpr_consent=&initiator=ob&puid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&s=2&us_privacy=1---
  • https://sync.outbrain.com/cookie-sync?p=zemanta&uid=JJ-Bcr2ZgPSZovj0FZ9P&obUid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&initiator=ob&gdpr=0&us_privacy=1---
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=zemanta&uid=JJ-Bcr2ZgPSZovj0FZ9P&obUid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&initiator=ob&gdpr=0&us_privacy=1---
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.255 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 12:49:57 GMT
Cache-Control
no-cache
X-TraceId
e613eef75af3e388ba100ce5493af337
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Mon, 14 Aug 2023 12:49:56 GMT
Content-Type
text/html; charset=utf-8
Location
https://sync.outbrain.com/cookie-sync?p=zemanta&uid=JJ-Bcr2ZgPSZovj0FZ9P&obUid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&initiator=ob&gdpr=0&us_privacy=1---
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
222
Expires
Thu, 01 Dec 1994 16:00:00 GMT
cookie-sync
sync.outbrain.com/ Frame 6AFB
Redirect Chain
  • https://ib.adnxs.com/getuid?https://sync.outbrain.com/cookie-sync?p=appnexus&uid=$UID&obUid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&gdpr=0&gdpr_consent=&us_privacy=1---&ini...
  • https://sync.outbrain.com/cookie-sync?p=appnexus&uid=6125384915149995829&obUid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=appnexus&uid=6125384915149995829&obUid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.255 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 12:49:56 GMT
Cache-Control
no-cache
X-TraceId
c6ff4e8582c75a799ad4877e90f47e47
Content-Length
0

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:56 GMT
an-x-request-uuid
ccfb89e7-0926-4a7c-89a1-c4e9bfa3a8d3
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.outbrain.com/cookie-sync?p=appnexus&uid=6125384915149995829&obUid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
x-proxy-origin
38.132.118.69; 38.132.118.69; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
demconf.jpg
dpm.demdex.net/ Frame 6AFB
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=133726&dpuuid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&gdpr=0&gdpr_pd=1&gdpr_consent=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=133726&dpuuid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&gdpr=0&gdpr_pd=1&gdpr_consent=
42 B
940 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=133726&dpuuid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&gdpr=0&gdpr_pd=1&gdpr_consent=
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
44.195.135.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-195-135-11.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

DCS
dcs-prod-va6-1-v049-09eb2e65b.edge-va6.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
lX5M1RYgTuo=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-va6-2-v049-047e8fa11.edge-va6.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
UT00fFwaS1Q=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=133726&dpuuid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&gdpr=0&gdpr_pd=1&gdpr_consent=
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
set
sync-jp.im-apps.net/imid/ Frame 6AFB 		43 B
740 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-jp.im-apps.net/imid/set?cid=1000047&tid=obid&uid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.126.116.66 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-116-66.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 12:49:56 GMT
Cache-Control
private, max-age=3000
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
cookie-sync
sync.outbrain.com/ Frame 6AFB
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=icco6m5&ttd_tpi=1&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=icco6m5&ttd_tpi=1&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://sync.outbrain.com/cookie-sync?p=ttd&uid=885e676c-3a70-45fe-acfc-e7ad294a43e8&gdpr=0&gdpr_consent=
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=ttd&uid=885e676c-3a70-45fe-acfc-e7ad294a43e8&gdpr=0&gdpr_consent=
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.255 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 12:49:57 GMT
Cache-Control
no-cache
X-TraceId
b4bfc78603d750efbb06336df9a80b89
Content-Length
0

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:56 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.outbrain.com/cookie-sync?p=ttd&uid=885e676c-3a70-45fe-acfc-e7ad294a43e8&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
241
usermatch.gif
beacon.krxd.net/ Frame 6AFB 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=outbrain&partner_uid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-served-by
beacon-n007-ash-prod.krxd.net
date
Mon, 14 Aug 2023 12:49:56 GMT
cache-control
private, no-cache, no-store
x-request-time
D=23 t=1692017396
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
g.pixel
aa.agkn.com/adscores/ Frame 6AFB 		43 B
657 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212295978&puid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-37.jfk50.r.cloudfront.net
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:56 GMT
via
1.1 6fde4eba6716c9f80db3b63d251f248c.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
JFK50-P3
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
x-amz-cf-id
ISPdmzcuHGfZXYhsoR6XfcYkDvMoN-HVLNI6pt6u5S9lJGIewBeeoQ==
expires
0
cookie-sync
sync.outbrain.com/ Frame 6AFB
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=outbrain&ssp_user_id=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=outbrain&ssp_user_id=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
  • https://sync.outbrain.com/cookie-sync?p=mediaforce&uid=8759a31e-b0b9-4b35-8fbe-32318a0f4a18&gdpr=0&gdpr_consent=&us_privacy=1---
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=mediaforce&uid=8759a31e-b0b9-4b35-8fbe-32318a0f4a18&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.255 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 12:49:57 GMT
Cache-Control
no-cache
X-TraceId
393edd8e6831d3c827456fa077715ebf
Content-Length
0

Redirect headers

location
//sync.outbrain.com/cookie-sync?p=mediaforce&uid=8759a31e-b0b9-4b35-8fbe-32318a0f4a18&gdpr=0&gdpr_consent=&us_privacy=1---
date
Mon, 14 Aug 2023 12:49:56 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cookie-sync
sync.outbrain.com/ Frame 6AFB
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=outbrain&user_id=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&us_privacy=1---&gdpr=0&gdpr_pd=1&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=outbrain&user_id=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&us_privacy=1---&gdpr=0&gdpr_pd=1&gdpr_consent=
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=outbrain&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=969188718189332721&expires=30&ssp=outbrain
  • https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=2ec00d2e-f53c-465e-92d3-2beaa816ca85&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=2ec00d2e-f53c-465e-92d3-2beaa816ca85&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.255 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 12:49:57 GMT
Cache-Control
no-cache
X-TraceId
fcad649ba076d3fa93ae3d0561a265bc
Content-Length
0

Redirect headers

Location
//sync.outbrain.com/cookie-sync?p=bidswitch&uid=2ec00d2e-f53c-465e-92d3-2beaa816ca85&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Date
Mon, 14 Aug 2023 12:49:57 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cookie-sync
sync.outbrain.com/ Frame 6AFB
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=74&p=126&cp=outbrain&cu=1&url=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcriteo%26obUid%3DKQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-...
  • https://sync.outbrain.com/cookie-sync?p=criteo&obUid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob&uid=43438add-310c-42c6-a606-2...
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=criteo&obUid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob&uid=43438add-310c-42c6-a606-253d769a587a
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.255 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 12:49:57 GMT
Cache-Control
no-cache
X-TraceId
209ab209ac9b29dda3841c9497dcf11a
Content-Length
0

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:56 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://sync.outbrain.com/cookie-sync?p=criteo&obUid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob&uid=43438add-310c-42c6-a606-253d769a587a
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1139419
content-length
0
expires
Mon, 14 Aug 2023 00:00:00 GMT
us.gif
sync.go.sonobi.com/ Frame 6AFB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&google_dbm
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEPH7324noyrPd5d-36-RAsQ&google_cver=1
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=2ec00d2e-f53c-465e-92d3-2beaa816ca85
49 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=2ec00d2e-f53c-465e-92d3-2beaa816ca85
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Server
69.166.1.34 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:57 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-82
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
//sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=2ec00d2e-f53c-465e-92d3-2beaa816ca85
Date
Mon, 14 Aug 2023 12:49:57 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cookie-sync
sync.outbrain.com/ Frame 6AFB
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=25&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://sync.outbrain.com/cookie-sync?p=activeagent&uid=7267159384384272534&gdpr=0&gdpr_consent=
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=activeagent&uid=7267159384384272534&gdpr=0&gdpr_consent=
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.255 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 12:49:57 GMT
Cache-Control
no-cache
X-TraceId
71c696ebccae340305ae7403a290d62d
Content-Length
0

Redirect headers

Location
https://sync.outbrain.com/cookie-sync?p=activeagent&uid=7267159384384272534&gdpr=0&gdpr_consent=
Date
Mon, 14 Aug 2023 12:49:57 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
/
ps.eyeota.net/match/bounce/ Frame 6AFB
Redirect Chain
  • https://ps.eyeota.net/match?bid=1mpn7m0&uid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR
  • https://ps.eyeota.net/match/bounce/?bid=1mpn7m0&uid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match/bounce/?bid=1mpn7m0&uid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
52.55.144.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-144-0.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/gif
Date
Mon, 14 Aug 2023 12:49:57 GMT
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location
/match/bounce/?bid=1mpn7m0&uid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR
Date
Mon, 14 Aug 2023 12:49:57 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR
id.geistm.com/m/OB/ Frame 6AFB 		0
0
cookie-sync
sync.outbrain.com/ Frame 6AFB
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=outbrain&obUid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
  • https://creativecdn.com/cm-notify?pi=outbrain&obUid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob&tc=1
  • https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=nbVMDximHKFhSA45Jmrh&pi=outbrain&obUid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&gdpr=0&gdpr_consent=&us_privacy=1---&ini...
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=nbVMDximHKFhSA45Jmrh&pi=outbrain&obUid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob&tc=1
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.255 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 12:49:58 GMT
Cache-Control
no-cache
X-TraceId
1b35ec8ea1079f34cc6da43481feb87e
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=nbVMDximHKFhSA45Jmrh&pi=outbrain&obUid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob&tc=1
pragma
no-cache
date
Mon, 14 Aug 2023 12:49:57 GMT, Mon, 14 Aug 2023 12:49:57 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
cookie-sync
sync.outbrain.com/ Frame 6AFB
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=15268&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://sync.outbrain.com/cookie-sync?p=rubicon&uid=LLAVGYIH-G-GET7&obUid=&initiator=&gdpr=0&us_privacy=1---
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=rubicon&uid=LLAVGYIH-G-GET7&obUid=&initiator=&gdpr=0&us_privacy=1---
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.255 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 12:49:57 GMT
Cache-Control
no-cache
X-TraceId
f233a7b3b0230a79a748eb7a01eb483e
Content-Length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.outbrain.com/cookie-sync?p=rubicon&uid=LLAVGYIH-G-GET7&obUid=&initiator=&gdpr=0&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
03d4828e33e22cf7b4098c5a68746480
Expires
0
tpid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR
sync.crwdcntrl.net/map/c=14516/tp=OBRN/ Frame 6AFB 		49 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=14516/tp=OBRN/tpid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.126.51 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-126-51.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:57 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.11.169
content-length
49
expires
0
/
loadus.exelator.com/load/ Frame 6AFB
Redirect Chain
  • https://loadus.exelator.com/load/?p=580&g=2&j=0&buid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR
  • https://loadus.exelator.com/load/?p=580&g=2&j=0&buid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&xl8blockcheck=1
  • https://loadus.exelator.com/load/?p=204&g=750&j=0&buid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&test={%22attributes%22:%20{},%20%22agreedId%22:%20%22%22}
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadus.exelator.com/load/?p=204&g=750&j=0&buid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&test={%22attributes%22:%20{},%20%22agreedId%22:%20%22%22}
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Server
52.0.156.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-156-250.compute-1.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:58 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date
Mon, 14 Aug 2023 12:49:57 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://loadus.exelator.com/load/?p=204&g=750&j=0&buid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&test={"attributes": {}, "agreedId": ""}
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
content-length
0
cookie-sync
sync.outbrain.com/ Frame 6AFB
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193091&cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dindxexcg%26uid%3D%24%7BUSER%7D%26obUid%3DKQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrf...
  • https://sync.outbrain.com/cookie-sync?p=indxexcg&uid=ZNoi9Ggn7zBNSI16aEKdmQAADbsAAAAB&obUid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&gdpr=0&gdpr_consent=&us_privacy=1---&ini...
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=indxexcg&uid=ZNoi9Ggn7zBNSI16aEKdmQAADbsAAAAB&obUid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.255 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 12:49:57 GMT
Cache-Control
no-cache
X-TraceId
4a7341e59a091a7389555225268b0ab4
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Mon, 14 Aug 2023 12:49:57 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://sync.outbrain.com/cookie-sync?p=indxexcg&uid=ZNoi9Ggn7zBNSI16aEKdmQAADbsAAAAB&obUid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
0
Expires
0
68531A78-C812-44CF-A2C6-1C611A476111
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 6AFB
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160065&gdpr=PM_GDPR&gdpr_consent=PM_CONSENT&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160065%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160065&gdpr=PM_GDPR&gdpr_consent=PM_CONSENT&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160065%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%...
  • https://pr-bh.ybp.yahoo.com/sync/pubmatic/68531A78-C812-44CF-A2C6-1C611A476111?gdpr=-1&gdpr_consent=PM_CONSENT
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/68531A78-C812-44CF-A2C6-1C611A476111?gdpr=-1&gdpr_consent=PM_CONSENT
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Server
2600:1f18:4e9:5a02:d83a:9713:23f4:8b03 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:58 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/pubmatic/68531A78-C812-44CF-A2C6-1C611A476111?gdpr=-1&gdpr_consent=PM_CONSENT
date
Mon, 14 Aug 2023 12:49:57 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
137
content-type
text/html; charset=utf-8
cookie-sync
sync.outbrain.com/ Frame 6AFB
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=00df9f64-6f67-4cae-aeb2-d951da52047c&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26initiator%3Dob%26...
  • https://sync.outbrain.com/cookie-sync?p=openx&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob&obUid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&uid=1c5a5359-d717-4f78-844a-cd...
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=openx&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob&obUid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&uid=1c5a5359-d717-4f78-844a-cdbc0485e7ae
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.255 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 12:49:57 GMT
Cache-Control
no-cache
X-TraceId
e7d0c4e72172f8f904210f64a8d87cd1
Content-Length
0

Redirect headers

date
Mon, 14 Aug 2023 12:49:57 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://sync.outbrain.com/cookie-sync?p=openx&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob&obUid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&uid=1c5a5359-d717-4f78-844a-cdbc0485e7ae
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cookie-sync
sync.outbrain.com/ Frame 6AFB
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58523/occ?gdpr=0&gdpr_consent=&us_privacy=1---&redir=true
  • https://sync.outbrain.com/cookie-sync?p=oath&uid=y-ka0IJ91E2uEn8mIOLyAuUA.dc8QajnFTWDzb2vs-~A&gdpr=0
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=oath&uid=y-ka0IJ91E2uEn8mIOLyAuUA.dc8QajnFTWDzb2vs-~A&gdpr=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.255 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 12:49:57 GMT
Cache-Control
no-cache
X-TraceId
e6b829efa4eaffded88e9f4a849df8aa
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/cookie-sync?p=oath&uid=y-ka0IJ91E2uEn8mIOLyAuUA.dc8QajnFTWDzb2vs-~A&gdpr=0
date
Mon, 14 Aug 2023 12:49:57 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
cookie-sync
sync.outbrain.com/ Frame 6AFB
Redirect Chain
  • https://ice.360yield.com/server_match?partner_id=1863&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dimprove_digital%26uid%3D%7BPUB_USER_ID%7D%26obUid%3DKQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5X...
  • https://sync.outbrain.com/cookie-sync?p=improve_digital&uid=9ee49186-746a-4a99-b9ae-326ad01ba3bd&obUid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&gdpr=0&gdpr_consent=&us_priva...
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=improve_digital&uid=9ee49186-746a-4a99-b9ae-326ad01ba3bd&obUid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.255 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 12:49:57 GMT
Cache-Control
no-cache
X-TraceId
ce2a94b312b01501014d78083e6a1946
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/cookie-sync?p=improve_digital&uid=9ee49186-746a-4a99-b9ae-326ad01ba3bd&obUid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
access-control-allow-origin
*
date
Mon, 14 Aug 2023 12:49:57 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cookie-sync
sync.outbrain.com/ Frame 6AFB
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=o&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmaato%26uid%3D%24UID%26obUid%3DKQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR%26gd...
  • https://s.ad.smaato.net/c/?adExInit=o&cookieCheck=1
  • https://sync.outbrain.com/cookie-sync?p=smaato&uid=1d2e13731d&gdpr=0&gdpr_consent=
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=smaato&uid=1d2e13731d&gdpr=0&gdpr_consent=
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.255 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 12:49:58 GMT
Cache-Control
no-cache
X-TraceId
dc760a1c0771ca941904a031d278682c
Content-Length
0

Redirect headers

date
Mon, 14 Aug 2023 12:49:25 GMT
via
1.1 86a640712a72b4264f1681744fa48612.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
JFK50-P6
age
33
x-cache
Hit from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.outbrain.com/cookie-sync?p=smaato&uid=1d2e13731d&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
2ICXyIcphyEXBYSC3iC1sB6aDuhuezuLz1yzIO3IMxLyqRpf-aRyRQ==
cookie-sync
sync.outbrain.com/ Frame 6AFB
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=30&gdpr=0&gdpr_consent=&redirectUri=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmart%26uid%3D%5Bssb_sync_pid%5D%26obUid%3DKQB8uQFQDyTOZj...
  • https://sync.outbrain.com/cookie-sync?p=smart&uid=8978801468337922557&obUid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=smart&uid=8978801468337922557&obUid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.255 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 12:49:57 GMT
Cache-Control
no-cache
X-TraceId
d160b6d1cc48372a241fbc9ce78a0ab7
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/cookie-sync?p=smart&uid=8978801468337922557&obUid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
date
Mon, 14 Aug 2023 12:49:57 GMT
content-length
0
c.gif
c.bing.com/ Frame 6AFB 		42 B
687 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?red3=MSOB_pd&uid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:57 GMT
last-modified
Tue, 06 Jun 2023 17:31:18 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 75562B3012F343918E6258D26254B853 Ref B: MIAEDGE1311 Ref C: 2023-08-14T12:49:57Z
etag
"7cd81bb49c98d91:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
cookie-sync
sync.outbrain.com/ Frame 6AFB
Redirect Chain
  • https://id.rlcdn.com/711945.gif?ct=4&cv=
  • https://sync.outbrain.com/cookie-sync?p=liveramp&uid=&
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=liveramp&uid=&
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.255 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 12:49:58 GMT
Cache-Control
no-cache
X-TraceId
d8422aed2224a086e1b545a9c4ec69b8
Content-Length
0

Redirect headers

date
Mon, 14 Aug 2023 12:49:57 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://sync.outbrain.com/cookie-sync?p=liveramp&uid=&
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cookie-sync
sync.outbrain.com/ Frame 6AFB
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=127&gdpr=0&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcentro%26uid%3D%7BuserId%7D%26obUid%3DKQB8uQFQD...
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=127&gdpr=0&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcentro%26uid%3D%7BuserId%7D%26obUid%3...
  • https://sync.outbrain.com/cookie-sync?p=centro&uid=d6b17afb-b9dc-4997-9b71-8ab66aac7c4f-64da22f6-5553&obUid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&gdpr=0&gdpr_consent=&us_...
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=centro&uid=d6b17afb-b9dc-4997-9b71-8ab66aac7c4f-64da22f6-5553&obUid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.255 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 12:49:58 GMT
Cache-Control
no-cache
X-TraceId
44c4e32ddf3adb34171dc3ecf36528be
Content-Length
0

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:57 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://sync.outbrain.com/cookie-sync?p=centro&uid=d6b17afb-b9dc-4997-9b71-8ab66aac7c4f-64da22f6-5553&obUid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
cookie-sync
sync.outbrain.com/ Frame 6AFB
Redirect Chain
  • https://cms.quantserve.com/pixel/p-cxanv6hYFn1kw.gif?idmatch=0&obUid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://sync.outbrain.com/cookie-sync?p=quantcast&gdpr=0&initiator=ob&obUid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&uid=EknLGRZPyU4JTJ1IHRuCSR0bnUsJTZtJRUSZtJSn
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=quantcast&gdpr=0&initiator=ob&obUid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&uid=EknLGRZPyU4JTJ1IHRuCSR0bnUsJTZtJRUSZtJSn
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.255 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 12:49:58 GMT
Cache-Control
no-cache
X-TraceId
4ccf5320f8d1e0c70d45f2440a4feaec
Content-Length
0

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:58 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://sync.outbrain.com/cookie-sync?p=quantcast&gdpr=0&initiator=ob&obUid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&uid=EknLGRZPyU4JTJ1IHRuCSR0bnUsJTZtJRUSZtJSn
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
cookie-sync
sync.outbrain.com/ Frame 6AFB
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562709&ev=1&us_privacy=${us_privacy}&rurl=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dpulsepoint%26uid%3D%25%25VGUID%25%25%26obUid%3DKQB8uQFQDyTOZjoZ3...
  • https://sync.outbrain.com/cookie-sync?p=pulsepoint&uid=5TsF0pv5gg6c&obUid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob&ev=1&us_...
0
84 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=pulsepoint&uid=5TsF0pv5gg6c&obUid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob&ev=1&us_privacy=${us_privacy}&pid=562709
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.255 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 12:49:58 GMT
Content-Length
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://sync.outbrain.com/cookie-sync?p=pulsepoint&uid=5TsF0pv5gg6c&obUid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob&ev=1&us_privacy=${us_privacy}&pid=562709
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6f79b8d6bf-rnvd6
expires
-1
6.gif
id5-sync.com/c/164/108/4/ Frame 6AFB
Redirect Chain
  • https://id5-sync.com/s/164/9.gif?puid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://id5-sync.com/c/164/164/9/1.gif?puid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F164%2F441%2F8%2F2.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/164/441/8/2.gif?puid=u_86675a2e-1fa3-4d4a-8df3-7774f2fc0697&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=885e676c-3a70-45fe-acfc-e7ad294a43e8&ttl=%%TTL%%
  • https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F164%2F203%2F6%2F4.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/164/203/6/4.gif?puid=43438add-310c-42c6-a606-253d769a587a&gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F164%2F429%2F5%2F5.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/164/429/5/5.gif?puid=68531A78-C812-44CF-A2C6-1C611A476111&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F164%2F108%2F4%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_con...
  • https://id5-sync.com/c/164/108/4/6.gif?puid=729e4ab9-4626-4c72-9437-f28f3a88b1bb&gdpr=0&gdpr_consent=
0
0
cookie-sync
sync.outbrain.com/ Frame 6AFB
Redirect Chain
  • https://cm.rtbsystem.com/usermatch/ob?redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Drtbsystem%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26uid%3D%7Buserid%7D%26initiator%3Dob%2...
  • https://sync.outbrain.com/cookie-sync?p=rtbsystem&gdpr=0&gdpr_consent=&us_privacy=1---&uid=21076d1d-881b-545d-814c-ba9e644f7f34&initiator=ob&obUid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zu...
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=rtbsystem&gdpr=0&gdpr_consent=&us_privacy=1---&uid=21076d1d-881b-545d-814c-ba9e644f7f34&initiator=ob&obUid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.255 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 12:49:58 GMT
Cache-Control
no-cache
X-TraceId
57b869bfae38ff14ffa579c3635369f2
Content-Length
0

Redirect headers

date
Mon, 14 Aug 2023 12:49:58 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1U5WHsV0ntetIFfLJxPKmS0py2iCE%2F24NuraUO31dSnkrHLvVr6FgbHPcyocfCsEfj1Titu1KvzHvsNRAvlj1PCS0GlDOdZKc9d2ZeIdTra4SEuZTopYfuP9vpWTnLC0sMCmg0hg7U5MeI%2FfMSxU"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://sync.outbrain.com/cookie-sync?p=rtbsystem&gdpr=0&gdpr_consent=&us_privacy=1---&uid=21076d1d-881b-545d-814c-ba9e644f7f34&initiator=ob&obUid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR
cf-ray
7f6952222f3ada8f-MIA
alt-svc
h3=":443"; ma=86400
spt
tg1.unrulyvideo.com/api/adserver/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tg1.unrulyvideo.com/api/adserver/spt?AV_TAGID=62af35d851923c62777207b4&AV_PUBLISHERID=603f65a2e291680ef30af9c7&AV_CDIM10=622640
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1402:b800:38::1701:2198 Atlanta, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6a9c7db7515df74d106c7143e79feb5d6b469a9259dc9f3554bf86d91355ef19

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

X-Bamboo-C-SkSt
1
Content-Encoding
gzip
X-Bamboo-C-SkFe
1
X-Bamboo-C-S
BYPASS
Date
Mon, 14 Aug 2023 12:49:56 GMT
Access-Control-Max-Age
1728000
Access-Control-Allow-Methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
Content-Type
text/javascript
Vary
Accept-Encoding
Cache-Control
max-age=300
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
Content-Length
6275
Expires
Mon, 14 Aug 2023 12:54:56 GMT
track
track1.aniview.com/ 		0
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?pid=603f65a2e291680ef30af9c7&cid=6265145b67ce6a604d44ebf5&cb=1692017396539&r=nypost.com&stagid=62af35d851923c62777207b4&stplid=&cd10=622640&e=c9&cd11=3-getSiteData
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.206.193.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-193-111.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:56 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/ 		0
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?pid=603f65a2e291680ef30af9c7&cid=6265145b67ce6a604d44ebf5&cb=1692017396540&r=nypost.com&stagid=62af35d851923c62777207b4&stplid=&cd10=622640&e=c9&cd11=4-loadStudio
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.206.193.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-193-111.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:56 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
usermatch
ssum-sec.casalemedia.com/ Frame 92A6
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
09a75ddba1c72c4a0d225d4039e9c856934811938facfd833e7ab20be1792e8e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1972
Content-Type
text/html
Date
Mon, 14 Aug 2023 12:49:56 GMT
Expires
0
Keep-Alive
timeout=1, max=499
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache

Redirect headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
0
Date
Mon, 14 Aug 2023 12:49:56 GMT
Expires
0
Keep-Alive
timeout=1, max=500
Location
/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
/
match.sharethrough.com/jwumXNuB/v1/ Frame 589C 		427 B
613 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.20.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-20-208.compute-1.amazonaws.com
Software
/
Resource Hash
aa8e08269090ad710622a296f27968a3cd2f465ccec632429e822bc7f1278818

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
427
date
Mon, 14 Aug 2023 12:49:56 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 01F1 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.220.188.195 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-188-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=34070
content-encoding
gzip
content-length
5606
content-type
text/html
date
Mon, 14 Aug 2023 12:49:56 GMT
expires
Mon, 14 Aug 2023 22:17:46 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync
ms-cookie-sync.presage.io/amazon/ Frame 6D9C 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ms-cookie-sync.presage.io/amazon/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dogury.com%26id%3D%24UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-57.ewr50.r.cloudfront.net
Software
/ Express
Resource Hash
ecc2a725e508d883ba357c285bee88d1765ba0672e36d85b1a38a7bcb49c5f00

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Mon, 14 Aug 2023 12:49:56 GMT
Expires
0
Pragma
no-cache
Surrogate-Control
no-store
Transfer-Encoding
chunked
Vary
Accept-Encoding
Via
1.1 64142199656297b56ef863f9ccc0c102.cloudfront.net (CloudFront)
X-Amz-Cf-Id
q4XZ8Hj1RNBgsJOprF_OFpUikCsrXgKopA-HURf-AWgPC2dfmWueEA==
X-Amz-Cf-Pop
EWR50-C1
X-Cache
Miss from cloudfront
X-Powered-By
Express
usync.html
eus.rubiconproject.com/ Frame 7D8D 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.126.114.69 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-114-69.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 14 Aug 2023 12:49:56 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ping.gif
prd.jwpltx.com/v1/jwplayer6/ 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prd.jwpltx.com/v1/jwplayer6/ping.gif?h=-1734454408&e=e&n=4863187321606868&abc=0&abt=128_sendDomainToFeedsOn&aid=wExvYnLyEeyygEIIgluVXw&amp=0&ask=FTyzwZMf&at=1&c=1&ccp=0&cp=0&d=1&eb=0&ed=6&emi=1bm2gucf42io&i=0&id=ScrNykYo&lid=fv1g2g1ei5g1&lsa=read&mt=1&pbd=1&pbr=1&pgi=165shgxsi7j7&ph=1&pid=SPdDOYds&pii=0&pl=413&plc=1&pli=11ybb8kg0o77&pp=hlsjs&ppm=VOD&prc=1&ps=4&pss=1&pt=Secret%20Service%20tracking%20Onlyfans%2C%20Twitch%2C%20Pinterest%20websites&pu=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&pv=8.27.1&pyc=0&s=1&sdk=0&stc=1&stpe=0&t=Today%27s%20Video%20Headlines%3A%208%2F13%2F23&tv=3.43.0&vb=1&vi=0.92&vl=90&wd=734&ab=1&cae=0&cb=0&cdid=jw-player-SPdDOYds-W5xXwQyA&cme=0&dd=0&fed=W5xXwQyA&flc=1&fv=&ga=1&lng=en-US&mk=hls&mu=https%3A%2F%2Fcdn.jwplayer.com%2Fmanifests%2FScrNykYo.m3u8&pbc=0&pd=2&pdr=&plng=en-US&plt=4300&pni=1&po=0&pogt=Secret%20Service%20tracking%20OnlyFans%2C%20Pinterest%2C%20Twitch%20websites%2C%20documents%20reveal&rf=%2F%2Fcdn.jwplayer.com%2Fv2%2Fplaylists%2FToq2ZZoq%3Frelated_media_id%3DMEDIAID&sn=%7B%22name%22%3A%22nyp%22%2C%22url%22%3A%22https%3A%2F%2Fnypost.com%2Fwp-content%2Fplugins%2Fnyp-video-player%2Fbuild%2Fcss%2Fjw-player-skin.min.css%3F4b14b722bb788c325d45%22%7D&sp=0&st=2340&sa=1692017395574
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-served-by
cache-mia-kmia1760020-MIA
date
Mon, 14 Aug 2023 12:49:56 GMT
via
1.1 varnish
server
nginx
accept-ranges
bytes
x-cache
MISS
x-cache-hits
0
ping.gif
prd.jwpltx.com/v1/jwplayer6/ 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prd.jwpltx.com/v1/jwplayer6/ping.gif?h=977817972&e=pa&n=5057833009451533&abc=0&abt=128_sendDomainToFeedsOn&aid=wExvYnLyEeyygEIIgluVXw&amp=0&ask=FTyzwZMf&at=1&c=1&ccp=0&cp=0&d=1&eb=0&ed=6&emi=1bm2gucf42io&i=0&id=ScrNykYo&lid=fv1g2g1ei5g1&lsa=read&mt=1&pbd=1&pbr=1&pgi=165shgxsi7j7&ph=1&pid=SPdDOYds&pii=0&pl=413&plc=1&pli=11ybb8kg0o77&pp=hlsjs&ppm=VOD&prc=1&ps=4&pss=1&pt=Secret%20Service%20tracking%20Onlyfans%2C%20Twitch%2C%20Pinterest%20websites&pu=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&pv=8.27.1&pyc=0&s=1&sdk=0&stc=1&stpe=0&t=Today%27s%20Video%20Headlines%3A%208%2F13%2F23&tv=3.43.0&vb=1&vi=0.92&vl=90&wd=734&ab=1&cme=0&fed=W5xXwQyA&flc=1&lng=en-US&mu=https%3A%2F%2Fcdn.jwplayer.com%2Fmanifests%2FScrNykYo.m3u8&pd=2&pdr=&plng=en-US&pni=1&pogt=Secret%20Service%20tracking%20OnlyFans%2C%20Pinterest%2C%20Twitch%20websites%2C%20documents%20reveal&pr=2&tb=0&vd=54&sa=1692017396600
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-served-by
cache-mia-kmia1760020-MIA
date
Mon, 14 Aug 2023 12:49:56 GMT
via
1.1 varnish
server
nginx
accept-ranges
bytes
x-cache
MISS
x-cache-hits
0
ping.gif
prd.jwpltx.com/v1/clienta/ 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prd.jwpltx.com/v1/clienta/ping.gif?h=185536612&e=ar&n=2835113760094765&abc=1&abt=128_sendDomainToFeedsOn&aid=wExvYnLyEeyygEIIgluVXw&amp=0&ask=FTyzwZMf&at=1&c=1&ccp=0&cp=0&d=1&eb=0&ed=6&emi=1bm2gucf42io&i=0&id=ScrNykYo&lid=fv1g2g1ei5g1&lsa=read&mt=1&pbd=1&pbr=1&pgi=165shgxsi7j7&ph=1&pid=SPdDOYds&pii=0&pl=413&plc=1&pli=11ybb8kg0o77&pp=hlsjs&ppm=VOD&prc=1&ps=4&pss=1&pt=Secret%20Service%20tracking%20Onlyfans%2C%20Twitch%2C%20Pinterest%20websites&pu=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&pv=8.27.1&pyc=0&s=1&sdk=0&stc=1&stpe=0&t=Today%27s%20Video%20Headlines%3A%208%2F13%2F23&tv=3.43.0&vb=1&vi=0.92&vl=90&wd=734&ab=1&abid=n7tesuc6j9d5&adi=n7tesuc6j9d5&apid=n7tesuc6j9d5&awi=1&awc=1&p=0&pc=0&pi=0&pr=2&vu=securepubads.g.doubleclick.net&apt=1&fed=W5xXwQyA&rtp=%7B%7D&sa=1692017396614
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-served-by
cache-mia-kmia1760020-MIA
date
Mon, 14 Aug 2023 12:49:56 GMT
via
1.1 varnish
server
nginx
accept-ranges
bytes
x-cache
MISS
x-cache-hits
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=nypost.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ping.gif
prd.jwpltx.com/v1/jwplayer6/ 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prd.jwpltx.com/v1/jwplayer6/ping.gif?h=139449200&e=bs&n=4436828480863546&abc=1&abt=128_sendDomainToFeedsOn&aid=wExvYnLyEeyygEIIgluVXw&amp=0&ask=FTyzwZMf&at=1&c=1&ccp=0&cp=0&d=1&eb=0&ed=6&emi=1bm2gucf42io&i=0&id=ScrNykYo&lid=fv1g2g1ei5g1&lsa=read&mt=1&pbd=1&pbr=1&pgi=165shgxsi7j7&ph=1&pid=SPdDOYds&pii=0&pl=413&plc=1&pli=11ybb8kg0o77&pp=hlsjs&ppm=VOD&prc=1&ps=4&pss=1&pt=Secret%20Service%20tracking%20Onlyfans%2C%20Twitch%2C%20Pinterest%20websites&pu=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&pv=8.27.1&pyc=0&s=1&sdk=0&stc=1&stpe=0&t=Today%27s%20Video%20Headlines%3A%208%2F13%2F23&tv=3.43.0&vb=1&vi=0.92&vl=90&wd=734&fed=Toq2ZZoq&fid=5d01c429-e0cf-49c6-bde9-22366191105d&ft=FEED&mu=https%3A%2F%2Fcdn.jwplayer.com%2Fmanifests%2FScrNykYo.m3u8&os=1&sa=1692017396696
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-served-by
cache-mia-kmia1760020-MIA
date
Mon, 14 Aug 2023 12:49:56 GMT
via
1.1 varnish
server
nginx
accept-ranges
bytes
x-cache
MISS
x-cache-hits
0
usersync
usersync.gumgum.com/ Frame 93CF
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=6125384915149995829
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=6125384915149995829
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 14 Aug 2023 12:49:57 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:56 GMT
an-x-request-uuid
39456f8e-b4b3-4ae0-b208-27a4378530b4
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=6125384915149995829
x-proxy-origin
38.132.118.69; 38.132.118.69; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
x.bidswitch.net/ Frame 93CF 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_86675a2e-1fa3-4d4a-8df3-7774f2fc0697&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 12:49:56 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
cookie-sync
sync.outbrain.com/ Frame 93CF
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRd...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_86675a2e-1fa3-4d4a-8df3-7774f2fc0697&obuid=ENC(KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR)
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=icco6m5&ttd_tpi=1&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&initiator=platform
  • https://sync.outbrain.com/cookie-sync?p=ttd&uid=885e676c-3a70-45fe-acfc-e7ad294a43e8&gdpr=0&gdpr_consent=
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=ttd&uid=885e676c-3a70-45fe-acfc-e7ad294a43e8&gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
64.202.112.255 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 12:49:58 GMT
Cache-Control
no-cache
X-TraceId
92226ea46061f08aefc7330a786bd505
Content-Length
0

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:58 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.outbrain.com/cookie-sync?p=ttd&uid=885e676c-3a70-45fe-acfc-e7ad294a43e8&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
241
usersync
usersync.gumgum.com/ Frame 93CF
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=5b76de2e-80ec-4ad2-805e-8ffc746e21c3
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=5b76de2e-80ec-4ad2-805e-8ffc746e21c3
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 14 Aug 2023 12:49:57 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Mon, 14 Aug 2023 12:49:56 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=5b76de2e-80ec-4ad2-805e-8ffc746e21c3
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 93CF
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-68641954-ff85-58a9-70a8-0a45c4c12580$ip$38.132.118.69
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-68641954-ff85-58a9-70a8-0a45c4c12580$ip$38.132.118.69
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 14 Aug 2023 12:49:57 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-68641954-ff85-58a9-70a8-0a45c4c12580$ip$38.132.118.69
Date
Mon, 14 Aug 2023 12:49:57 GMT
Connection
keep-alive
Content-Length
127
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 93CF
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-g0h5iOhE2pdGVwTOIN5GymOFzUzRgGbF9SSs~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-g0h5iOhE2pdGVwTOIN5GymOFzUzRgGbF9SSs~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 14 Aug 2023 12:49:57 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Mon, 14 Aug 2023 12:49:57 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-g0h5iOhE2pdGVwTOIN5GymOFzUzRgGbF9SSs~A
content-length
0
usersync
usersync.gumgum.com/ Frame 93CF
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%...
  • https://usersync.gumgum.com/usersync?b=vnt&i=bd84f5ab-78b1-42b1-95ee-05bf6d810cd4
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=bd84f5ab-78b1-42b1-95ee-05bf6d810cd4
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 14 Aug 2023 12:49:57 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=bd84f5ab-78b1-42b1-95ee-05bf6d810cd4
Date
Mon, 14 Aug 2023 12:49:57 GMT
Connection
keep-alive
X-CI-RTID
331cb279-3aa5-49b2-a5a4-d98c7f3e9be0
Content-Length
108
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 93CF
Redirect Chain
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
  • https://usersync.gumgum.com/usersync?b=snc&i=2129E09A41B14F3196FBE4892007BDC9
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=snc&i=2129E09A41B14F3196FBE4892007BDC9
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 14 Aug 2023 12:49:57 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Mon, 14 Aug 2023 12:49:57 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
text/plain; charset=utf-8
location
https://usersync.gumgum.com/usersync?b=snc&i=2129E09A41B14F3196FBE4892007BDC9
access-control-allow-origin
https://rtb.gumgum.com/
x-varnish
786156647
access-control-allow-credentials
true
content-length
0
142
match.deepintent.com/usersync/ Frame 93CF 		0
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 14 Aug 2023 12:49:56 GMT
server
c
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
usersync
usersync.gumgum.com/ Frame 93CF
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_86675a2e-1fa3-4d4a-8df3-7774f2fc0697&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=JJ-Bcr2ZgPSZovj0FZ9P&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHVFEULKCMNZDEWTHKBJVU33WNIYEMWRZKA
  • https://usersync.gumgum.com/usersync?b=zem&i=JJ-Bcr2ZgPSZovj0FZ9P
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=JJ-Bcr2ZgPSZovj0FZ9P
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 14 Aug 2023 12:49:57 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 14 Aug 2023 12:49:57 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&i=JJ-Bcr2ZgPSZovj0FZ9P
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
92
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 93CF
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=9ee49186-746a-4a99-b9ae-326ad01ba3bd
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=9ee49186-746a-4a99-b9ae-326ad01ba3bd
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 14 Aug 2023 12:49:57 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=9ee49186-746a-4a99-b9ae-326ad01ba3bd
access-control-allow-origin
*
date
Mon, 14 Aug 2023 12:49:57 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame 93CF
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=5TsF0pv5gg6c&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=5TsF0pv5gg6c&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 14 Aug 2023 12:49:57 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://usersync.gumgum.com/usersync?b=pln&i=5TsF0pv5gg6c&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6f79b8d6bf-rnvd6
expires
-1
usersync
usersync.gumgum.com/ Frame 93CF
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=3638863415130825203
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=3638863415130825203
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 14 Aug 2023 12:49:57 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=3638863415130825203
date
Mon, 14 Aug 2023 12:49:56 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 93CF 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=gg.com&id=u_86675a2e-1fa3-4d4a-8df3-7774f2fc0697
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Aug 2023 12:49:57 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
GQS8M42SXYABGVB3C8PF
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
visitormatch
bh.contextweb.com/ Frame F454
Redirect Chain
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
828 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.131 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
e6d7cdc0e48a00ec3c1470d275f7ae086c3b20237d22ee648738b5ff27d34c11
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cache-control
private, max-age=0, no-cache, no-store
content-language
en-US
content-length
828
content-type
text/html;charset=iso-8859-1
cw-server
bh-deployment-6f79b8d6bf-rnvd6
expires
-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(10.0.14)
strict-transport-security
max-age=15768000

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cache-control
private, max-age=0, no-cache, no-store
content-language
en-US
cw-server
bh-deployment-6f79b8d6bf-rnvd6
expires
-1
location
/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(10.0.14)
strict-transport-security
max-age=15768000
ecm3
s.amazon-adsystem.com/ Frame 09E2
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1SX2JHaWZWRTJ1SkJjUkZLRkhQX2RDbnBxTkM5VWJYS35B
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1SX2JHaWZWRTJ1SkJjUkZLRkhQX2RDbnBxTkM5VWJYS35B
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 14 Aug 2023 12:49:57 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
GH454RE88SGVCGJS5N61

Redirect headers

age
0
content-length
0
date
Mon, 14 Aug 2023 12:49:56 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1SX2JHaWZWRTJ1SkJjUkZLRkhQX2RDbnBxTkM5VWJYS35B
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.75
strict-transport-security
max-age=31536000
cm
u.openx.net/w/1.0/ Frame 74B7 		693 B
828 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
3a457efb10b3a5870e08f51aa64c8dde162aed9176abf6c048829b52ddbab1f6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
402
content-type
text/html
date
Mon, 14 Aug 2023 12:49:56 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
ecm3
s.amazon-adsystem.com/ Frame 32F3
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
  • https://s.amazon-adsystem.com/ecm3?id=6125384915149995829&ex=appnexus.com
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=6125384915149995829&ex=appnexus.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 14 Aug 2023 12:49:56 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
TFXBC3443YXNT8E2QBCY

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
5f29bf1b-f9b1-41e5-8da3-fdf8431d3cd6
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Mon, 14 Aug 2023 12:49:56 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://s.amazon-adsystem.com/ecm3?id=6125384915149995829&ex=appnexus.com
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
38.132.118.69; 38.132.118.69; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
jquery.js
nypost.com/wp-includes/js/jquery/ Frame C321 		282 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-includes/js/jquery/jquery.js
Requested by
Host: nypost.com
URL: https://nypost.com/wp-content/plugins/nyp-zephr/build/app.bundle.min.js?ver=fff68af0505af779fefa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
8c3010509fc7480b59413a90d69e9fafcb3d5aa202faf7862466f6bb8be1a335
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 08 Aug 2023 19:46:09 GMT
server
nginx
x-rq
mia6 96 185 443
etag
W/"64d29b81-46758"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
embed.bundle.min.js
nypost.com/wp-content/plugins/nyp-zephr/build/ Frame C321 		193 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/plugins/nyp-zephr/build/embed.bundle.min.js?ver=fff68af0505af779fefa
Requested by
Host: nypost.com
URL: https://nypost.com/wp-content/plugins/nyp-zephr/build/app.bundle.min.js?ver=fff68af0505af779fefa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
2ac99eac10f56ef7bbcbba6c1042b6fd053ec0b2dc0eb27cc72cfe67b49718aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 08 Aug 2023 18:47:49 GMT
server
nginx
x-rq
mia6 96 184 443
etag
W/"64d28dd5-30588"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame C321 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: nypost.com
URL: https://nypost.com/wp-content/plugins/nyp-zephr/build/app.bundle.min.js?ver=fff68af0505af779fefa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
625
age
8796638
cdn-cachedat
07/15/2022 17:39:48
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
server
cloudflare
etag
W/"269550530cc127b6aa5a35925a7de6ce"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
fd988eff7e18a1438cab136d55eb10e6
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
7f69521aee3531f8-MIA
cdn-requestpullsuccess
True
uel0ekt.css
use.typekit.net/ Frame C321 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/uel0ekt.css
Requested by
Host: nypost.com
URL: https://nypost.com/wp-content/plugins/nyp-zephr/build/app.bundle.min.js?ver=fff68af0505af779fefa
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8252 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
bd65610919da8526de9e3bb65a1ef9414a83990e0c5e7c275392627e6a43bc63
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Mon, 14 Aug 2023 12:49:56 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1047
63237e73b55d8.png
media.sailthru.com/6uu/1k6/9/f/ Frame C321 		115 KB
115 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.sailthru.com/6uu/1k6/9/f/63237e73b55d8.png
Requested by
Host: nypost.com
URL: https://nypost.com/wp-content/plugins/nyp-zephr/build/app.bundle.min.js?ver=fff68af0505af779fefa
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-37.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5547ff8e64fb15bda9d94f9d8c28f7dd20c79de2cbcd64f954a5d079a7704315

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 11:34:40 GMT
Via
1.1 e23983892b1c8fb4d47f943c0ee29028.cloudfront.net (CloudFront)
Last-Modified
Thu, 15 Sep 2022 19:35:16 GMT
Server
AmazonS3
X-Amz-Cf-Pop
JFK50-P4
Age
35012
ETag
"a9599a3896cc5133e1d3d010b0e57888"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
117529
X-Amz-Cf-Id
QJqVf-kRxj2pSWphNvD9RGGPuwMyG6edxV6c8fz630EqFGr-C_LeMA==
63237e7d45722.png
media.sailthru.com/6uu/1k6/9/f/ Frame C321 		106 KB
106 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.sailthru.com/6uu/1k6/9/f/63237e7d45722.png
Requested by
Host: nypost.com
URL: https://nypost.com/wp-content/plugins/nyp-zephr/build/app.bundle.min.js?ver=fff68af0505af779fefa
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-37.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
54e8767ac25a959fb54be018ff5c4930b775a7b497aa6dea85ba223ab9fbf0b1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 09:05:41 GMT
Via
1.1 534f7e815b25f5cd40ef32ea39fc9a8c.cloudfront.net (CloudFront)
Last-Modified
Thu, 15 Sep 2022 19:35:26 GMT
Server
AmazonS3
X-Amz-Cf-Pop
JFK50-P4
Age
13456
ETag
"be2b46860daef5a611958f78582c7df7"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
108242
X-Amz-Cf-Id
oAc7jelaVimW_EyBeIxn-uGmh2K__q2JT-ap8yfH6EJbmnXhgaTieA==
63237e73b55d8.png
media.sailthru.com/6uu/1k6/9/f/ 		115 KB
115 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.sailthru.com/6uu/1k6/9/f/63237e73b55d8.png
Requested by
Host: nypost.com
URL: https://nypost.com/wp-content/plugins/nyp-zephr/build/app.bundle.min.js?ver=fff68af0505af779fefa
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-37.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5547ff8e64fb15bda9d94f9d8c28f7dd20c79de2cbcd64f954a5d079a7704315

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 11:34:40 GMT
Via
1.1 8ee187646f657ced7afa83005e9249cc.cloudfront.net (CloudFront)
Last-Modified
Thu, 15 Sep 2022 19:35:16 GMT
Server
AmazonS3
X-Amz-Cf-Pop
JFK50-P4
Age
35012
ETag
"a9599a3896cc5133e1d3d010b0e57888"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
117529
X-Amz-Cf-Id
6QH-3jprhAvZMDYPNQ3yNl3RylAvOQaxYoBmT8O7qk08J4sNchE-pw==
63237e7d45722.png
media.sailthru.com/6uu/1k6/9/f/ 		106 KB
106 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.sailthru.com/6uu/1k6/9/f/63237e7d45722.png
Requested by
Host: nypost.com
URL: https://nypost.com/wp-content/plugins/nyp-zephr/build/app.bundle.min.js?ver=fff68af0505af779fefa
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-37.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
54e8767ac25a959fb54be018ff5c4930b775a7b497aa6dea85ba223ab9fbf0b1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 09:05:41 GMT
Via
1.1 d60ae27dae636821c1e43441a8146e02.cloudfront.net (CloudFront)
Last-Modified
Thu, 15 Sep 2022 19:35:26 GMT
Server
AmazonS3
X-Amz-Cf-Pop
JFK50-P4
Age
13456
ETag
"be2b46860daef5a611958f78582c7df7"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
108242
X-Amz-Cf-Id
rkhZvqj36HTNAh1MSQFMo6_8jzBlO4ObY4zfnpDZCWDoeECbDYlMdw==
sid
mug.criteo.com/ Frame 3F7D
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=nypost.com&sn=ChromeSyncframe&so=0&topUrl=nypost.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=ItI8GnxEZGpQSnFMK3B6OStqb2JUU2NodlJvcGNqMVhERFZ3cVgrbEk0c3ArYS9FajZUMEcrMmFESTVpSVBmNndkTFBicFg4cWxSYy9Nc2RCaWlJMnMzcTNsd0JkR2Flcm9lZnF4NlB2TTZGNW0xaW1xWlRoYUtxY3BMbW...
433 B
651 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=ItI8GnxEZGpQSnFMK3B6OStqb2JUU2NodlJvcGNqMVhERFZ3cVgrbEk0c3ArYS9FajZUMEcrMmFESTVpSVBmNndkTFBicFg4cWxSYy9Nc2RCaWlJMnMzcTNsd0JkR2Flcm9lZnF4NlB2TTZGNW0xaW1xWlRoYUtxY3BMbWllRFdMbjFueGtKejZWNnQ5Q0ZXdmpFYldnSWZMMGJ1SlpJK2JHcnNicGVYZUlqOFlQQkVwVElCUFllK1RiS25USERtdXovWURXbnFVbTA2N3hXWlFWT01YR24rMW9aNkVSV0hMSTVJbWhUbkU0QkZDMW8wd1FNQzE4RVBlc2hRcklJMjhxNlhKMlBXSXNNd1dsVmxOVXoyWWxBa0hXdz09fA&cppv=2
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
768baa590e2ee9426373fc093573c4efb99a76db192592051578e2ad47d511a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:56 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1205990
expires
0

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:56 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=ItI8GnxEZGpQSnFMK3B6OStqb2JUU2NodlJvcGNqMVhERFZ3cVgrbEk0c3ArYS9FajZUMEcrMmFESTVpSVBmNndkTFBicFg4cWxSYy9Nc2RCaWlJMnMzcTNsd0JkR2Flcm9lZnF4NlB2TTZGNW0xaW1xWlRoYUtxY3BMbWllRFdMbjFueGtKejZWNnQ5Q0ZXdmpFYldnSWZMMGJ1SlpJK2JHcnNicGVYZUlqOFlQQkVwVElCUFllK1RiS25USERtdXovWURXbnFVbTA2N3hXWlFWT01YR24rMW9aNkVSV0hMSTVJbWhUbkU0QkZDMW8wd1FNQzE4RVBlc2hRcklJMjhxNlhKMlBXSXNNd1dsVmxOVXoyWWxBa0hXdz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
271877
content-length
0
expires
0
usersync
usersync.gumgum.com/ Frame 32DD
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=ZNoi9QAIevMY0AAN
  • https://usersync.gumgum.com/usersync?b=atm&i=ZNoi9QAIevMY0AAN&gdpr=&gdpr_consent=&_test=ZNoi9QAIevMY0AAN
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=ZNoi9QAIevMY0AAN&gdpr=&gdpr_consent=&_test=ZNoi9QAIevMY0AAN
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 14 Aug 2023 12:49:57 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Mon, 14 Aug 2023 12:49:57 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=ZNoi9QAIevMY0AAN&gdpr=&gdpr_consent=&_test=ZNoi9QAIevMY0AAN
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-mia-kmia1760097-MIA
x-timer
S1692017397.057760,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame B527 		170 B
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV84NjY3NWEyZS0xZmEzLTRkNGEtOGRmMy03Nzc0ZjJmYzA2OTc=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.41.2 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Mon, 14 Aug 2023 12:49:56 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A8B5 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.220.188.195 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-188-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=34070
content-encoding
gzip
content-length
5606
content-type
text/html
date
Mon, 14 Aug 2023 12:49:56 GMT
expires
Mon, 14 Aug 2023 22:17:46 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame ECA0
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=885e676c-3a70-45fe-acfc-e7ad294a43e8
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=885e676c-3a70-45fe-acfc-e7ad294a43e8
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 14 Aug 2023 12:49:57 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
private,no-cache, must-revalidate
content-length
193
content-type
text/html
date
Mon, 14 Aug 2023 12:49:56 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=885e676c-3a70-45fe-acfc-e7ad294a43e8
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usersync
usersync.gumgum.com/ Frame 6AD3
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZNoi9cCo8X8AAGiFsigAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZNoi9cCo8X8AAGiFsigAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 14 Aug 2023 12:49:57 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Mon, 14 Aug 2023 12:49:57 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZNoi9cCo8X8AAGiFsigAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
4
X-SO-Cluster-ID
0
X-SO-HostName
m-ad349.dc4p.scaleout.jp
X-SO-IP
38.132.118.69
X-SO-Key
ZNoi9cCo8X8AAGiFsigAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"38.132.118.69","key":"ZNoi9cCo8X8AAGiFsigAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad349"}
X-SO-LB-Hostname
m-tgng27.dc4p.scaleout.jp
X-SO-Upstream-ID
m-ad349
7567b56bcfff0528283ebff56692c7612ca91a6
rebelhen.com/2d7d64b0ea712/ 		3 KB
944 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rebelhen.com/2d7d64b0ea712/7567b56bcfff0528283ebff56692c7612ca91a6
Requested by
Host: rebelhen.com
URL: https://rebelhen.com/v2csnUsFoH1XR1oW51-C6NQBdGmIS6hRimi-eyRebi0VRmqDrwM_hCHQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:7416::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
fc33f3f191b216e95a86146f0bc9afa4600c1c2d52ef3bf2ffd67b03c2a419a8
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
gzip
via
1.1 google
date
Mon, 14 Aug 2023 12:49:56 GMT
x-buildnumber
960914163
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
918
x-datacenter
gce-us-east1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nypost.com
x-hostname
fen-hoothoot-us-east1-test-jrrc
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
ecm3
s.amazon-adsystem.com/ Frame A49A
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=689661242672352996219
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=689661242672352996219
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 14 Aug 2023 12:49:57 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
1Z6507N0D9SC1TRGXGS9

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Mon, 14 Aug 2023 12:49:57 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=689661242672352996219
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
ecm3
s.amazon-adsystem.com/ Frame 589C 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=2e7556fa-d433-4e40-9dcf-8adfe374e481
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Aug 2023 12:49:56 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
5DRFDJHP3HGDGFAB9DAT
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
partner
sync.search.spotxchange.com/ Frame 589C
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1
  • https://sync.search.spotxchange.com/partner?adv_id=8499&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3Dk1jJghvBi79yX1NZ2sM5fXrm%26source_user_id%3D%24SPOTX_USER_ID
0
0
v1
match.sharethrough.com/sync/ Frame 589C
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=885e676c-3a70-45fe-acfc-e7ad294a43e8&gdpr=0&gdpr_consent=
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=885e676c-3a70-45fe-acfc-e7ad294a43e8&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
18.214.20.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-20-208.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:57 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:57 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=885e676c-3a70-45fe-acfc-e7ad294a43e8&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
v1
match.sharethrough.com/sync/ Frame 589C
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3
  • https://secure.adnxs.com/getuid?https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=$UID
  • https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=6125384915149995829
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=6125384915149995829
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
18.214.20.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-20-208.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:57 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:57 GMT
an-x-request-uuid
9862dbf0-7112-4bec-bb90-6103fcd081ff
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=6125384915149995829
x-proxy-origin
38.132.118.69; 38.132.118.69; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
match.sharethrough.com/sync/ Frame 589C
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=885e676c-3a70-45fe-acfc-e7ad294a43e8&gdpr=0&gdpr_consent=
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=885e676c-3a70-45fe-acfc-e7ad294a43e8&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
18.214.20.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-20-208.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:57 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:57 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=885e676c-3a70-45fe-acfc-e7ad294a43e8&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
gumgum
cs.admanmedia.com/sync/ Frame 783A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.admanmedia.com/sync/gumgum?puid=u_86675a2e-1fa3-4d4a-8df3-7774f2fc0697&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.77.87.166 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Date
Mon, 14 Aug 2023 12:50:00 GMT
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
usermatchredir
ssum-sec.casalemedia.com/ Frame 0641 		43 B
766 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 14 Aug 2023 12:49:56 GMT
Expires
0
Keep-Alive
timeout=1, max=498
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
usersync
usersync.gumgum.com/ Frame 9927
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=nbVMDximHKFhSA45Jmrh&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=nbVMDximHKFhSA45Jmrh&pi=gumgum&tc=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 14 Aug 2023 12:49:57 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Mon, 14 Aug 2023 12:49:57 GMT Mon, 14 Aug 2023 12:49:57 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=nbVMDximHKFhSA45Jmrh&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 2EA6
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.126.114.69 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-114-69.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 14 Aug 2023 12:49:57 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 14 Aug 2023 12:49:57 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
ecm3
s.amazon-adsystem.com/ Frame 6D9C 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=ogury.com&id=92facfc4-3510-4a84-be3c-4a9e5b742301
Requested by
Host: ms-cookie-sync.presage.io
URL: https://ms-cookie-sync.presage.io/amazon/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dogury.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ms-cookie-sync.presage.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Aug 2023 12:49:57 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
731HKY84DKKFM4PKPYKR
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
bid-switch
ms-cookie-sync.presage.io/v1/init-sync/ Frame 6D9C 		35 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ms-cookie-sync.presage.io/v1/init-sync/bid-switch?iab_string=undefined&web_uid=92facfc4-3510-4a84-be3c-4a9e5b742301&source=tam
Requested by
Host: ms-cookie-sync.presage.io
URL: https://ms-cookie-sync.presage.io/amazon/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dogury.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-57.ewr50.r.cloudfront.net
Software
/ Express
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ms-cookie-sync.presage.io/amazon/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dogury.com%26id%3D%24UID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 12:49:56 GMT
Via
1.1 64142199656297b56ef863f9ccc0c102.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
EWR50-C1
X-Powered-By
Express
Surrogate-Control
no-store
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
35
Pragma
no-cache
Last-Modified
Wed, 02 Aug 2023 09:57:27 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Accept-Ranges
bytes
X-Amz-Cf-Id
raq50Fu-ZSTP_1Rt8VV02pP898LCB8vIc1wWllBUENldg35pSRvUMw==
Expires
0
init-sync
ms-cookie-sync.presage.io/ttd/ Frame 6D9C 		35 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ms-cookie-sync.presage.io/ttd/init-sync?iab_string=undefined&web_uid=92facfc4-3510-4a84-be3c-4a9e5b742301&source=tam
Requested by
Host: ms-cookie-sync.presage.io
URL: https://ms-cookie-sync.presage.io/amazon/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dogury.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-57.ewr50.r.cloudfront.net
Software
/ Express
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ms-cookie-sync.presage.io/amazon/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dogury.com%26id%3D%24UID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 12:49:57 GMT
Via
1.1 64142199656297b56ef863f9ccc0c102.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
EWR50-C1
X-Powered-By
Express
Surrogate-Control
no-store
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
35
Pragma
no-cache
Last-Modified
Wed, 02 Aug 2023 09:57:27 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Accept-Ranges
bytes
X-Amz-Cf-Id
NTbbd9SB5zqBJGA-AF0AESxTnMubJhHD0MGa8aY3Lm705vGtRY2nIg==
Expires
0
init-sync
ms-cookie-sync.presage.io/xandr/ Frame 6D9C 		35 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ms-cookie-sync.presage.io/xandr/init-sync?iab_string=undefined&web_uid=92facfc4-3510-4a84-be3c-4a9e5b742301&source=tam
Requested by
Host: ms-cookie-sync.presage.io
URL: https://ms-cookie-sync.presage.io/amazon/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dogury.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-57.ewr50.r.cloudfront.net
Software
/ Express
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ms-cookie-sync.presage.io/amazon/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dogury.com%26id%3D%24UID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 12:49:57 GMT
Via
1.1 64142199656297b56ef863f9ccc0c102.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
EWR50-C1
X-Powered-By
Express
Surrogate-Control
no-store
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
35
Pragma
no-cache
Last-Modified
Wed, 02 Aug 2023 09:57:27 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Accept-Ranges
bytes
X-Amz-Cf-Id
C4FETmmeLx-Za1pd0KcUXQ6HhOJSkZ9w0_RK1ORikUmEY76O-qR_Cw==
Expires
0
usync.js
eus.rubiconproject.com/ Frame 7D8D 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.126.114.69 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-114-69.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
79174ee77b6396cce4fcb7cb25caa2eef27936e6d5dc920a88ea4dfe47e179cb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 12:49:57 GMT
Content-Encoding
gzip
Last-Modified
Mon, 14 Aug 2023 09:42:34 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=75190
Connection
keep-alive
Content-Length
10116
Expires
Tue, 15 Aug 2023 09:43:07 GMT
ecm3
s.amazon-adsystem.com/ Frame 74B7 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=f49d0623-b453-c97e-272b-1d86d40deb65
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Aug 2023 12:49:57 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
5AGV6RWTS83MD10YF18N
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
388c1c1a-3855-e0cd-d6f2-89e44369edcc
pr-bh.ybp.yahoo.com/sync/openx/ Frame 74B7 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/388c1c1a-3855-e0cd-d6f2-89e44369edcc?gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:d83a:9713:23f4:8b03 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:57 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
dcm
s.amazon-adsystem.com/ Frame 74B7 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=f49d0623-b453-c97e-272b-1d86d40deb65
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Aug 2023 12:49:57 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
X3Z35MWQY3SEQD1CW01H
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 74B7
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=ac4b7a5e-a8f9-7284-e725-9f11bc3e2085&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=885e676c-3a70-45fe-acfc-e7ad294a43e8&ttd_puid=ac4b7a5e-a8f9-7284-e725-9f11bc3e2085&gdpr=0&gdpr_consent=
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=885e676c-3a70-45fe-acfc-e7ad294a43e8&ttd_puid=ac4b7a5e-a8f9-7284-e725-9f11bc3e2085&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:57 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:57 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=885e676c-3a70-45fe-acfc-e7ad294a43e8&ttd_puid=ac4b7a5e-a8f9-7284-e725-9f11bc3e2085&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
335
pixel
cm.g.doubleclick.net/ Frame 74B7 		170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODAyNGE5OTQtNjE4ZS0yYzIwLWYyYzUtYzVhODc2ZGNlZWU1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.41.2 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 74B7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJPUXmYjtUuOnEaEzHaoiis&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJPUXmYjtUuOnEaEzHaoiis&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:57 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:57 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJPUXmYjtUuOnEaEzHaoiis&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 92A6
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZNoi9Ggn7zBNSI16aEKdmQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEN9If2Mz8By4UQ2Yjy2CZQY&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEN9If2Mz8By4UQ2Yjy2CZQY&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Aug 2023 12:49:57 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:57 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEN9If2Mz8By4UQ2Yjy2CZQY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 92A6 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZNoi9Ggn7zBNSI16aEKdmQAADbsAAAAB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Aug 2023 12:49:57 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
8DKXB1M26Z56C8CQZMGR
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 92A6
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=885e676c-3a70-45fe-acfc-e7ad294a43e8&expiration=1694609397&gdpr=0&gdpr_consent=
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=885e676c-3a70-45fe-acfc-e7ad294a43e8&expiration=1694609397&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Aug 2023 12:49:57 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:57 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=885e676c-3a70-45fe-acfc-e7ad294a43e8&expiration=1694609397&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
usermatchredir
ssum-sec.casalemedia.com/ Frame 92A6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZNoi9Ggn7zBNSI16aEKdmQAADbsAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEPZqk2iPNgWd3K8DEkaAXDU&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEPZqk2iPNgWd3K8DEkaAXDU&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Aug 2023 12:49:57 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:57 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEPZqk2iPNgWd3K8DEkaAXDU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 92A6
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casa...
  • https://s.tribalfusion.com/z/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.ca...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662107587176078
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662107587176078
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Aug 2023 12:49:58 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:57 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
2053
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662107587176078
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7f69521ffc4f0971-MIA
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
user-registering
ads.stickyadstv.com/ Frame 92A6 		43 B
605 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZNoi9Ggn7zBNSI16aEKdmQAA%263515&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.233 Secaucus, United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Aug 2023 12:49:57 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1692017397544099-119
crum
dsum-sec.casalemedia.com/ Frame 92A6
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1707914997&external_user_id=7f3a6ff6-5c0d-4ed7-9bd4-46c2c860ad36
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1707914997&external_user_id=7f3a6ff6-5c0d-4ed7-9bd4-46c2c860ad36
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Aug 2023 12:49:57 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

date
Mon, 14 Aug 2023 12:49:57 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1707914997&external_user_id=7f3a6ff6-5c0d-4ed7-9bd4-46c2c860ad36
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
CookieIndex
rtb.adentifi.com/ Frame 92A6 		0
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.201.180.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-201-180-243.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:57 GMT
ecm3
s.amazon-adsystem.com/ Frame 92A6 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=ZNoi9Ggn7zBNSI16aEKdmQAADbsAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Aug 2023 12:49:57 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
1J8F5G19FZWWD8V3Z937
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
local_storage_frame17.min.html
assets.bounceexchange.com/assets/bounce/ Frame B812 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/bounce/local_storage_frame17.min.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f4fc114373da7e63fade04d84f7f1cfb5b31632246f33b10f3b7b275b85e6dd6

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
access-control-expose-headers
etag Content-Type
age
1242
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public,max-age=31536000
content-encoding
gzip
content-length
1073
content-type
text/html; charset=UTF-8
date
Mon, 14 Aug 2023 12:29:15 GMT
etag
"01c502a2c723b122c59807a66cd8a278"
last-modified
Thu, 10 Aug 2023 20:25:52 GMT
server
UploadServer
vary
Accept-Encoding
x-goog-generation
1691699152038244
x-goog-hash
crc32c=PJ2Zzg== md5=AcUCoscjsSLFmAembNiieA==
x-goog-metageneration
1
x-goog-storage-class
MULTI_REGIONAL
x-goog-stored-content-encoding
gzip
x-goog-stored-content-length
1073
x-guploader-uploadid
ADPycdv3dydBIlAJvwYQ1cvauv9Qmmh696iCSuguMsuufQ2Ky8OWxclB-fK0L4pS-Q3Z2TalsGoc_2XahGxB8MgrRDtIAYcvNdgA
pd
google-bidout-d.openx.net/w/1.0/ Frame 3401 		630 B
722 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
29d00e73ab0c3dfb89f382f04d07751de82c28a7f0df8a639fd1999461439686

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
408
content-type
text/html
date
Mon, 14 Aug 2023 12:49:57 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
usync.html
eus.rubiconproject.com/ Frame C1C0
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=ogury&endpoint=us-east&gdpr_consent=undefined
  • https://eus.rubiconproject.com/usync.html?p=ogury&endpoint=us-east&gdpr_consent=undefined
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=ogury&endpoint=us-east&gdpr_consent=undefined
Requested by
Host: ms-cookie-sync.presage.io
URL: https://ms-cookie-sync.presage.io/amazon/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dogury.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.126.114.69 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-114-69.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ms-cookie-sync.presage.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 14 Aug 2023 12:49:57 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 14 Aug 2023 12:49:57 GMT
location
https://eus.rubiconproject.com/usync.html?p=ogury&endpoint=us-east&gdpr_consent=undefined
server
AkamaiGHost
sync
ssbsync.smartadserver.com/api/ Frame 923A 		610 B
813 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=73&gdpr=false&gdpr_consent=undefined
Requested by
Host: ms-cookie-sync.presage.io
URL: https://ms-cookie-sync.presage.io/amazon/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dogury.com%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
216.22.16.5 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
2ea060e12edc14d61585386c06cadb21b1fa835a7fade5425fff2eebae71d2ad

Request headers

Referer
https://ms-cookie-sync.presage.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
610
content-type
text/html
date
Mon, 14 Aug 2023 12:49:56 GMT
rtset
bh.contextweb.com/bh/ Frame F454
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=X083Vk1Zd19pdm1kT3lHZjNWMFdpZw&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESENgf9zI1fhutulcPNK82ZsE&google_cver=1
49 B
813 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESENgf9zI1fhutulcPNK82ZsE&google_cver=1
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Protocol
H2
Server
198.148.27.131 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
content-type
image/gif;charset=iso-8859-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6f79b8d6bf-rnvd6
expires
-1

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:57 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESENgf9zI1fhutulcPNK82ZsE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
335
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame F454
Redirect Chain
  • https://pulsepoint-match.dotomi.com/match/bounce/current?networkId=14200&version=1&nuid=
  • https://pulsepoint-match.dotomi.com/match/bounce/current?DotomiTest=1472597dc333103b&is_secure=true&networkId=14200&version=1&nuid=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAMuSdE6J2eqwM2r_QWAAAAAAA&expiration=1692103797&nuid=&is_secure=true
49 B
849 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAMuSdE6J2eqwM2r_QWAAAAAAA&expiration=1692103797&nuid=&is_secure=true
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Protocol
H2
Server
198.148.27.131 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
content-type
image/gif;charset=iso-8859-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6f79b8d6bf-rnvd6
expires
-1

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:57 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAMuSdE6J2eqwM2r_QWAAAAAAA&expiration=1692103797&nuid=&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
ecm3
s.amazon-adsystem.com/ Frame F454 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=5TsF0pv5gg6c&ex=Pulsepoint
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Aug 2023 12:49:57 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
NZYG10ZP2D3FWHJYG9QZ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
setuid
prebid-server.rubiconproject.com/
Redirect Chain
  • https://sync.1rx.io/usersync2/rmphb?gdpr=&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1-...
  • https://sync.1rx.io/usersync2/rmphb?zcc=1&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26acc...
  • https://sync.targeting.unrulymedia.com/csync/RX-8473adf2-1b89-4704-a0af-ee0cafa92d52-005?redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D%26gdpr_consent%3D%...
  • https://prebid-server.rubiconproject.com/setuid?bidder=unruly&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&account=&f=i&uid=RX-8473adf2-1b89-4704-a0af-ee0cafa92d52-005
86 B
715 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=unruly&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&account=&f=i&uid=RX-8473adf2-1b89-4704-a0af-ee0cafa92d52-005
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
HTTP/1.1
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/png
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-encoding
gzip
transfer-encoding
chunked
Expires
0

Redirect headers

Date
Mon, 14 Aug 2023 12:49:58 GMT
Server
Tengine
ETag
RX8473adf21b894704a0afee0cafa92d52005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://prebid-server.rubiconproject.com/setuid?bidder=unruly&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&account=&f=i&uid=RX-8473adf2-1b89-4704-a0af-ee0cafa92d52-005
Content-Type
text/html
Connection
keep-alive
in
us.q2s15.com/v5/ 		2 B
170 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://us.q2s15.com/v5/in
Requested by
Host: cdn.watchingthat.net
URL: https://cdn.watchingthat.net/us.wtat.plugin-jw_ima.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.17.205.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-205-49.compute-1.amazonaws.com
Software
/ Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryhRTxz23lWEl70aXM

Response headers

access-control-allow-origin
https://nypost.com
date
Mon, 14 Aug 2023 12:49:57 GMT
access-control-allow-credentials
true
x-powered-by
Express
content-length
2
vary
Origin
content-type
text/plain; charset=utf-8
PugMaster
image6.pubmatic.com/AdServer/ Frame 01F1 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=37049282&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
8d92888f97786ff2dbcd8bcc59145cff3c6872ccd3543f508cbdc3fbc87f4471

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 14 Aug 2023 12:49:55 GMT
content-length
1744
content-type
text/html; charset=UTF-8
sync
ups.analytics.yahoo.com/ups/58294/ Frame 3401 		0
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=828ff9d7-7093-48cd-b402-5e1b2b9dd4ec
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-65-202.compute-1.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:57 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
396846.gif
idsync.rlcdn.com/ Frame 3401
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D%7BOPENX_ID%7D
  • https://id.rlcdn.com/464246.gif?partner_uid=f98d0538-65be-44e4-b85c-1fe285a5415d
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=f98d0538-65be-44e4-b85c-1fe285a5415d
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=f98d0538-65be-44e4-b85c-1fe285a5415d
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:58 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Mon, 14 Aug 2023 12:49:58 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=f98d0538-65be-44e4-b85c-1fe285a5415d
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sd
us-u.openx.net/w/1.0/ Frame 3401
Redirect Chain
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=6125384915149995829
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072399&val=6125384915149995829
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:58 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:57 GMT
an-x-request-uuid
026be577-ac30-49fa-9747-8eda601168e9
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://us-u.openx.net/w/1.0/sd?id=537072399&val=6125384915149995829
x-proxy-origin
38.132.118.69; 38.132.118.69; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 3401
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=4086215225291572915&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=4086215225291572915&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:58 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=4086215225291572915&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 14 Aug 2023 12:49:57 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame 3401
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZNoi9QAIevMY0AAN
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZNoi9QAIevMY0AAN
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:57 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by
cache-mia-kmia1760097-MIA
pragma
no-cache
date
Mon, 14 Aug 2023 12:49:57 GMT
via
1.1 varnish
server
Varnish
x-timer
S1692017398.721760,VS0,VE0
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZNoi9QAIevMY0AAN
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
track
servt.unrulyvideo.com/ 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://servt.unrulyvideo.com/track?pid=603f65a2e291680ef30af9c7&cid=63270a3c111cb340ec60ce24&cb=1692017397376&r=nypost.com&stagid=62af35d851923c62777207b4&stplid=62b08bd1ff25cd1ac30f2fb8&d35=&cd10=622640&e=playerLoaded
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.157.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-157-77.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:57 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
test.html
widgets.outbrain.com/nanoWidget/externals/obUserFrame/ Frame 55A3 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obUserFrame/test.html?lsd=3ebbb7b7-7e3b-46d4-93bf-dc08b9e67ea7
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.220.189.76 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-189-76.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
45f0f27fb78191006375051ee3046fae3105b652d11680432511cba61b32c330

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
access-control-request-headers
X-OB-STG,X-OB-PRD
cache-control
max-age=604800
content-encoding
gzip
content-length
686
content-type
text/html
date
Mon, 14 Aug 2023 12:49:57 GMT
etag
"1e015194a0e596827cb8971f884eb43c:1692004929.054785"
expires
Mon, 21 Aug 2023 12:49:57 GMT
last-modified
Mon, 14 Aug 2023 08:42:45 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
vary
Accept-Encoding
put.html
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame E59F 		416 B
744 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.220.189.76 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-189-76.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
access-control-request-headers
X-OB-STG,X-OB-PRD
cache-control
max-age=604800
content-length
416
content-type
text/html
date
Mon, 14 Aug 2023 12:49:57 GMT
etag
"c0311cf15c21ddda054005e92fad3f9e:1692004925.442736"
expires
Mon, 21 Aug 2023 12:49:57 GMT
last-modified
Mon, 14 Aug 2023 08:42:45 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
ob_logo_67x12.png
widgets.outbrain.com/images/widgetIcons/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/ob_logo_67x12.png
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.220.189.76 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-189-76.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires
Wed, 13 Sep 2023 12:49:57 GMT
date
Mon, 14 Aug 2023 12:49:57 GMT
last-modified
Tue, 10 Jan 2023 16:40:08 GMT
server
AkamaiNetStorage
etag
"c52b07e749f7a09fa7b97b7e195e06ce:1673369415.187551"
access-control-allow-methods
GET,POST
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2326
access-control-request-headers
X-OB-STG,X-OB-PRD
achoice.svg
widgets.outbrain.com/images/widgetIcons/ 		990 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.220.189.76 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-189-76.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires
Wed, 13 Sep 2023 12:49:57 GMT
date
Mon, 14 Aug 2023 12:49:57 GMT
last-modified
Tue, 10 Jan 2023 16:40:08 GMT
server
AkamaiNetStorage
etag
"5ab8e16b5f46213840bcd403e349419c:1673369393.880194"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
990
access-control-request-headers
X-OB-STG,X-OB-PRD
l
mcdp-nydc1.outbrain.com/ 		2 B
356 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=962659e3470d5c019441c226aca1ad93_770_1692017395985&tm=2520&eT=0&widgetWidth=734&widgetHeight=33&widgetX=268&widgetY=3530&wRV=2010414&pVis=0&lsd=3ebbb7b7-7e3b-46d4-93bf-dc08b9e67ea7&eIdx=&ccpa=1---&rtt=1459&oo=false&lo=3105&obreq=2938&mvreq=4649&mvres=6107&cet=4g&to=1692017391278.3&umv=1&ll=0&chs=1&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js?ver=1.0.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.255 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 12:49:57 GMT
content-encoding
br
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
content-range
X-TraceId
023fe55180a228be3e3b131d2c3da448
Content-Length
6
obPvTracker.js
widgets.outbrain.com/external/publishers/common/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/external/publishers/common/obPvTracker.js?advId=00c0feecc40196b47a738de28ad44794ac
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.220.189.76 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-189-76.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
09bba9c244cbc0f1c1f93f3c4033b7e71d34a8dbeee3c754a36ddcba0e329ab8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-request-headers
X-OB-STG,X-OB-PRD
date
Mon, 14 Aug 2023 12:49:57 GMT
content-encoding
gzip
content-length
836
last-modified
Mon, 14 Aug 2023 10:18:04 GMT
server
AkamaiNetStorage
etag
"07a0f9eaad525afd418f644b5cf0e3be:1692008383.078845"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
expires
Mon, 14 Aug 2023 16:49:57 GMT
obConversionTracker.js
widgets.outbrain.com/external/publishers/common/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/external/publishers/common/obConversionTracker.js?selector=.buy-button,.article-list__stream-link&name=Buy%20now%20click
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.220.189.76 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-189-76.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
44529f30aa6017da84c45718df1a0a4b0fb44cbb187c1fd80e33bbd6077067cc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-request-headers
X-OB-STG,X-OB-PRD
date
Mon, 14 Aug 2023 12:49:57 GMT
content-encoding
gzip
content-length
999
last-modified
Mon, 14 Aug 2023 10:18:04 GMT
server
AkamaiNetStorage
etag
"ae89148ab5231afecd4a9f41414daad5:1692008381.764469"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
expires
Mon, 14 Aug 2023 16:49:57 GMT
userZapping.js
widgets.outbrain.com/nanoWidget/2010414/module/ 		26 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/2010414/module/userZapping.js?e=2
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.220.189.76 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-189-76.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
15676f8492c8e8fc815f4cc5326ae80a1e42512ce45a7f2f8e8fdf12879cc6e6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-request-headers
X-OB-STG,X-OB-PRD
date
Mon, 14 Aug 2023 12:49:57 GMT
content-encoding
gzip
content-length
7134
last-modified
Mon, 14 Aug 2023 08:42:45 GMT
server
AkamaiNetStorage
etag
"5ab305f7cc8c3e87e03fc21fc2c5fc99:1692003909.875869"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
expires
Mon, 21 Aug 2023 12:49:57 GMT
l
mcdp-nydc1.outbrain.com/ 		2 B
356 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=1f540418900875db86133ee7ff09261b_770_1692017396113&tm=2545&eT=0&widgetWidth=728&widgetHeight=295&widgetX=271&widgetY=3576&wRV=2010414&pVis=1&lsd=3ebbb7b7-7e3b-46d4-93bf-dc08b9e67ea7&eIdx=&ccpa=1---&oo=false&lo=3105&obreq=2938&mvreq=4649&mvres=6138&re=6150&cet=4g&cs=5&to=1692017391278.3&umv=1&ll=0&chs=1&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js?ver=1.0.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.255 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 12:49:57 GMT
content-encoding
br
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
content-range
X-TraceId
8d7c81d936f44baa97c7c44a64d4e3fd
Content-Length
6
obVideo.js
libs.outbrain.com/video/obVideo/current/ 		113 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://libs.outbrain.com/video/obVideo/current/obVideo.js?e=2
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.220.189.76 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-189-76.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4cf07a6b71b845095930141f6797ba402ea64e2151c433ffeaedfba94823f5a8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:57 GMT
content-encoding
gzip
last-modified
Mon, 14 Aug 2023 10:04:03 GMT
server
AkamaiNetStorage
etag
"480f938d472e8ce31b6d771f0aa4257e:1692011394.264555"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
32069
expires
Mon, 14 Aug 2023 16:49:57 GMT
l
mcdp-nydc1.outbrain.com/ 		2 B
356 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=fa426fc2742fc731a054c4bfc5e07357_770_1692017396169&tm=2560&eT=0&widgetWidth=728&widgetHeight=235&widgetX=271&widgetY=3895&wRV=2010414&pVis=0&lsd=3ebbb7b7-7e3b-46d4-93bf-dc08b9e67ea7&eIdx=&ccpa=1---&oo=false&lo=3105&obreq=2938&mvreq=4649&mvres=6138&re=6168&cet=4g&cs=5&to=1692017391278.3&umv=1&ll=0&chs=1&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js?ver=1.0.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.255 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 12:49:57 GMT
content-encoding
br
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
content-range
X-TraceId
92c74744d16a9af77152253772060dc2
Content-Length
6
l
mcdp-nydc1.outbrain.com/ 		2 B
356 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=564b76601911bc836bdd5bdb61159bbc_770_1692017396354&tm=2569&eT=0&widgetWidth=728&widgetHeight=597&widgetX=271&widgetY=4153&wRV=2010414&pVis=1&lsd=3ebbb7b7-7e3b-46d4-93bf-dc08b9e67ea7&eIdx=&ccpa=1---&oo=false&lo=3105&obreq=2938&mvreq=4649&mvres=6138&re=6177&cet=4g&cs=5&to=1692017391278.3&umv=1&ll=0&chs=1&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js?ver=1.0.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.255 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 12:49:57 GMT
content-encoding
br
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
content-range
X-TraceId
4775b5e2b62cae259d98679cae1eb24a
Content-Length
6
l
mcdp-nydc1.outbrain.com/ 		2 B
356 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=534d7485b49bfa12e3f6c12470ec9ad2_770_1692017396579&tm=2578&eT=0&widgetWidth=728&widgetHeight=235&widgetX=271&widgetY=4775&wRV=2010414&pVis=0&lsd=3ebbb7b7-7e3b-46d4-93bf-dc08b9e67ea7&eIdx=&ccpa=1---&oo=false&lo=3105&obreq=2938&mvreq=4649&mvres=6138&re=6186&cet=4g&cs=5&to=1692017391278.3&umv=1&ll=0&chs=1&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js?ver=1.0.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.255 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 12:49:57 GMT
content-encoding
br
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
content-range
X-TraceId
86405e9ef656f3dd74d78fa5b36768c9
Content-Length
6
clip.js
widgets.outbrain.com/nanoWidget/2010414/module/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/2010414/module/clip.js?e=2
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.220.189.76 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-189-76.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
267c61e8de2c28a2551dd5fa6ecdbc608d94b52d639c7fbb4b8ed6db91e311ea

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-request-headers
X-OB-STG,X-OB-PRD
date
Mon, 14 Aug 2023 12:49:57 GMT
content-encoding
gzip
content-length
710
last-modified
Mon, 14 Aug 2023 08:42:45 GMT
server
AkamaiNetStorage
etag
"36ee5488057953b454a2a23a6fae266b:1692003903.79325"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
expires
Mon, 21 Aug 2023 12:49:57 GMT
l
mcdp-nydc1.outbrain.com/ 		2 B
356 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=02385d1705d11019b34b9737843fc760_770_1692017396761&tm=2587&eT=0&widgetWidth=728&widgetHeight=253&widgetX=271&widgetY=5033&wRV=2010414&pVis=1&lsd=3ebbb7b7-7e3b-46d4-93bf-dc08b9e67ea7&eIdx=&ccpa=1---&oo=false&lo=3105&obreq=2938&mvreq=4649&mvres=6138&re=6194&cet=4g&cs=5&to=1692017391278.3&umv=1&ll=0&chs=1&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js?ver=1.0.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.255 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 12:49:57 GMT
content-encoding
br
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
content-range
X-TraceId
972b02b86b312b815db801547e04d532
Content-Length
6
/
eventlog.outbrain.com/logger/v1/widget/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://eventlog.outbrain.com/logger/v1/widget/
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js?ver=1.0.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.255 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundary4AquBEQcY31KcG99

Response headers
get
mv.outbrain.com/Multivac/api/ 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&idx=2&rand=47874&widgetJSId=AR_12&va=true&et=true&format=html&lsd=3ebbb7b7-7e3b-46d4-93bf-dc08b9e67ea7&lsdt=1692017397393&t=ZjViYTljZDZmZDYxNDE3ZDFjYmZkZDc3YzMwYmViNzk=&px=629&py=6503&vpd=5303&pubInState=0&cw=341&seid=0516ccbb-2895-e51b-0000-0189f41886c6%7C575%7C1&settings=true&recs=true&key=NANOWDGT01&adblck=false&abwl=false&ab=0&wl=0&umv=1&wdr-cosc=1&activeTab=true&version=2010414&sig=NCKxbSGa&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpa=1---&ccpaStat=1&chs=1&ogn=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.30.132 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7ae58427fe287ffa5c653ae12133e35316bfc41766fe255e80b7a19bc43d5591

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-cache-hits
0
date
Mon, 14 Aug 2023 12:49:57 GMT
content-encoding
br
via
1.1 varnish
traffic-path
NYDC1, IAD, USA_EAST1
x-cache
MISS
p3p
policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
x-traceid
b0dac67a3fda8328c4459411ae557e83
content-length
7616
x-served-by
cache-iad-kiad7000168-IAD
pragma
no-cache
x-timer
S1692017398.524089,VS0,VE84
vary
Accept-Encoding, User-Agent
content-type
text/javascript; charset=UTF-8
cache-control
no-cache
accept-ranges
bytes
expires
Thu, 01 Jan 1970 00:00:00 GMT
Close.svg
widgets.outbrain.com/images/widgetIcons/ 		765 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/Close.svg
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.220.189.76 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-189-76.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c2c92cde33538b1187bedea3d0b6d5141e4222eba8092476339aa080cee759ac

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires
Wed, 13 Sep 2023 12:49:57 GMT
date
Mon, 14 Aug 2023 12:49:57 GMT
last-modified
Tue, 10 Jan 2023 16:40:08 GMT
server
AkamaiNetStorage
etag
"f740f788e2e26736856f7a3a12457a63:1673369390.457553"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
765
access-control-request-headers
X-OB-STG,X-OB-PRD
eyJpdSI6IjkyNTUwOTVhYzI0MWEyZjJhZTU1MTk4YTViNmVjOWYwNjg3NzI2ODA0ZDA0NDNkZjA3NWQyODA1ZWU2ZWNhODAiLCJ3IjozNSwiaCI6MzUsImQiOjIuMCwiY3MiOjAsImYiOjR9.webp
images.outbrainimg.com/transform/v3/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjkyNTUwOTVhYzI0MWEyZjJhZTU1MTk4YTViNmVjOWYwNjg3NzI2ODA0ZDA0NDNkZjA3NWQyODA1ZWU2ZWNhODAiLCJ3IjozNSwiaCI6MzUsImQiOjIuMCwiY3MiOjAsImYiOjR9.webp
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.37.207 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-37-207.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2ed0664d2bf8eaf59fbc7d7975664fa9b3739bb2ba769d4f6dfbf6ff942cb78b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:57 GMT
last-modified
Thu, 18 May 2023 02:54:24 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2189970
access-control-allow-credentials
false
x-traceid
4abfb33234f0dd2f5620c5a3abe37086
timing-allow-origin
*, *
content-length
1440
eyJpdSI6IjU2NTcyNDgxOTU5MDE4ODgxZjUzODZlNWFhN2JhZDlmNTE3NmExYTU3YzRjYTY1YjMxMWE2OWZlMGVjYzA2YjQiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS4wLCJjcyI6MiwiZiI6NX0.mp4
images.outbrainimg.com/transform/v3/ 		271 KB
271 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjU2NTcyNDgxOTU5MDE4ODgxZjUzODZlNWFhN2JhZDlmNTE3NmExYTU3YzRjYTY1YjMxMWE2OWZlMGVjYzA2YjQiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS4wLCJjcyI6MiwiZiI6NX0.mp4
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.37.207 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-37-207.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:57 GMT
last-modified
Wed, 01 Feb 2023 13:17:46 GMT
access-control-allow-methods
GET,POST
content-type
video/mp4
access-control-allow-origin
*
cache-control
max-age=816116
access-control-allow-credentials
false
x-traceid
d776b9215f6972b1ef49eab86f9bec5b
timing-allow-origin
*, *
content-length
277200
eyJpdSI6ImJmM2NjODc5MWRlNDg2OGZlZDNkMTI1ZjI4MTAxN2I1ZjFhYjJhNTgzOWQ5NWQyM2RlNjA2YmE2OWY5MjdiYTQiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS4wLCJjaCI6MTk2MTkwMDg3MCwiY3MiOjAsImYiOjR9.webp
images.outbrainimg.com/transform/v3/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImJmM2NjODc5MWRlNDg2OGZlZDNkMTI1ZjI4MTAxN2I1ZjFhYjJhNTgzOWQ5NWQyM2RlNjA2YmE2OWY5MjdiYTQiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS4wLCJjaCI6MTk2MTkwMDg3MCwiY3MiOjAsImYiOjR9.webp
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.37.207 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-37-207.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6478604e340b76a95c9cd64afbb9bf2e19dc7e371d442b095495e861ba3d66e0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:57 GMT
last-modified
Thu, 10 Aug 2023 21:43:56 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2194438
access-control-allow-credentials
false
x-traceid
b4dfb47abf6a87bbcf153f32c40ea317
timing-allow-origin
*, *
content-length
25876
eyJpdSI6IjFjOTlkNjFiOTU3NDA3MDVkYmM5YWRhNWI3NTYxOWYwMDNhYzc3N2QyNjkzMThkY2ExM2E2NWU1NGJhOWFjY2MiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjFjOTlkNjFiOTU3NDA3MDVkYmM5YWRhNWI3NTYxOWYwMDNhYzc3N2QyNjkzMThkY2ExM2E2NWU1NGJhOWFjY2MiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.37.207 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-37-207.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
600177d7eaa658bd5508d5bb19a4a669454cd3280b39319ee32f893915c48db4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:57 GMT
last-modified
Thu, 01 Jun 2023 02:54:49 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=1029464
access-control-allow-credentials
false
x-traceid
ee0eda6e7a207f3878461b40e84cf6cf
timing-allow-origin
*, *
content-length
7196
eyJpdSI6IjdiY2E3YmI5MGNjMjI2MTU1MDZhYzZlNzk0MTI5YmY0OWMwYTliMTU4ZTkzMjYwOTY2NzExODE3ZjY5MTU4YjEiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS4wLCJjcyI6MiwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjdiY2E3YmI5MGNjMjI2MTU1MDZhYzZlNzk0MTI5YmY0OWMwYTliMTU4ZTkzMjYwOTY2NzExODE3ZjY5MTU4YjEiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS4wLCJjcyI6MiwiZiI6NH0.webp
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.37.207 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-37-207.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6b96bb266dc1e41e713ce7861924fd5855bf1039b5d4fbb806c4841281fe5f48

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:57 GMT
last-modified
Mon, 21 Nov 2022 12:48:18 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=384514
access-control-allow-credentials
false
x-traceid
5e0e9f220859a48d97bf86b2471bf385
timing-allow-origin
*, *
content-length
12070
eyJpdSI6IjBiMzc1OTJlMjlmN2FjMDU2MjU1MDk5OGUwNzA2NGJkZGVjZjQyN2U0ZTE4ZDE5ODdlYWNiOWE1NTM4MTRmYmYiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjBiMzc1OTJlMjlmN2FjMDU2MjU1MDk5OGUwNzA2NGJkZGVjZjQyN2U0ZTE4ZDE5ODdlYWNiOWE1NTM4MTRmYmYiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.37.207 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-37-207.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
754c6880f51894787d9f03b28ad0e3d4859636129eeeb0a4600de7d10ba9163b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:57 GMT
last-modified
Sat, 12 Aug 2023 10:50:13 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2282573
access-control-allow-credentials
false
x-traceid
f53c11edd4c2863f67d27a5f9065fca6
timing-allow-origin
*, *
content-length
9652
eyJpdSI6IjM3NTlmYzFkM2E0Y2FiMzc4YmY1NjVjOGMzOTg4Njg0ZmE1Y2U2NjBkYjg0ODRhMWExY2JkOTc2NmFmMmIzNGYiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjM3NTlmYzFkM2E0Y2FiMzc4YmY1NjVjOGMzOTg4Njg0ZmE1Y2U2NjBkYjg0ODRhMWExY2JkOTc2NmFmMmIzNGYiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.37.207 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-37-207.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d131ac66c0b87aa62e440fe629175fc1ef348510e71a6c605242ad5e680575c4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:57 GMT
last-modified
Sat, 12 Aug 2023 23:30:58 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2328197
access-control-allow-credentials
false
x-traceid
b36f5e17e22d284043f687802a691c2f
timing-allow-origin
*, *
content-length
6646
eyJpdSI6IjhhMzNiOGE5YmM3M2FhMmY5NmNkMDE1MGExNmI2Mzg1M2FjMTc2NGZiZTcxZDc2MDhkYzlkODcwOTk2MGZhZDYiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjhhMzNiOGE5YmM3M2FhMmY5NmNkMDE1MGExNmI2Mzg1M2FjMTc2NGZiZTcxZDc2MDhkYzlkODcwOTk2MGZhZDYiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.37.207 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-37-207.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
410ee3648b58b7a432cb01c9161a1c319904ec783b0245de71fc1c323e2cb9db

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:57 GMT
last-modified
Sat, 12 Aug 2023 15:58:54 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2300924
access-control-allow-credentials
false
x-traceid
022c23d511856156781881c08a58b039
timing-allow-origin
*, *
content-length
21188
eyJpdSI6IjA5YmI4ZmIxMDkyZWUxZmZhZmM1MDljNzk5ODhjMjcyMGRiZDRiZTk0MzZkMTU3ODI2YjU2MTc5MmIxNTMyZjYiLCJ3Ijo4MDAsImgiOjUzMiwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjA5YmI4ZmIxMDkyZWUxZmZhZmM1MDljNzk5ODhjMjcyMGRiZDRiZTk0MzZkMTU3ODI2YjU2MTc5MmIxNTMyZjYiLCJ3Ijo4MDAsImgiOjUzMiwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.37.207 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-37-207.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
47eeae039c79c7913003cc6d774b9edfe85d1f84923bc696561786ed3f0ed6e2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:57 GMT
last-modified
Thu, 10 Aug 2023 15:03:02 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2371373
access-control-allow-credentials
false
x-traceid
bf4bd882e8158b22bca8b26ff03ff02b
timing-allow-origin
*, *
content-length
28464
BTj1ruSS-120.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/tQdfH2Bm/poster.jpg?width=120
  • https://assets-jpcust.jwpsrv.com/thumbnails/BTj1ruSS-120.jpg
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/BTj1ruSS-120.jpg
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
fe4088fc7c2233f28df86d3acc33ba5d447c9086bb39848bdf3fb4656077cf9e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:57 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
672
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
7858
x-served-by
cache-iad-kjyo7100170-IAD, cache-mia-kmia1760020-MIA
last-modified
Fri, 04 Aug 2023 18:27:01 GMT
server
nginx
x-timer
S1692017398.920258,VS0,VE0
etag
"52790bd322ef692aef3301351e39ac17"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
53500, 5

Redirect headers

date
Mon, 14 Aug 2023 12:48:02 GMT
via
1.1 978e367a2ce2a1259e8f24bc2370ca50.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
EWR53-C1
age
115
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/BTj1ruSS-120.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Hit from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
zszbma6goZ22w1o23PoK6g5rEsNWw3UzuAiuLtu8klpmjhrp8E7ZKA==
p.css
p.typekit.net/ Frame C321 		5 B
172 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=uel0ekt&ht=tk&f=139.140.175.176.10879.10881.10887.10888.39498.39500&a=738589&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/uel0ekt.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8252 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://use.typekit.net/uel0ekt.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:57 GMT
last-modified
Fri, 14 Jul 2023 12:43:54 GMT
server
nginx
etag
"64b1430a-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
v2
api-2-0.spot.im/v1.0.0/owa-gw/spot/sp_Sx8YukwE/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/owa-gw/spot/sp_Sx8YukwE/v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-22.jfk50.r.cloudfront.net
Software
fasthttp /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
x-access-token,x-guid,x-post-id,x-spot-id,x-spotim-page-view-id
Access-Control-Request-Method
GET
Origin
https://nypost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-spot-id,x-post-id,x-guid,x-spotim-page-view-id,x-access-token
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://nypost.com
access-control-expose-headers
access-control-max-age
86400
content-length
0
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
date
Mon, 14 Aug 2023 12:49:57 GMT
server
fasthttp
strict-transport-security
max-age=31536000
via
1.1 b5fe18267507cb61755963d8928a60f4.cloudfront.net (CloudFront)
x-amz-cf-id
4W7y2Vi-OPH3HQ2n4qCVsr5nxpdX0lPOD_rZ6GuQnR77-2q13ds1aA==
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
v2
api-2-0.spot.im/v1.0.0/owa-gw/spot/sp_Sx8YukwE/ 		29 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/owa-gw/spot/sp_Sx8YukwE/v2
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/ads/tags/v22.3.0/ads/ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-22.jfk50.r.cloudfront.net
Software
fasthttp /
Resource Hash
1125b86e58a329b006c7ac61ebdaecb194fd151d3e07131bedc460c2d9b54dda
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

x-guid
a3319bef-f26a-424c-8ba0-adaa5e0ce096
x-post-id
26570027
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
x-spot-id
sp_Sx8YukwE
x-spotim-page-view-id
9221dbf5-e9ec-44c1-b0d4-bb1aa758a98a
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
x-access-token
null

Response headers

date
Mon, 14 Aug 2023 12:49:57 GMT
content-encoding
gzip
via
1.1 d8e93128b8c3fa45992684bc1f50eeb8.cloudfront.net (CloudFront)
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
strict-transport-security
max-age=31536000
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-request-id
12fb046e-3aa1-11ee-abee-a271ccb7adc6
server
fasthttp
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://nypost.com
access-control-expose-headers
access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-headers
x-spot-id,x-post-id,x-guid,x-spotim-page-view-id,x-access-token
x-amz-cf-id
PBVmvxzIme4yDGM-9NSApVDwfyzPBzI9UU_8xLeQfq66cztgr3PtBw==
usync.js
eus.rubiconproject.com/ Frame 2EA6 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.126.114.69 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-114-69.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
79174ee77b6396cce4fcb7cb25caa2eef27936e6d5dc920a88ea4dfe47e179cb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 12:49:57 GMT
Content-Encoding
gzip
Last-Modified
Mon, 14 Aug 2023 09:42:34 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=75190
Connection
keep-alive
Content-Length
10116
Expires
Tue, 15 Aug 2023 09:43:07 GMT
user-sync
ms-cookie-sync.presage.io/ Frame 923A 		0
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ms-cookie-sync.presage.io/user-sync?equativ_id=8978801468337922557&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=73&gdpr=false&gdpr_consent=undefined
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-57.ewr50.r.cloudfront.net
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Aug 2023 12:49:57 GMT
Via
1.1 64142199656297b56ef863f9ccc0c102.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
EWR50-C1
X-Powered-By
Express
Surrogate-Control
no-store
X-Cache
Miss from cloudfront
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Length
0
X-Amz-Cf-Id
PnGwRRm0pRPnZDObnA9bpDvmf4-j_TtqKjYjTFR7oQ1GlKw8IRi_WA==
Expires
0
/
rtb-csync.smartadserver.com/redir/ Frame 923A
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=7015751175867750616&gdpr=0&gdpr_consent=
43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=7015751175867750616&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=73&gdpr=false&gdpr_consent=undefined
Protocol
HTTP/1.1
Server
23.105.12.137 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 14 Aug 2023 12:49:57 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=7015751175867750616&gdpr=0&gdpr_consent=
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
/
rtb-csync.smartadserver.com/redir/ Frame 923A
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=5&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7267159384384272534&gdpr=0&gdpr_consent=
43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7267159384384272534&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=73&gdpr=false&gdpr_consent=undefined
Protocol
HTTP/1.1
Server
23.105.12.137 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 14 Aug 2023 12:49:58 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Location
https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7267159384384272534&gdpr=0&gdpr_consent=
Date
Mon, 14 Aug 2023 12:49:58 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
155.gif
id5-sync.com/k/ Frame 923A
Redirect Chain
  • https://id5-sync.com/i/102/9.gif?gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/102/0/9/1.gif?gdpr=0&gdpr_consent=&us_privacy=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=111&partneruserid=ID5-632bhOSjupo1vdRoNINUp-sxGbreZvcK_wvnbh0_cg&redirurl=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F102%2F8%2F2.gif%3Fpuid%3DSMART_...
  • https://id5-sync.com/c/102/102/8/2.gif?puid=8978801468337922557&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy=
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy=&_bee_ppp=1
  • https://id5-sync.com/k/155.gif?puid=AACrE07JtEYAACl9xk287Q&id5AccountNum=155&numCascadesAllowed=9
43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/k/155.gif?puid=AACrE07JtEYAACl9xk287Q&id5AccountNum=155&numCascadesAllowed=9
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=73&gdpr=false&gdpr_consent=undefined
Protocol
HTTP/1.1
Server
162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
5f789ccae156b160492d89a6146b1974d15128790b74abb995d8e89fa44cde5e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:01 GMT
content-encoding
gzip
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
transfer-encoding
chunked
content-type
text/html;charset=utf-8

Redirect headers

location
https://id5-sync.com/k/155.gif?puid=AACrE07JtEYAACl9xk287Q&id5AccountNum=155&numCascadesAllowed=9
Date
Mon, 14 Aug 2023 12:50:00 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
/
rtb-csync.smartadserver.com/redir/ Frame 923A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=smart-adserver&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=885e676c-3a70-45fe-acfc-e7ad294a43e8&gdpr=0&gdpr_consent=
43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=885e676c-3a70-45fe-acfc-e7ad294a43e8&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=73&gdpr=false&gdpr_consent=undefined
Protocol
HTTP/1.1
Server
23.105.12.137 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 14 Aug 2023 12:49:57 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:57 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=885e676c-3a70-45fe-acfc-e7ad294a43e8&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
299
eyJpdSI6IjU2NTcyNDgxOTU5MDE4ODgxZjUzODZlNWFhN2JhZDlmNTE3NmExYTU3YzRjYTY1YjMxMWE2OWZlMGVjYzA2YjQiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS4wLCJjcyI6MiwiZiI6NX0.mp4
images.outbrainimg.com/transform/v3/ 		271 KB
271 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjU2NTcyNDgxOTU5MDE4ODgxZjUzODZlNWFhN2JhZDlmNTE3NmExYTU3YzRjYTY1YjMxMWE2OWZlMGVjYzA2YjQiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS4wLCJjcyI6MiwiZiI6NX0.mp4
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.37.207 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-37-207.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
68151335dd5944307d4c935ea1f7ad791c82aedd9f49434cf96323a9cdc6a8a4

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 14 Aug 2023 12:49:57 GMT
last-modified
Wed, 01 Feb 2023 13:17:46 GMT
access-control-allow-methods
GET,POST
content-type
video/mp4
access-control-allow-origin
*
Content-Range
bytes 0-277199/277200
cache-control
max-age=816116
access-control-allow-credentials
false
x-traceid
d776b9215f6972b1ef49eab86f9bec5b
timing-allow-origin
*, *
Content-Length
277200
usync.js
eus.rubiconproject.com/ Frame C1C0 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=ogury&endpoint=us-east&gdpr_consent=undefined
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.126.114.69 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-114-69.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
79174ee77b6396cce4fcb7cb25caa2eef27936e6d5dc920a88ea4dfe47e179cb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=ogury&endpoint=us-east&gdpr_consent=undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 12:49:57 GMT
Content-Encoding
gzip
Last-Modified
Mon, 14 Aug 2023 09:42:34 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=75190
Connection
keep-alive
Content-Length
10116
Expires
Tue, 15 Aug 2023 09:43:07 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		152 KB
36 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4141958597509330&correlator=1507824542954215&hxva=1&scor=3311754612847666&eid=31072020%2C31076474%2C31076923%2C31076971&output=ldjh&gdfp_req=1&vrg=202308090102&ptt=17&impl=fifs&us_privacy=1---&iu_parts=5850%2Cpost.desktop%2Crec_atf%2Cnews%2Cstories%2Cbillb_atf%2Crec_btf%2Crec_widget%2Ccustom%2Cskin%2Cinline%2Coverlay_fullpage%2Cnative&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2C%2F0%2F1%2F5%2F3%2F4%2C%2F0%2F1%2F6%2F3%2F4%2C%2F0%2F1%2F7%2F3%2F4%2C%2F0%2F1%2F8%2F3%2F4%2C%2F0%2F1%2F9%2F3%2F4%2C%2F0%2F1%2F10%2F3%2F4%2C%2F0%2F1%2F11%2F3%2F4%2C%2F0%2F1%2F12%2F3%2F4&prev_iu_szs=300x250%7C300x251%7C1x1%7C300x600%2C970x90%7C970x250%7C978x250%7C1x1%7C1x11%2C300x250%7C300x252%7C300x600%7C1x1%2C300x255%7C300x250%7C300x600%7C1x1%2C1x12%2C1x2%7C1x1%2C1x7%7C1x1%2C1x4%7C1x1%2C320x50%7C1x6%7C1x1&fluid=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2Cheight&ifi=1&didk=3171899918~285960245~3171905950~3543286650~119205592~907871424~2265005873~2949661673~934004422&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1692017397800&lmt=1692053397&adxs=1032%2C315%2C1032%2C1032%2C0%2C0%2C0%2C0%2C1032&adys=1704%2C237%2C4180%2C3012%2C7326%2C543%2C543%2C543%2C2107&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C0%7C2%7C3%7C4%7C0%7C0%7C0%7C5&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&frm=20&vis=1&psz=300x600%7C970x256%7C300x600%7C300x600%7C1600x0%7C1600x0%7C1600x7326%7C1600x4%7C300x0&msz=300x250%7C970x0%7C300x250%7C300x250%7C1600x0%7C1600x0%7C0x0%7C1600x0%7C300x0&fws=516%2C516%2C516%2C516%2C4%2C4%2C132%2C4%2C4&ohw=300%2C970%2C300%2C300%2C1600%2C1600%2C1600%2C1600%2C1600&ga_vid=1624615099.1692017395&ga_sid=1692017398&ga_hid=1381752064&ga_fc=true&dlt=1692017391878&idt=3587&ppid=64da22f22e0b1160c331cf0964da22f22e0b1160c331cf09&prev_scp=amznbid%3D2%26amznp%3D2%26hb_domain%3Dnypost.com%26hb_auction_id%3D9f29a693-8066-49c2-8257-d87e5ecc29e3%26hb_adomain%3Dnobid.io%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x250%26hb_pb%3D0.05%26hb_adid%3D81ff05b37356b86%26hb_bidder%3Dduration%26mnadc%3Ddiv-gpt-ad-rec_atf%7Camznbid%3D2%26amznp%3D2%26mnadc%3Ddiv-gpt-ad-billb_atf%7Camznbid%3D2%26amznp%3D2%26hb_domain%3Dnypost.com%26hb_auction_id%3D9f29a693-8066-49c2-8257-d87e5ecc29e3%26hb_adomain%3Dnobid.io%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x250%26hb_pb%3D0.05%26hb_adid%3D8228c7d50948e4%26hb_bidder%3Dduration%26mnadc%3Ddiv-gpt-ad-rec_btf%7Camznbid%3D2%26amznp%3D2%26hb_domain%3Dnypost.com%26hb_auction_id%3D9f29a693-8066-49c2-8257-d87e5ecc29e3%26hb_adomain%3Dnobid.io%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x250%26hb_pb%3D0.05%26hb_adid%3D8371567d4d28e1b%26hb_bidder%3Dduration%26mnadc%3Ddiv-gpt-ad-rec_widget%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2&cust_params=testgroup%3D85%26permutive%3D%26puid%3D7e514abc-0a31-4f03-90ca-baace86c2b2a%26ptime%3D1692017395480%26authors%3DFox%2520Business%26page_type%3Darticle%26content%3Dfacebook%252Conlyfans%252Cpinterest%252Csecret-service%252Ctwitch%252Ctwitter%26site%3Dnypost%26dimension54%3Dtrue%26video%3Dnone%26nckey_userGroup%3D2%26hb_test%3Dv3&adks=2562591345%2C4085704678%2C366994245%2C2132126583%2C1063611875%2C733401058%2C2584993449%2C2299403791%2C3896335650
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308090102/pubads_impl.js?cb=31076971
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
756ba962a88d78b29fe823e9b1ae3e1db64b3e777fb170d9a438588df4ddcad6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:58 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37117
x-xss-protection
0
google-lineitem-id
-1,-1,-1,-1,-2,-2,6322078046,-2,5402416556
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-1,-1,-1,-2,-2,138360848979,-2,138244049805
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://nypost.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 779A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308090102/pubads_impl.js?cb=31076971
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 14 Aug 2023 12:49:58 GMT
expires
Tue, 13 Aug 2024 12:49:58 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sp_Sx8YukwE
api-2-0.spot.im/v1.0.0/broadcasts/broadcasts/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/broadcasts/broadcasts/sp_Sx8YukwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-22.jfk50.r.cloudfront.net
Software
fasthttp /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-spotim-device-uuid,x-spotim-page-view-id
Access-Control-Request-Method
GET
Origin
https://nypost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://nypost.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age
86400
content-length
0
date
Mon, 14 Aug 2023 12:49:57 GMT
server
fasthttp
via
1.1 b5fe18267507cb61755963d8928a60f4.cloudfront.net (CloudFront)
x-amz-cf-id
dw-5qD54gB70iV7Q8hUf1zdmMYMmN4X7IBDLc2oMm2m0YXMTLvL1sw==
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
authenticate
api-2-0.spot.im/v1.0.0/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/authenticate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-22.jfk50.r.cloudfront.net
Software
fasthttp /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-post-id,x-spot-id,x-spotim-device-uuid
Access-Control-Request-Method
POST
Origin
https://nypost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://nypost.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age
86400
content-length
0
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
date
Mon, 14 Aug 2023 12:49:58 GMT
server
fasthttp
strict-transport-security
max-age=31536000
via
1.1 b5fe18267507cb61755963d8928a60f4.cloudfront.net (CloudFront)
x-amz-cf-id
8u2Q56RMi90v-P95YsGq5KHEA_b9-u3s7GeFA4G2HZe9bhAlY8tl8g==
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
sp_Sx8YukwE
api-2-0.spot.im/v1.0.0/broadcasts/broadcasts/ 		25 B
771 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/broadcasts/broadcasts/sp_Sx8YukwE
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.8.1/launcher/480-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-22.jfk50.r.cloudfront.net
Software
fasthttp /
Resource Hash
b15adda52043ab41ba5663be05a91676db5ff3ad95e82dfafe7c5047eedc3f26

Request headers

Accept
application/json
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
x-spotim-device-uuid
a3319bef-f26a-424c-8ba0-adaa5e0ce096
x-spotim-page-view-id
9221dbf5-e9ec-44c1-b0d4-bb1aa758a98a
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 14 Aug 2023 12:42:10 GMT
via
1.1 d8e93128b8c3fa45992684bc1f50eeb8.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P5
age
468
x-cache
Hit from cloudfront
content-length
25
x-request-id
fc39258f-3a9f-11ee-9337-4e2824fe9d9f
server
fasthttp
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nypost.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url
x-amz-cf-id
500Td5wS4BLY1oDHfkftLouxlM-D2agWAmWnH7YYsaGzB42fBg4-Mw==
authenticate
api-2-0.spot.im/v1.0.0/ 		359 B
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/authenticate
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.8.1/launcher/shell-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-22.jfk50.r.cloudfront.net
Software
fasthttp /
Resource Hash
076d349ea3c64dc8c267d658e135d4c55ee39db70c2076f2650c26fd9620e3bc
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

x-spot-id
sp_Sx8YukwE
x-spotim-device-uuid
a3319bef-f26a-424c-8ba0-adaa5e0ce096
x-post-id
26570027
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 14 Aug 2023 12:49:58 GMT
via
1.1 b5fe18267507cb61755963d8928a60f4.cloudfront.net (CloudFront)
x-spotim-device-uuid
a3319bef-f26a-424c-8ba0-adaa5e0ce096
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
strict-transport-security
max-age=31536000
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-spotim-networkid
net_nypost
content-length
359
x-spotim-token
012308145dJX00.0aab40957033845734decc2fe913ee824d6efb0df56e52934143e50833f62c26
x-access-token
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6IiIsInZlcmlmaWVkIjpmYWxzZSwidXNlcl9pZCI6InVfa2JHakNidEdISXNjIiwiZGlzcGxheV9uYW1lIjoiUmVkQ29ja3RhaWwiLCJ1c2VyX25hbWUiOiJSZWRDb2NrdGFpbCIsInJlZ2lzdGVyZWQiOmZhbHNlLCJpbWFnZV9pZCI6IiNSZWQtQ29ja3RhaWwiLCJyb2xlcyI6W10sInNzb19kYXRhIjpudWxsLCJwcm92aWRlcnMiOm51bGwsInJlcHV0YXRpb24iOnt9LCJzcG90X2lkIjoic3BfU3g4WXVrd0UiLCJsYXN0X2NoZWNrIjoxNjkyMDE3Mzk4LCJ2ZXJzaW9uIjoyLCJ4LXNwb3RpbS10b2tlbiI6IjAxMjMwODE0NWRKWDAwLjBhYWI0MDk1NzAzMzg0NTczNGRlY2MyZmU5MTNlZTgyNGQ2ZWZiMGRmNTZlNTI5MzQxNDNlNTA4MzNmNjJjMjYiLCJwZXJtaXNzaW9ucyI6bnVsbCwic3BvdGltLWRldmljZS12MiI6ImRfOEp3V2NuYjFyWTg2QnFQSjlZdFQiLCJuZXR3b3JrIjp7Im5ldHdvcmtfaWQiOiJuZXRfbnlwb3N0IiwibmV0d29ya19uYW1lIjoiTllQb3N0IiwibmV0d29ya19pbWFnZV9pZCI6Ik5ZUG9zdCIsIm5ldHdvcmtfY29sb3IiOiIjQ0MzMzMzIn0sInNwb3RfbmFtZSI6IiIsImRvbWFpbiI6IiIsInJvbGVzX251bWJlciI6MCwidGVtcF91c2VyIjpmYWxzZSwiZXhwIjoxNzIwNDM5Mzk4LCJzdWIiOiJ1X2tiR2pDYnRHSElzYyJ9.5Jcs78xQbo06Bo6LVlcfOO9evTO49Bfow2cswiwWfcQ
x-request-id
132cc70a-3aa1-11ee-bcc6-5e3418901ba1
x-guid
a3319bef-f26a-424c-8ba0-adaa5e0ce096
server
fasthttp
x-spotim-device-v2
d_8JwWcnb1rY86BqPJ9YtT
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://nypost.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url
x-amz-cf-id
DxiBLdaWTcEH7wj548cn0-dU_zs2X4xZv2Psje_g0gJbWi-7KXwYRA==
l
use.typekit.net/af/d45b9a/000000000000000077359577/30/ Frame C321 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/d45b9a/000000000000000077359577/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/uel0ekt.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8252 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
ccaac2a8b85879c92bbd73e67512e8e8ab0e719ad0163193081ea6abb20031cc

Request headers

Referer
https://use.typekit.net/uel0ekt.css
Origin
https://nypost.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:57 GMT
server
nginx
etag
"f806d2fcac6bea1cced8320378bba8659e3a95e8"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
33364
l
use.typekit.net/af/384d9b/00000000000000007735bb6a/30/ Frame C321 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/384d9b/00000000000000007735bb6a/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/uel0ekt.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8252 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1047020444e0f9d5830f2d569440909a6aaf61ef5b6db572bc3b9987f4b4f741

Request headers

Referer
https://use.typekit.net/uel0ekt.css
Origin
https://nypost.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:57 GMT
server
nginx
etag
"23427917d6d72688888854d7151dc7962d8d8301"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
25828
ads
securepubads.g.doubleclick.net/gampad/ Frame 0C37 		156 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?env=vp&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&correlator=4122438942038734&sz=400x300&url=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&iu=%2F5850%2Fpost.videoplayer%2Fjw&cust_params=hb_uuid%3Dundefined%26hb_cache_id%3Dundefined%26mnadc%3D%2F5850%2Fpost.videoplayer%2Fjw%26testgroup%3D85%26permutive%3D%26puid%3D7e514abc-0a31-4f03-90ca-baace86c2b2a%26ptime%3D1692017395480%26authors%3DFox%20Business%26page_type%3Darticle%26content%3Dfacebook%2Conlyfans%2Cpinterest%2Csecret-service%2Ctwitch%2Ctwitter%26site%3Dnypost%26dimension54%3Dtrue%26video%3Dnone%26nckey_userGroup%3D2&description_url=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&us_privacy=1---&vid_t=Today%27s%20Video%20Headlines%3A%208%2F13%2F23&vpa=auto&vpmute=1&sdkv=h.3.584.2&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70%2C728x90&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=jwplayer&mpv=8.27.1&sdki=445&ptt=20&adk=2287925698&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.584.2&sid=60E55A3F-12D3-4563-BD14-4E6603906C0F&a3p=EhsKDDMzYWNyb3NzLmNvbRivjuKgnzFIAFICCGQSGQoKdWlkYXBpLmNvbRipjuKgnzFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGKuO4qCfMUgAUgIIZBIcCg1jcndkY250cmwubmV0GKyO4qCfMUgAUgIIZBI7CgpwdWJjaWQub3JnEiRlMjdmODU2Yi1iMzk2LTRjODItOThmMS1kMDU3MzQ3N2U3MjAYrJPioJ8xSAASFwoIcnRiaG91c2UYrY7ioJ8xSABSAghkEhQKBW9wZW54GLCO4qCfMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRivjuKgnzFIAFICCGQ.&nel=0&eid=44750824%2C44752052%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275&top=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&loc=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&dlt=1692017391878&idt=4422&dt=1692017397991&cookie_enabled=1&scor=153294623428138&ged=timeout
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:58 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
test.html
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame E59F 		610 B
937 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.220.189.76 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-189-76.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474

Request headers

Referer
https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
access-control-request-headers
X-OB-STG,X-OB-PRD
cache-control
max-age=604800
content-length
610
content-type
text/html
date
Mon, 14 Aug 2023 12:49:58 GMT
etag
"48053d50141031b1511dbd30f9a31288:1692004926.168723"
expires
Mon, 21 Aug 2023 12:49:58 GMT
last-modified
Mon, 14 Aug 2023 08:42:45 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
publishertag.prebid.135.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.135.js
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/prebid/nyp/pb.js?ver=1.0.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:58 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-16386"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 15 Aug 2023 12:49:58 GMT
ping.gif
ping-meta-prd.jwpltx.com/v1/jwplayer6/ 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping-meta-prd.jwpltx.com/v1/jwplayer6/ping.gif?h=-55262567&e=xapi&n=3842656069564723&aid=wExvYnLyEeyygEIIgluVXw&emi=1bm2gucf42io&id=ScrNykYo&pli=11ybb8kg0o77&pv=8.27.1&tv=3.43.0&ed=6&prs=ad-break&pid=SPdDOYds&ph=1&sdk=0&xam=getConfig&sa=1692017398050
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-served-by
cache-mia-kmia1760020-MIA
date
Mon, 14 Aug 2023 12:49:58 GMT
via
1.1 varnish
server
nginx
accept-ranges
bytes
x-cache
MISS
x-cache-hits
0
918-bundle.js
static-cdn.spot.im/production/launcher/tags/v3.8.1/launcher/ 		136 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/launcher/tags/v3.8.1/launcher/918-bundle.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.66 , United States, ASN (),
Reverse DNS
server-18-173-219-66.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aed2024c0b547dfcf4693718aa6b73058c09bbc2ffb4608033cb1c5cffd2ac19

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 09:15:25 GMT
content-encoding
br
via
1.1 6d137176634825df2648120ac1bcc782.cloudfront.net (CloudFront)
x-amz-version-id
qx_LTmyu_AMNIrU4JJdzVyILmCLjaroB
x-amz-cf-pop
JFK52-P1
age
1913674
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
34868
last-modified
Wed, 19 Jul 2023 12:42:55 GMT
server
AmazonS3
etag
"5c219744e2d287fb0baa92c1288d9cb9"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
tBInDNPbHMDS623nrAV2WJvN4L9GmzwwiM75VDbBTSN_KDLaYKS6YA==
with-all-vendors-bundle.js
static-cdn.spot.im/production/launcher/tags/v3.8.1/launcher/ 		393 B
692 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/launcher/tags/v3.8.1/launcher/with-all-vendors-bundle.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.66 , United States, ASN (),
Reverse DNS
server-18-173-219-66.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7fe77c30581bd46d966e9210fad4688336fa49fe7bf366bbbfef8eecea39cd4f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 09:15:25 GMT
content-encoding
br
via
1.1 6d137176634825df2648120ac1bcc782.cloudfront.net (CloudFront)
x-amz-version-id
v3oiuHnhJP0G_OW3amF8gsk6P8rdLGHZ
x-amz-cf-pop
JFK52-P1
age
1913674
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
216
last-modified
Wed, 19 Jul 2023 12:42:55 GMT
server
AmazonS3
etag
"dfb281e5bbe2546f2fce2a228160c5d1"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
AfzKwiMZiFX4P6XtoAlMUq5y6OTFqi8O1g6Z83ISXT3EAjnxf8Qa4w==
ecm3
s.amazon-adsystem.com/ Frame 7D8D
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LLAVGYIH-G-GET7
  • https://s.amazon-adsystem.com/ecm3?id=LLAVGYIH-G-GET7&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LLAVGYIH-G-GET7&ex=d-rubiconproject.com&status=ok
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Aug 2023 12:49:58 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
XJC3RH2TVCZKGY51YVQ2
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LLAVGYIH-G-GET7&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
03d4828e33e22cf7b4098c5a68746480
Expires
0
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame 37FF 		0
0
ecm3
s.amazon-adsystem.com/ Frame 23F7 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID68531A78-C812-44CF-A2C6-1C611A476111
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 14 Aug 2023 12:49:58 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
7HFJHB5Q6ZNJWE9WY0N8
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 01F1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=aFMaeMgSRM-ixhxhGkdhEQ%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
23.220.188.195 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-188-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:58 GMT
content-encoding
gzip
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=34068
accept-ranges
bytes
content-length
5606
expires
Mon, 14 Aug 2023 22:17:46 GMT

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame 01F1
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=68531A78-C812-44CF-A2C6-1C611A476111
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=68531A78-C812-44CF-A2C6-1C611A476111
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=729e4ab9-4626-4c72-9437-f28f3a88b1bb%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=885e676c-3a70-45fe-acfc-e7ad294a43e8&ttd_puid=729e4ab9-4626-4c72-9437-f28f3a88b1bb%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=885e676c-3a70-45fe-acfc-e7ad294a43e8&ttd_puid=729e4ab9-4626-4c72-9437-f28f3a88b1bb%2C%2C
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:59 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:58 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=885e676c-3a70-45fe-acfc-e7ad294a43e8&ttd_puid=729e4ab9-4626-4c72-9437-f28f3a88b1bb%2C%2C
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
359
FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3A...
us01.z.antigena.com/l/ Frame 01F1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%2068531A78-C812-44CF-A2C6-1C611A476111&rnd=RND
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
40.76.134.238 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers
xuid
eb2.3lift.com/ Frame 01F1 		37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7976&xuid=68531A78-C812-44CF-A2C6-1C611A476111&dongle=u6nf&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 14 Aug 2023 12:49:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cookie-sync
sync.outbrain.com/ Frame 01F1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Njg1MzFBNzgtQzgxMi00NENGLUEyQzYtMUM2MTFBNDc2MTEx&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160065&pmc=1&pr=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dpubmatic%26obUid%3DKQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tB...
  • https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&gdpr=0&initiator=ob&gdpr_consent=&us_privacy=1---&uid=68531A78-C812-44CF-A2C6...
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&gdpr=0&initiator=ob&gdpr_consent=&us_privacy=1---&uid=68531A78-C812-44CF-A2C6-1C611A476111
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
64.202.112.255 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 12:50:00 GMT
Cache-Control
no-cache
X-TraceId
ff330188ccf74ff5e173f07bd6506ba8
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&gdpr=0&initiator=ob&gdpr_consent=&us_privacy=1---&uid=68531A78-C812-44CF-A2C6-1C611A476111
date
Mon, 14 Aug 2023 12:49:59 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cookie-sync
sync.outbrain.com/ Frame 01F1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPTX_oTCFaZXlMlwPLXMozU&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160065&pmc=1&pr=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dpubmatic%26obUid%3DKQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tB...
  • https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&gdpr=0&initiator=ob&gdpr_consent=&us_privacy=1---&uid=68531A78-C812-44CF-A2C6...
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&gdpr=0&initiator=ob&gdpr_consent=&us_privacy=1---&uid=68531A78-C812-44CF-A2C6-1C611A476111
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
64.202.112.255 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 12:50:00 GMT
Cache-Control
no-cache
X-TraceId
4e70cd8a749ec7e6662e5652a5bc78d4
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&gdpr=0&initiator=ob&gdpr_consent=&us_privacy=1---&uid=68531A78-C812-44CF-A2C6-1C611A476111
date
Mon, 14 Aug 2023 08:35:11 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cookie-sync
sync.outbrain.com/ Frame 01F1
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:4F94844F4CC4401AB7330777BA793A74
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160065&pmc=1&pr=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dpubmatic%26obUid%3DKQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tB...
  • https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&gdpr=0&initiator=ob&gdpr_consent=&us_privacy=1---&uid=68531A78-C812-44CF-A2C6...
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&gdpr=0&initiator=ob&gdpr_consent=&us_privacy=1---&uid=68531A78-C812-44CF-A2C6-1C611A476111
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
64.202.112.255 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 12:50:00 GMT
Cache-Control
no-cache
X-TraceId
05163601936770ace61c84cec4aee640
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&gdpr=0&initiator=ob&gdpr_consent=&us_privacy=1---&uid=68531A78-C812-44CF-A2C6-1C611A476111
date
Mon, 14 Aug 2023 08:35:36 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
SPug
image4.pubmatic.com/AdServer/ Frame 01F1
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=885e676c-3a70-45fe-acfc-e7ad294a43e8&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=68531A78-C812-44CF-A2C6-1C611A476111&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-MIdz6AlE2uW5wJEvipv9u_hOZ5ymadk-~A&gdpr=0
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-MIdz6AlE2uW5wJEvipv9u_hOZ5ymadk-~A&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 08:35:58 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-MIdz6AlE2uW5wJEvipv9u_hOZ5ymadk-~A&gdpr=0
date
Mon, 14 Aug 2023 12:49:59 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
SPug
image4.pubmatic.com/AdServer/ Frame 01F1
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4086215225291572915&gdpr=0&gdpr_consent=&us_privacy=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=68531A78-C812-44CF-A2C6-1C611A476111&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-MIdz6AlE2uW5wJEvipv9u_hOZ5ymadk-~A&gdpr=0
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-MIdz6AlE2uW5wJEvipv9u_hOZ5ymadk-~A&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:59 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-MIdz6AlE2uW5wJEvipv9u_hOZ5ymadk-~A&gdpr=0
date
Mon, 14 Aug 2023 12:49:59 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
notifications-bundle.js
static-cdn.spot.im/production/notifications/tags/v1.21.1/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/notifications/tags/v1.21.1/notifications-bundle.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.66 , United States, ASN (),
Reverse DNS
server-18-173-219-66.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
65b436ff1b96d1a83cbb0bf650370ff365aa4519b9076b08cf47fe1a30c50ba6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
S7K4R9QLnrEqPa.v8HtBBchn7xNm2lAB
content-encoding
br
via
1.1 6d137176634825df2648120ac1bcc782.cloudfront.net (CloudFront)
date
Mon, 14 Aug 2023 08:15:09 GMT
last-modified
Wed, 19 Jul 2023 05:10:34 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P1
age
16520
x-amz-server-side-encryption
AES256
etag
W/"bd9f545be079b4be6c36660fbd4c1508"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-replication-status
COMPLETED
x-amz-cf-id
fi12g38ssnrPdXYNbJ91H2FNOM_IpWE7VheFUaVsUo1Z-iA-EpGExA==
rid
match.adsrvr.org/track/ 		108 B
688 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=c2ldiee&fmt=json
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/prebid/nyp/pb.js?ver=1.0.2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
7906666c4bf0224aac51903ab6752c07179e5ac9b93d811ed6ed30689eeb0ef1

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 14 Aug 2023 12:49:58 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nypost.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Wed, 13 Sep 2023 12:49:58 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 3729 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/prebid/nyp/pb.js?ver=1.0.2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.220.188.182 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-188-182.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 14 Aug 2023 12:49:58 GMT
ETag
"623de86a-cf34"
Expires
Tue, 15 Aug 2023 12:50:00 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
load-cookie.html
elb.the-ozone-project.com/static/ Frame E226 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1---&pubcid=e27f856b-b396-4c82-98f1-d0573477e720&publisherId=OZONENYP0001&siteId=1500000033&cb=1692017396666&bidder=ozone
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/prebid/nyp/pb.js?ver=1.0.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.6.50 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba42a9cd56b1f918a292886d48247f16072ae1efc2ca788a9091288d060c32fd

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7f695223af4a8daf-MIA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 14 Aug 2023 12:49:58 GMT
expires
0
last-modified
Thu, 10 Aug 2023 11:04:33 GMT
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
sync
eb2.3lift.com/ Frame EA62 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?us_privacy=1---&
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/prebid/nyp/pb.js?ver=1.0.2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
f326891bae89353b82409bdcc78870a18105d6894a6a45213377849fe799cb06

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1216
content-type
text/html; charset=utf-8
date
Mon, 14 Aug 2023 12:49:58 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
usync.html
eus.rubiconproject.com/ Frame 65B4 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?us_privacy=1---
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/prebid/nyp/pb.js?ver=1.0.2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.126.114.69 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-114-69.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 14 Aug 2023 12:49:58 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
sync
eb2.3lift.com/ Frame AC00 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?us_privacy=1---&
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/prebid/nyp/pb.js?ver=1.0.2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
f326891bae89353b82409bdcc78870a18105d6894a6a45213377849fe799cb06

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1216
content-type
text/html; charset=utf-8
date
Mon, 14 Aug 2023 12:49:58 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync.html
public.servenobid.com/ Frame 97AD 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html?usp_consent=1---
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/prebid/nyp/pb.js?ver=1.0.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.116.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-122.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ad23a556ada04655067ae0040759f5ad6ee3fbd127a947082795327b2bb7337f

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
15697
cache-control
max-age=86400
content-encoding
gzip
content-type
text/html
date
Mon, 14 Aug 2023 08:28:22 GMT
etag
W/"cba3476b12cba88403393b498cdbcb0a"
last-modified
Wed, 02 Aug 2023 17:35:11 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 86a640712a72b4264f1681744fa48612.cloudfront.net (CloudFront)
x-amz-cf-id
QStCHzSP0WMKpdZJom8ZrAmDqafqfK9KwW5UpozgOudvaYjLbPHsvg==
x-amz-cf-pop
JFK50-P6
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:31ab35ea-5a5c-48f0-b2fb-f30c51be3ea7
x-amz-meta-codebuild-content-md5
72eb3bf796cfb76b935cf7988fe9dbf6
x-amz-meta-codebuild-content-sha256
54752e6f134e9a3b5264f5fce48201b016c1d763a4f3777fb3c64f249a8a0f94
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
ixmatch.html
js-sec.indexww.com/um/ Frame 732C 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/prebid/nyp/pb.js?ver=1.0.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
431
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7f6952247dcd67c8-MIA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 14 Aug 2023 12:49:58 GMT
expires
Mon, 14 Aug 2023 16:49:58 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame E96A 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/prebid/nyp/pb.js?ver=1.0.2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.220.188.182 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-188-182.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 14 Aug 2023 12:49:58 GMT
ETag
"623de86a-cf34"
Expires
Tue, 15 Aug 2023 12:50:00 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 3D21 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/prebid/nyp/pb.js?ver=1.0.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
431
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7f6952247dce67c8-MIA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 14 Aug 2023 12:49:58 GMT
expires
Mon, 14 Aug 2023 16:49:58 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame B810 		36 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU3I8M1G&prvid=2033%2C2030%2C2073%2C273%2C2027%2C159%2C2026%2C117%2C238%2C239%2C97%2C99%2C59%2C3012%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C171%2C173%2C294%2C251%2C178%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C459%2C77%2C184%2C261%2C141%2C262%2C461%2C188%2C222%2C345%2C225%2C226%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/prebid/nyp/pb.js?ver=1.0.2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c89f3b1c6ad8974cf26df010fa1ccf7b475651adfe487f88f29da516acb6ee8e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
11964
content-type
text/html; charset=UTF-8
date
Mon, 14 Aug 2023 12:49:58 GMT
expires
Wed, 16 Aug 2023 12:49:58 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
sync
x.bidswitch.net/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=themediagrid&us_privacy=1---
  • https://stags.bluekai.com/site/92145?id=2ec00d2e-f53c-465e-92d3-2beaa816ca85&redir=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D452%26ssp%3Dthemediagrid%26user_id%3D&limit=1
  • https://x.bidswitch.net/sync?dsp_id=452&ssp=themediagrid&user_id=
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=452&ssp=themediagrid&user_id=
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
HTTP/1.1
Server
35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 12:49:59 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:58 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
location
https://x.bidswitch.net/sync?dsp_id=452&ssp=themediagrid&user_id=
cache-control
max-age=0, no-cache, no-store
content-length
0
bk-server
22bc
expires
Thu, 01 Dec 1994 16:00:00 GMT
usermatch.gif
beacon.krxd.net/
Redirect Chain
  • https://match.adsrvr.org/track/usersync?us_privacy=1---&gdpr=0&gdpr_consent=undefined&ust=image
  • https://usermatch.krxd.net/um/v2?partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=885e676c-3a70-45fe-acfc-e7ad294a43e8
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=krux&ttd_tpi=1&ttd_puid=PvBJHFtJ&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=885e676c-3a70-45fe-acfc-e7ad294a43e8
  • https://beacon.krxd.net/usermatch.gif?partner=ttd&partner_uid=885e676c-3a70-45fe-acfc-e7ad294a43e8
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=ttd&partner_uid=885e676c-3a70-45fe-acfc-e7ad294a43e8
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Server
3.220.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-served-by
beacon-n017-ash-prod.krxd.net
date
Mon, 14 Aug 2023 12:49:59 GMT
cache-control
private, no-cache, no-store
x-request-time
D=44 t=1692017399
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:59 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://beacon.krxd.net/usermatch.gif?partner=ttd&partner_uid=885e676c-3a70-45fe-acfc-e7ad294a43e8
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
227
dcm
aax-eu.amazon-adsystem.com/s/ Frame 7D8D 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.126.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Aug 2023 12:49:58 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
06140RQ7CG0FPREA29XW
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7D8D
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TExBVkdZSUgtRy1HRVQ3
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFITNWv_XUvtPo7u4myPv7I&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExBVkdZSUgtRy1HRVQ3&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExBVkdZSUgtRy1HRVQ3&google_push=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H3
Server
142.251.41.2 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExBVkdZSUgtRy1HRVQ3&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
382e2818ca015d35b02cd449aa60881d
Expires
0
pixel
cm.g.doubleclick.net/ Frame 7D8D
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjMzMWRjYjAxMjIxZjFhNmEzMzA0YzdkMzdmZDdlMDczOTZmNzMzMA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjMzMWRjYjAxMjIxZjFhNmEzMzA0YzdkMzdmZDdlMDczOTZmNzMzMA
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H3
Server
142.251.41.2 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjMzMWRjYjAxMjIxZjFhNmEzMzA0YzdkMzdmZDdlMDczOTZmNzMzMA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
19c1ac3b9706c83a73951eba4d239689
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame 7D8D
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLAVGYIH-G-GET7
0
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLAVGYIH-G-GET7
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:57 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 68B85A53C1C0458EBE76E31F8AE9EAD7 Ref B: MIA301000101051 Ref C: 2023-08-14T12:49:58Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYC4YABlKMjrjlpV497cA==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLAVGYIH-G-GET7
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e1bddfc34a927e97bda010c0d8a62b62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 7D8D
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=885e676c-3a70-45fe-acfc-e7ad294a43e8&gdpr=0&gdpr_consent=&expires=30
42 B
710 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=885e676c-3a70-45fe-acfc-e7ad294a43e8&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
af308bb17a856a105b8c87aaae7d7f8c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:58 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=885e676c-3a70-45fe-acfc-e7ad294a43e8&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
tap.php
pixel.rubiconproject.com/ Frame 7D8D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEA1oAg1BQgKO2ccCOqdhq1s&google_cver=1
42 B
710 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEA1oAg1BQgKO2ccCOqdhq1s&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
0228ab361cece0438ff9eb16e4e5890e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEA1oAg1BQgKO2ccCOqdhq1s&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 7D8D
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/qBhDGrNtQliihnirOgLdmQ?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-gOQ83sxE2oI_nbgbh.qTwLCMt1qU.DvvlgFJzA--~A
42 B
710 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-gOQ83sxE2oI_nbgbh.qTwLCMt1qU.DvvlgFJzA--~A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
2fcb300b847bad3e7dd1184ec8a1c2f5
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Mon, 14 Aug 2023 12:49:58 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-gOQ83sxE2oI_nbgbh.qTwLCMt1qU.DvvlgFJzA--~A
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 7D8D
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=HFIx2xs4SV-XS4J2pB0zhg&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=HFIx2xs4SV-XS4J2pB0zhg
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=HFIx2xs4SV-XS4J2pB0zhg
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Aug 2023 12:49:59 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
KB4PS8DQD8GNY04Z8HFF
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=HFIx2xs4SV-XS4J2pB0zhg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0b388c490ecfef74be7d13328a4f3ac3
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usersync
usersync.gumgum.com/ Frame 2EA6
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LLAVGYIH-G-GET7
  • https://usersync.gumgum.com/usersync?b=mag&i=LLAVGYIH-G-GET7
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=LLAVGYIH-G-GET7
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 14 Aug 2023 12:49:58 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usersync.gumgum.com/usersync?b=mag&i=LLAVGYIH-G-GET7
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0228ab361cece0438ff9eb16e4e5890e
Expires
0
user-sync
ms-cookie-sync.presage.io/ Frame C1C0
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=ogury&gdpr_consent=undefined&gdpr_consent=undefined&khaos=LLAVGYIH-G-GET7
  • https://ms-cookie-sync.presage.io/user-sync?magnite_id=LLAVGYIH-G-GET7&gdpr_consent=undefined
0
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ms-cookie-sync.presage.io/user-sync?magnite_id=LLAVGYIH-G-GET7&gdpr_consent=undefined
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=ogury&endpoint=us-east&gdpr_consent=undefined
Protocol
HTTP/1.1
Server
13.225.214.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-57.ewr50.r.cloudfront.net
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Aug 2023 12:49:58 GMT
Via
1.1 64142199656297b56ef863f9ccc0c102.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
EWR50-C1
X-Powered-By
Express
Surrogate-Control
no-store
X-Cache
Miss from cloudfront
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Length
0
X-Amz-Cf-Id
KBLyS6RryUMfmrE4EMzgcVk007nUmXQ9_gZT7LSVx-vl9V7Jko4Ahw==
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ms-cookie-sync.presage.io/user-sync?magnite_id=LLAVGYIH-G-GET7&gdpr_consent=undefined
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
03d4828e33e22cf7b4098c5a68746480
Expires
0
obtp.js
amplify.outbrain.com/cp/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amplify.outbrain.com/cp/obtp.js
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/external/publishers/common/obPvTracker.js?advId=00c0feecc40196b47a738de28ad44794ac
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.220.189.76 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-189-76.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
009194e0ef2b6a718d82152d400833d2f9d7e06c6aaf958044338cfa12b69a7e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:58 GMT
content-encoding
gzip
last-modified
Thu, 03 Aug 2023 10:44:12 GMT
server
AkamaiNetStorage
etag
"02857a2ca0299fdbe5e606c998ae8005:1691059657.343871"
vary
Accept-Encoding
content-type
application/x-javascript
x-rg
NA
cache-control
max-age=1200
x-cc
US
accept-ranges
bytes
content-length
7075
expires
Mon, 14 Aug 2023 13:09:58 GMT
icon-vi.svg
widgets.outbrain.com/images/widgetIcons/ 		229 B
534 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/icon-vi.svg
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.220.189.76 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-189-76.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
3c1179965bbbc155a93a33852b756160ec48f09d26d41f96273d14f732fa74c8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-request-headers
X-OB-STG,X-OB-PRD
date
Mon, 14 Aug 2023 12:49:58 GMT
content-encoding
gzip
content-length
182
last-modified
Tue, 10 Jan 2023 16:40:08 GMT
server
AkamaiNetStorage
etag
"91990280dce13a095a0da3a6b2fc6816:1673369403.63584"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
expires
Wed, 13 Sep 2023 12:49:58 GMT
ChevronRight.svg
widgets.outbrain.com/images/widgetIcons/ 		524 B
857 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/ChevronRight.svg
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.220.189.76 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-189-76.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
f8d6148b07b2251c53a2605a003b1d29babb8154c5abd0bde0f7e8a800f2dfd9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires
Wed, 13 Sep 2023 12:49:58 GMT
date
Mon, 14 Aug 2023 12:49:58 GMT
last-modified
Tue, 10 Jan 2023 16:40:08 GMT
server
AkamaiNetStorage
etag
"c1dc41410784b37a37e29a21baf9aa1f:1673369389.756676"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
524
access-control-request-headers
X-OB-STG,X-OB-PRD
icon-x-white.svg
widgets.outbrain.com/images/widgetIcons/ 		559 B
892 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/icon-x-white.svg
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.220.189.76 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-189-76.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
06ffd9e17bd41822b9a7b982a8ff486fafa54f7781baacb6ef3507ae7f9b36b5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires
Wed, 13 Sep 2023 12:49:58 GMT
date
Mon, 14 Aug 2023 12:49:58 GMT
last-modified
Tue, 10 Jan 2023 16:40:08 GMT
server
AkamaiNetStorage
etag
"854eb39a3d94a8ec9977261db0c8acc8:1673369404.25082"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
559
access-control-request-headers
X-OB-STG,X-OB-PRD
l
mcdp-nydc1.outbrain.com/ 		2 B
356 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=a2abc716dd7f58cf5126c2225709ed44_770_1692017397590&tm=3511&eT=0&widgetWidth=341&widgetHeight=294&widgetX=629&widgetY=6469&wRV=2010414&pVis=0&lsd=3ebbb7b7-7e3b-46d4-93bf-dc08b9e67ea7&eIdx=&ccpa=1---&rtt=902&oo=false&lo=3105&obreq=2938&mvreq=6215&mvres=7116&cet=4g&to=1692017391278.3&umv=1&ll=0&chs=1&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js?ver=1.0.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.255 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 12:49:58 GMT
content-encoding
br
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
content-range
X-TraceId
4fde153a5fa961b190e8736782b81d8a
Content-Length
6
xuid
eb2.3lift.com/ Frame EA62
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=885e676c-3a70-45fe-acfc-e7ad294a43e8&dongle=0cfd&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=885e676c-3a70-45fe-acfc-e7ad294a43e8&dongle=0cfd&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 14 Aug 2023 12:49:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:58 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=885e676c-3a70-45fe-acfc-e7ad294a43e8&dongle=0cfd&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
251
ebda
eb2.3lift.com/ Frame EA62
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Njg5NjYxMjQyNjcyMzUyOTk2MjE5
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame EA62
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEO2b-56AHTyF6sIVidQEQ-c&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEO2b-56AHTyF6sIVidQEQ-c&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 14 Aug 2023 12:49:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEO2b-56AHTyF6sIVidQEQ-c&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame EA62
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Njg5NjYxMjQyNjcyMzUyOTk2MjE5
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Njg5NjYxMjQyNjcyMzUyOTk2MjE5
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H3
Server
142.251.41.2 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Njg5NjYxMjQyNjcyMzUyOTk2MjE5
date
Mon, 14 Aug 2023 12:49:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame EA62 		0
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=689661242672352996219&dbredirect=true&gdpr=0&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:57 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 4BACB29FF2A640F9BE36DB7663CFC777 Ref B: MIA301000101051 Ref C: 2023-08-14T12:49:58Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYC4YAAeZYTcpaYKb2MXg==
xuid
eb2.3lift.com/ Frame EA62
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=689661242672352996219&gdpr=0&gdpr_consent=
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=15e7f8ff-07e6-4309-9696-695e3fbea310&ssp=triplelift
  • https://eb2.3lift.com/xuid?mid=2409&xuid=2ec00d2e-f53c-465e-92d3-2beaa816ca85&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=2ec00d2e-f53c-465e-92d3-2beaa816ca85&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 14 Aug 2023 12:50:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=2ec00d2e-f53c-465e-92d3-2beaa816ca85&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date
Mon, 14 Aug 2023 12:50:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
xuid
eb2.3lift.com/ Frame EA62
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/689661242672352996219?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-LteRAftE2oSRPlg7yzGwIcnkaHtyCNK2hGEe.AZczQ--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-LteRAftE2oSRPlg7yzGwIcnkaHtyCNK2hGEe.AZczQ--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 14 Aug 2023 12:49:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Mon, 14 Aug 2023 12:49:58 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-LteRAftE2oSRPlg7yzGwIcnkaHtyCNK2hGEe.AZczQ--~A&dongle=0883
content-length
0
c.gif
c.bing.com/ Frame EA62 		42 B
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=689661242672352996219&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:58 GMT
last-modified
Tue, 06 Jun 2023 17:31:18 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 6CDF0B5EA5D1430DBA6174A77CA15E74 Ref B: MIAEDGE1311 Ref C: 2023-08-14T12:49:58Z
etag
"7cd81bb49c98d91:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
xuid
eb2.3lift.com/ Frame EA62
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40%40CRITEO_USERID%40%40%26dongle%3D013b
  • https://eb2.3lift.com/xuid?mid=2711&xuid=43438add-310c-42c6-a606-253d769a587a&dongle=013b
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=43438add-310c-42c6-a606-253d769a587a&dongle=013b
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 14 Aug 2023 12:49:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:58 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://eb2.3lift.com/xuid?mid=2711&xuid=43438add-310c-42c6-a606-253d769a587a&dongle=013b
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
958580
content-length
0
expires
Mon, 14 Aug 2023 00:00:00 GMT
xuid
eb2.3lift.com/ Frame EA62
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=6125384915149995829&dongle=4d58&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=6125384915149995829&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 14 Aug 2023 12:49:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:58 GMT
an-x-request-uuid
601a89bf-2817-4df7-937e-8805adfb55d1
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://eb2.3lift.com/xuid?mid=3335&xuid=6125384915149995829&dongle=4d58&gdpr=0&gdpr_consent=
x-proxy-origin
38.132.118.69; 38.132.118.69; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
static.cloudflareinsights.com/beacon.min.js/ Frame E226 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1---&pubcid=e27f856b-b396-4c82-98f1-d0573477e720&publisherId=OZONENYP0001&siteId=1500000033&cb=1692017396666&bidder=ozone
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391

Request headers

Referer
https://elb.the-ozone-project.com/
Origin
https://elb.the-ozone-project.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:58 GMT
content-encoding
gzip
last-modified
Thu, 20 Jul 2023 18:10:27 GMT
server
cloudflare
etag
W/"2023.7.1"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
7f695225495f3341-MIA
xuid
eb2.3lift.com/ Frame AC00
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=885e676c-3a70-45fe-acfc-e7ad294a43e8&dongle=0cfd&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=885e676c-3a70-45fe-acfc-e7ad294a43e8&dongle=0cfd&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 14 Aug 2023 12:49:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:58 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=885e676c-3a70-45fe-acfc-e7ad294a43e8&dongle=0cfd&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
251
ebda
eb2.3lift.com/ Frame AC00
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Njg5NjYxMjQyNjcyMzUyOTk2MjE5
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame AC00
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEO2b-56AHTyF6sIVidQEQ-c&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEO2b-56AHTyF6sIVidQEQ-c&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 14 Aug 2023 12:49:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEO2b-56AHTyF6sIVidQEQ-c&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame AC00
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Njg5NjYxMjQyNjcyMzUyOTk2MjE5
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Njg5NjYxMjQyNjcyMzUyOTk2MjE5
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H3
Server
142.251.41.2 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Njg5NjYxMjQyNjcyMzUyOTk2MjE5
date
Mon, 14 Aug 2023 12:49:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame AC00 		0
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=689661242672352996219&dbredirect=true&gdpr=0&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:57 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: D6501356524C4360858BCBF84B14E067 Ref B: MIA301000101051 Ref C: 2023-08-14T12:49:58Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYC4YAAwliL7mrh3tna7Q==
xuid
eb2.3lift.com/ Frame AC00
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=689661242672352996219&gdpr=0&gdpr_consent=
  • https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=triplelift&bds_param=2ec00d2e-f53c-465e-92d3-2beaa816ca85
  • https://x.bidswitch.net/sync?dsp_id=340&user_id=29c4531c-4349-4322-918b-c6939fbaab19&expires=10&ssp=triplelift&bsw_param=2ec00d2e-f53c-465e-92d3-2beaa816ca85
  • https://eb2.3lift.com/xuid?mid=2409&xuid=2ec00d2e-f53c-465e-92d3-2beaa816ca85&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=2ec00d2e-f53c-465e-92d3-2beaa816ca85&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 14 Aug 2023 12:50:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=2ec00d2e-f53c-465e-92d3-2beaa816ca85&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date
Mon, 14 Aug 2023 12:49:59 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
xuid
eb2.3lift.com/ Frame AC00
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/689661242672352996219?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-LteRAftE2oSRPlg7yzGwIcnkaHtyCNK2hGEe.AZczQ--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-LteRAftE2oSRPlg7yzGwIcnkaHtyCNK2hGEe.AZczQ--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 14 Aug 2023 12:49:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Mon, 14 Aug 2023 12:49:58 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-LteRAftE2oSRPlg7yzGwIcnkaHtyCNK2hGEe.AZczQ--~A&dongle=0883
content-length
0
c.gif
c.bing.com/ Frame AC00 		42 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=689661242672352996219&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:58 GMT
last-modified
Tue, 06 Jun 2023 17:31:18 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: F0B1DF961573459CA7E4B0CD6A6E1892 Ref B: MIAEDGE1311 Ref C: 2023-08-14T12:49:58Z
etag
"7cd81bb49c98d91:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
xuid
eb2.3lift.com/ Frame AC00
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40%40CRITEO_USERID%40%40%26dongle%3D013b
  • https://eb2.3lift.com/xuid?mid=2711&xuid=43438add-310c-42c6-a606-253d769a587a&dongle=013b
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=43438add-310c-42c6-a606-253d769a587a&dongle=013b
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 14 Aug 2023 12:49:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:58 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://eb2.3lift.com/xuid?mid=2711&xuid=43438add-310c-42c6-a606-253d769a587a&dongle=013b
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1261834
content-length
0
expires
Mon, 14 Aug 2023 00:00:00 GMT
xuid
eb2.3lift.com/ Frame AC00
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=6125384915149995829&dongle=4d58&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=6125384915149995829&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 14 Aug 2023 12:49:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:58 GMT
an-x-request-uuid
2e126422-6b3d-4a91-a72b-7c770b719c33
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://eb2.3lift.com/xuid?mid=3335&xuid=6125384915149995829&dongle=4d58&gdpr=0&gdpr_consent=
x-proxy-origin
38.132.118.69; 38.132.118.69; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
668.2659dea3bd457c636f0f.js
libs.outbrain.com/video/obVideo/current/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://libs.outbrain.com/video/obVideo/current/668.2659dea3bd457c636f0f.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.220.189.76 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-189-76.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
d07480f1ea096e7c2ed85faa8ce7e5348ad4e7d67d888d5beff1ee907b703148

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:58 GMT
content-encoding
gzip
last-modified
Mon, 14 Aug 2023 10:04:03 GMT
server
AkamaiNetStorage
etag
"e973ebbd2e941afee470167ffd450efc:1692011391.708333"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
3911
expires
Mon, 14 Aug 2023 16:49:58 GMT
334.a3c9a85416c1e33ccff9.js
libs.outbrain.com/video/obVideo/current/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://libs.outbrain.com/video/obVideo/current/334.a3c9a85416c1e33ccff9.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.220.189.76 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-189-76.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
bf339547b4ae515c03b4508c2587ce5efd13b9381f883ec0cd5ccb6f4438c7b9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:58 GMT
content-encoding
gzip
last-modified
Mon, 14 Aug 2023 10:04:03 GMT
server
AkamaiNetStorage
etag
"b184801a43731ca8986613e84a864225:1692011389.896442"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
3654
expires
Mon, 14 Aug 2023 16:49:58 GMT
886.2ecc6b389f48ff569d88.js
libs.outbrain.com/video/obVideo/current/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://libs.outbrain.com/video/obVideo/current/886.2ecc6b389f48ff569d88.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.220.189.76 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-189-76.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
8a1b9a22e4927c75aaf0d707bb489739f4be27f502a1d5ffa4c8819f3bcae086

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:58 GMT
content-encoding
gzip
last-modified
Mon, 14 Aug 2023 10:04:03 GMT
server
AkamaiNetStorage
etag
"fbaacef6414128f600e80103a7f99e55:1692011393.54284"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
4962
expires
Mon, 14 Aug 2023 16:49:58 GMT
822.6e9355ca91d9daf71242.js
libs.outbrain.com/video/obVideo/current/ 		158 B
455 B 		Script
General
Check archive.org
Download Go to
Full URL
https://libs.outbrain.com/video/obVideo/current/822.6e9355ca91d9daf71242.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.220.189.76 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-189-76.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
81d064926cee91fd88a624d7dea8c312dfd196dcab565b0495a08369a18cbafc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:58 GMT
content-encoding
gzip
last-modified
Mon, 14 Aug 2023 10:04:03 GMT
server
AkamaiNetStorage
etag
"266d5b08bf7c8cf5705b7ac67022be4f:1692011392.948014"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
149
expires
Mon, 14 Aug 2023 16:49:58 GMT
read
api-2-0.spot.im/v1.0.0/conversation/realtime/ 		59 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/conversation/realtime/read
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.8.1/launcher/480-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-22.jfk50.r.cloudfront.net
Software
fasthttp /
Resource Hash
337113dca5dca51e06e8f52436146d9bdea02a50f6f442085c9d1540079630dd
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

x-spotim-device-uuid
a3319bef-f26a-424c-8ba0-adaa5e0ce096
x-post-id
26570027
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/json
Accept
application/json
x-spot-id
sp_Sx8YukwE
x-spotim-page-view-id
9221dbf5-e9ec-44c1-b0d4-bb1aa758a98a
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/

Response headers

date
Mon, 14 Aug 2023 12:49:58 GMT
via
1.1 d8e93128b8c3fa45992684bc1f50eeb8.cloudfront.net (CloudFront)
x-spotim-device-uuid
a3319bef-f26a-424c-8ba0-adaa5e0ce096
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
strict-transport-security
max-age=31536000
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-spotim-networkid
net_nypost
x-access-token
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6IiIsInZlcmlmaWVkIjpmYWxzZSwidXNlcl9pZCI6InVfd0Zad2JJZlZIcUJOIiwiZGlzcGxheV9uYW1lIjoiUHVycGxlQ2FjdHVzIiwidXNlcl9uYW1lIjoiUHVycGxlQ2FjdHVzIiwicmVnaXN0ZXJlZCI6ZmFsc2UsImltYWdlX2lkIjoiI1B1cnBsZS1DYWN0dXMiLCJyb2xlcyI6W10sInNzb19kYXRhIjpudWxsLCJwcm92aWRlcnMiOm51bGwsInJlcHV0YXRpb24iOnt9LCJzcG90X2lkIjoic3BfU3g4WXVrd0UiLCJsYXN0X2NoZWNrIjoxNjkyMDE3Mzk4LCJ2ZXJzaW9uIjoyLCJ4LXNwb3RpbS10b2tlbiI6IjAxMjMwODE0QjkzN2ZTLmZiZmJkYjBjMzA0OTAwODUxMmZlNjk1MDkxOGQ0ZTUxYjNmZTBhOTk3MjRkMTExNzhlMzhlY2FhOTE5NGU1YTMiLCJwZXJtaXNzaW9ucyI6bnVsbCwic3BvdGltLWRldmljZS12MiI6ImRfNkNlTHNSNjZJWlNFVGVHemROd0kiLCJuZXR3b3JrIjp7Im5ldHdvcmtfaWQiOiJuZXRfbnlwb3N0IiwibmV0d29ya19uYW1lIjoiTllQb3N0IiwibmV0d29ya19pbWFnZV9pZCI6Ik5ZUG9zdCIsIm5ldHdvcmtfY29sb3IiOiIjQ0MzMzMzIn0sInNwb3RfbmFtZSI6IiIsImRvbWFpbiI6IiIsInJvbGVzX251bWJlciI6MCwidGVtcF91c2VyIjpmYWxzZSwiZXhwIjoxNzIwNDM5Mzk4LCJzdWIiOiJ1X3dGWndiSWZWSHFCTiJ9.XqGqYvTs-SC8qKT3nVbHaK7JLlqdWgEjAXQ5-nbeRaA
content-length
59
x-spotim-token
01230814B937fS.fbfbdb0c3049008512fe6950918d4e51b3fe0a99724d11178e38ecaa9194e5a3
x-request-id
138b7475-3aa1-11ee-8017-4e8aa136df61
x-guid
a3319bef-f26a-424c-8ba0-adaa5e0ce096
server
fasthttp
x-spotim-device-v2
d_6CeLsR66IZSETeGzdNwI
access-control-max-age
86400
content-type
application/json
access-control-allow-origin
https://nypost.com
access-control-allow-credentials
true
x-amz-cf-id
VJ-KjH-ciTIPr0WKdFqn7DWQwLp_NCa6963qjq97FM8VxPUaiUA4lA==
read
api-2-0.spot.im/v1.0.0/conversation/realtime/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/conversation/realtime/read
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-22.jfk50.r.cloudfront.net
Software
fasthttp /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-post-id,x-spot-id,x-spotim-device-uuid,x-spotim-page-view-id
Access-Control-Request-Method
POST
Origin
https://nypost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://nypost.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age
86400
content-length
0
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
date
Mon, 14 Aug 2023 12:49:58 GMT
server
fasthttp
strict-transport-security
max-age=31536000
via
1.1 b5fe18267507cb61755963d8928a60f4.cloudfront.net (CloudFront)
x-amz-cf-id
Cv7OIvKX4dkwPApVyLO0xh1wBfPLK1UtQU5zhZ7Fgg2S9YAyZak8Lg==
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
usync.js
eus.rubiconproject.com/ Frame 65B4 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.126.114.69 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-114-69.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
79174ee77b6396cce4fcb7cb25caa2eef27936e6d5dc920a88ea4dfe47e179cb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 12:49:58 GMT
Content-Encoding
gzip
Last-Modified
Mon, 14 Aug 2023 09:42:34 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=75189
Connection
keep-alive
Content-Length
10116
Expires
Tue, 15 Aug 2023 09:43:07 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		95 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
33849beaed6f34c2defe2ea3610a424d05730d79a9af10e3cf67e070af0694e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:58 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 03 Aug 2023 11:12:29 GMT
server
nginx
etag
W/"64cb8b9d-17ba9"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 15 Aug 2023 12:49:58 GMT
csi
csi.gstatic.com/ Frame 0C37 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~llavgyfi&c=4711511821746&slotId=2355755910873&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4009:821::2003 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:58 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie_sync
elb.the-ozone-project.com/ Frame E226 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/cookie_sync
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1---&pubcid=e27f856b-b396-4c82-98f1-d0573477e720&publisherId=OZONENYP0001&siteId=1500000033&cb=1692017396666&bidder=ozone
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.6.50 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7538a0d2d49d8a0a799bb45763418866fdf94e5ed7dfde0b681ee1a7fc4b2b08

Request headers

Referer
https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1---&pubcid=e27f856b-b396-4c82-98f1-d0573477e720&publisherId=OZONENYP0001&siteId=1500000033&cb=1692017396666&bidder=ozone
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:58 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://elb.the-ozone-project.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7f695225894c8daf-MIA
expires
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2B9D 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.220.188.195 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-188-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=34068
content-encoding
gzip
content-length
5606
content-type
text/html
date
Mon, 14 Aug 2023 12:49:58 GMT
expires
Mon, 14 Aug 2023 22:17:46 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
csync
sync.spotim.market/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D271858%26extuid%3D%24UID
  • https://sync.spotim.market/csync?t=a&ep=271858&extuid=6125384915149995829
43 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=271858&extuid=6125384915149995829
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 12:49:59 GMT
Server
Adtelligent
Etag
6727deaf8a61a4e5
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:58 GMT
an-x-request-uuid
dc0ca2b1-4b25-4c9e-b49f-19768c272cce
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.spotim.market/csync?t=a&ep=271858&extuid=6125384915149995829
x-proxy-origin
38.132.118.69; 38.132.118.69; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
partner
sync.search.spotxchange.com/ 		0
0
csync
sync.spotim.market/
Redirect Chain
  • https://pixel.advertising.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true
  • https://sync.spotim.market/csync?t=a&ep=290146&extuid=y-uHIRbmdE2uF6igFf13hTFan0Fo_yG9kD~A
43 B
469 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=290146&extuid=y-uHIRbmdE2uF6igFf13hTFan0Fo_yG9kD~A
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 12:49:59 GMT
Server
Adtelligent
Etag
6727deaf8a61a4e5
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://sync.spotim.market/csync?t=a&ep=290146&extuid=y-uHIRbmdE2uF6igFf13hTFan0Fo_yG9kD~A
date
Mon, 14 Aug 2023 12:49:59 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
partner
sync.search.spotxchange.com/ 		0
0
710530.gif
di.rlcdn.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://di.rlcdn.com/710530.gif
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.140.17 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
17.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers
c
ids.cdnwidget.com/ 		470 B
811 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ids.cdnwidget.com/c?cookieID=&deviceID=&iv=&v=&GCH1=&SCH1=&GCS1=128171094&GCS2=ZjcyMjkyZWUtY2M2ZS00ZjNhLTg2ZmEtODQ1MDExNjQ3ZGQ0LmxvY2Fs&pe=false&wsid=2045&varID=&varData=undefined&log=%7B%22config%22%3A%7B%22gmEN%22%3Afalse%2C%22pixEN%22%3Atrue%7D%2C%22apikey%22%3A%222%5EHIykD%22%2C%22cjsversion%22%3A%221.5.9%22%2C%22wsid%22%3A2045%2C%22loadID%22%3A%22aiKhvVBH3hpsj0x%22%2C%22timing%22%3A%7B%22sessionStorageLoad%22%3A39%2C%22IDStageStart%22%3A40%2C%22obsReqview%22%3A446%2C%22obsReqpage%22%3A447%2C%22obsReqdata%22%3A448%2C%22netComplete%22%3A1888%2C%22IDStagePrefire%22%3A1888%7D%2C%22matches%22%3A%7B%22cookie%22%3Afalse%2C%22LS%22%3Afalse%7D%2C%22info%22%3A%7B%22isSpoofed%22%3Afalse%2C%22PM%22%3Afalse%2C%22DNT%22%3Afalse%2C%22deviceTimezone%22%3A-10%2C%22extensionID%22%3Anull%2C%22externalID%22%3Anull%2C%22agent%22%3A%7B%22device%22%3Anull%7D%2C%22firstLoad%22%3Atrue%7D%2C%22deviceid%22%3A3597984204655002310%2C%22visitid%22%3A1692017398043911%7D
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_0c63e4216cfe4fb383696453c6313332.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.191.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.191.107.34.bc.googleusercontent.com
Software
/
Resource Hash
2f503d94cd0377b30ad4a5e30b03f64d8beb7b5ad5ed502a97a0eb3cdb85b375

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-origin
https://nypost.com
date
Mon, 14 Aug 2023 12:49:58 GMT
content-encoding
gzip
access-control-allow-credentials
true
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
application/json
ping.gif
prd.jwpltx.com/v1/clienta/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prd.jwpltx.com/v1/clienta/ping.gif?h=480002458&e=ae&n=6190681332056689&abc=1&abt=128_sendDomainToFeedsOn&aid=wExvYnLyEeyygEIIgluVXw&amp=0&ask=FTyzwZMf&at=1&c=1&ccp=0&cp=0&d=1&eb=0&ed=6&emi=1bm2gucf42io&i=0&id=ScrNykYo&lid=fv1g2g1ei5g1&lsa=read&mt=1&pbd=1&pbr=1&pgi=165shgxsi7j7&ph=1&pid=SPdDOYds&pii=0&pl=413&plc=1&pli=11ybb8kg0o77&pp=hlsjs&ppm=VOD&prc=1&ps=4&pss=1&pt=Secret%20Service%20tracking%20Onlyfans%2C%20Twitch%2C%20Pinterest%20websites&pu=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&pv=8.27.1&pyc=0&s=1&sdk=0&stc=1&stpe=0&t=Today%27s%20Video%20Headlines%3A%208%2F13%2F23&tv=3.43.0&vb=1&vi=0.92&vl=90&wd=734&ab=1&abid=n7tesuc6j9d5&adi=n7tesuc6j9d5&apid=n7tesuc6j9d5&awi=1&awc=1&p=0&pc=0&pi=0&pr=2&vu=securepubads.g.doubleclick.net&aec=21009&apt=1&ato=10000&atu=https%3A%2F%2Fsecurepubads.g.doubleclick.net%2Fgampad%2Fads%3Fenv%3Dvp%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_st&ec=900&fed=W5xXwQyA&iu=%2F5850%2Fpost.videoplayer%2Fjw&sa=1692017398695
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-served-by
cache-mia-kmia1760020-MIA
date
Mon, 14 Aug 2023 12:49:58 GMT
via
1.1 varnish
server
nginx
accept-ranges
bytes
x-cache
MISS
x-cache-hits
0
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1381752064&t=event&_s=4&dl=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&ul=en-us&de=UTF-8&dt=Secret%20Service%20tracking%20Onlyfans%2C%20Twitch%2C%20Pinterest%20websites&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ad%20Error&ea=Today%27s%20Video%20Headlines%3A%208%2F13%2F23%20%7C%2054%20seconds%20%7C%202023-08-13&el=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&_u=aHBAiEAjBAQCAGAAI~&jid=&gjid=&cid=1624615099.1692017395&tid=UA-3922003-6&_gid=853817950.1692017395&cd88=1624615099.1692017395&cd8=desktop&cd3=facebook%2Conlyfans%2Cpinterest%2Csecret%20service%2CTwitch%2Ctwitter&cd2=Fox%20Business&cd1=article&cd5=standard&cd6=Secret%20Service%20tracking%20OnlyFans%2C%20Pinterest%2C%20Twitch%20websites%2C%20documents%20reveal&cd7=Secret%20Service%20tracking%20OnlyFans%2C%20Pinterest%2C%20Twitch%20websites%3A%20documents&cd12=Secret%20Service%20tracking%20OnlyFans%2C%20Pinterest%2C%20Twitch%20websites%2C%20documents%20reveal&cd9=2023-04-13&cd10=04%3A%2035&cd11=26570027&cd4=news&cd15=secret%20service&cd87=Outbrain%20Guarantee&cd16=349&cd17=no&cd40=no&cd44=no&cd54=true&cd76=In-line&cd21=yes&cd46=false&cg1=article&cg2=news&cg3=nypost.com&cd25=&cd28=SPdDOYds&cd35=no&cd36=1&cd43=featured&cd22=ScrNykYo&cd23=Sun%20Aug%2013%202023&cd24=news%2Cfair%20use%2CTODAYS-HEADLINES%2CHeadlines%3A%20no-playlist&cd26=video%20landing%20page&cd38=1&z=1976775808
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::200e Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 09:41:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
11285
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ScrNykYo.m3u8
cdn.jwplayer.com/manifests/ 		2 KB
783 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jwplayer.com/manifests/ScrNykYo.m3u8
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.27.1/provider.hlsjs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:7600:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
f3742a76c1e6a72fc523661302c2d4bf56cdb5219d8ebcb8a8bef303eb72d17c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:47:04 GMT
content-encoding
gzip
via
1.1 284419e56e7f935ce4c1c55765241348.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
EWR53-C1
age
174
x-cache
Hit from cloudfront
content-type
application/vnd.apple.mpegurl; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=180
x-robots-tag
noindex, indexifembedded
content-length
433
x-amz-cf-id
NzHXgPmUE4BJQ2e-G9Kv5B-sYMM_ld0jhdRZ5ZcGbf48KA4ungRCrg==
/
hde.tynt.com/deb/ Frame 1A41
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1---&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26g...
  • https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1---&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_cons...
  • https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1---&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_con...
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1---&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/prebid/nyp/pb.js?ver=1.0.2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
03427adb761dfb1ebff7f637175dee936c1baa5eec7dfcc2664109d5bb4ed6ab

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
1738
content-type
text/html
date
Mon, 14 Aug 2023 12:49:58 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
0
date
Mon, 14 Aug 2023 12:49:58 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
location
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1---&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
container.html
0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 06C0 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 14 Aug 2023 12:49:58 GMT
expires
Tue, 13 Aug 2024 12:49:58 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A761 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 14 Aug 2023 12:49:58 GMT
expires
Tue, 13 Aug 2024 12:49:58 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A17B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 14 Aug 2023 12:49:58 GMT
expires
Tue, 13 Aug 2024 12:49:58 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7F85 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 14 Aug 2023 12:49:58 GMT
expires
Tue, 13 Aug 2024 12:49:58 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
b-e09f10f-a7b8af42.js
tagan.adlightning.com/nc-nypost/ Frame 067A 		79 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/nc-nypost/b-e09f10f-a7b8af42.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-92.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e68d4edfd3b5b56d6eed01e4eb7dbf84b09cbedf45b75e469efd0037d1f18e8e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 04:25:16 GMT
content-encoding
gzip
via
1.1 e757cbc96b92081ef389914316ecb50c.cloudfront.net (CloudFront)
x-amz-version-id
6k5eMeThttbKLkbqFc7t6mVojRaDpPI7
x-amz-cf-pop
EWR53-C3
age
30284
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30187
x-amz-meta-git_commit
e09f10f
last-modified
Mon, 05 Jun 2023 16:32:15 GMT
server
AmazonS3
etag
"e38307f2b2c7da81aa3de8af486f6e21"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
gOlOVF45aphsJnXBNr2A_HxyQbzNeKXwjK42qpUJoZ6Co6dRO3K9aQ==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 067A 		179 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57470
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1691580806885528"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 14 Aug 2023 12:49:59 GMT
b-e09f10f-a7b8af42.js
tagan.adlightning.com/nc-nypost/ Frame 4EF7 		79 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/nc-nypost/b-e09f10f-a7b8af42.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-92.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e68d4edfd3b5b56d6eed01e4eb7dbf84b09cbedf45b75e469efd0037d1f18e8e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 04:25:16 GMT
content-encoding
gzip
via
1.1 e757cbc96b92081ef389914316ecb50c.cloudfront.net (CloudFront)
x-amz-version-id
6k5eMeThttbKLkbqFc7t6mVojRaDpPI7
x-amz-cf-pop
EWR53-C3
age
30284
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30187
x-amz-meta-git_commit
e09f10f
last-modified
Mon, 05 Jun 2023 16:32:15 GMT
server
AmazonS3
etag
"e38307f2b2c7da81aa3de8af486f6e21"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
QP4lwqHgCm5XUNGkxMypuJuMn0I85nGtQE4cTOOnjGPel4wug4L-QQ==
ttj
ib.3lift.com/ Frame 4EF7 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.3lift.com/ttj?inv_code=NYPost_Sidebar_native_header
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-10.ewr53.r.cloudfront.net
Software
/
Resource Hash
4baa448d3d6a16bf873b3c00a94e9e6bcc22b032ab6e3c9009565c9d14e893d0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:40:23 GMT
content-encoding
gzip
via
1.1 e3fb879a67c14c7a96059b2b777ccbc8.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C3
age
576
etag
"f9f190cf33eb3e45b564ccbf79c724bd2d2ab509"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=900
alt-svc
h3=":443"; ma=86400
content-length
4348
x-amz-cf-id
ERossKIh26ZBqJfuqJ_OUgcSBYZCaYsgifv3GbwiElTGKmqN2h8DIg==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4EF7 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57470
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1691580806885528"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 14 Aug 2023 12:49:59 GMT
async_usersync
ib.adnxs.com/ Frame 3729 		0
595 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.132 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:59 GMT
an-x-request-uuid
1fde73ec-32b5-4ad4-ac44-7ab99a9fa461
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.69; 38.132.118.69; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame E96A 		0
595 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.132 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:59 GMT
an-x-request-uuid
1583fae3-e520-4304-8804-c1c8552733f2
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.69; 38.132.118.69; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
13926
g2.gumgum.com/usync/ Frame 6F54 		2 KB
927 B 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?usp_consent=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.88.169.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-88-169-209.compute-1.amazonaws.com
Software
nginx /
Resource Hash
479771a85779db725b9814cd4a738e5208f867ec7dee831a1516908ee1d46b1c

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Mon, 14 Aug 2023 12:49:59 GMT
etag
W/"0e0720b7475db248b8720039d506a2dab"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame 7119 		2 KB
815 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1---&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?usp_consent=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame DB39 		717 B
783 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?usp_consent=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
216.22.16.5 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
11472afad36851ba300270bbb84522012221c5f2f1bfeef898004e303f7d2a22

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
717
content-type
text/html
date
Mon, 14 Aug 2023 12:49:58 GMT
usermatch
ssum-sec.casalemedia.com/ Frame D9ED 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?usp_consent=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
a0c05348e5bb7e479ae1cfed18c64809700bae84d1d5f21667b8c088aa67b814

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1745
Content-Type
text/html
Date
Mon, 14 Aug 2023 12:49:59 GMT
Expires
0
Keep-Alive
timeout=1, max=500
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
usync.html
eus.rubiconproject.com/ Frame 31AA
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?usp_consent=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.126.114.69 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-114-69.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 14 Aug 2023 12:49:59 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 14 Aug 2023 12:49:59 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5852 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1---&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?usp_consent=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.220.188.195 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-188-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=34067
content-encoding
gzip
content-length
5606
content-type
text/html
date
Mon, 14 Aug 2023 12:49:59 GMT
expires
Mon, 14 Aug 2023 22:17:46 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync-iframe
cs-rtb.minutemedia-prebid.com/ Frame 860C 		4 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?usp_consent=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:9c00:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
074ebccc3051fc1134d2fdebe572628923b61990cbbd1da47bdf1d8ff7ed200b

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-type
text/html
date
Mon, 14 Aug 2023 12:49:59 GMT
server
istio-envoy
via
1.1 80bad22a3308bca7ca55a6da6a46dad4.cloudfront.net (CloudFront)
x-amz-cf-id
MxKHy1eHVPXFjGiZ2Am2nR214DwSO61k_5jyC7Xa23i_v98Nd4emWg==
x-amz-cf-pop
EWR53-C2
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
4
user-sync
sync.adkernel.com/ Frame A8E8 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1---&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?usp_consent=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef7876a6a4b27b0dedf4357ed8516a92dc5d887ee6f3b77e790f919ac0c0a74a

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Age
0
Cache-Control
no-store
Connection
close
Content-Length
1030
Content-Type
text/html; charset=utf-8
Date
Mon, 14 Aug 2023 12:49:59 GMT
Pragma
no-cache
Server
nginx
sync-iframe
cs-server-s2s.yellowblue.io/ Frame 85EC 		3 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?usp_consent=1---
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
35.169.215.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-215-20.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
88ff1b3a2afaa564847b178f44070d289af530835fa4d1baa92ae482a08c160f

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-type
text/html
date
Mon, 14 Aug 2023 12:49:59 GMT
server
istio-envoy
x-envoy-upstream-service-time
4
sync
ads.servenobid.com/ Frame 97AD
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=6125384915149995829
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=6125384915149995829
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?usp_consent=1---
Protocol
H2
Server
52.22.181.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-181-173.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:59 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:59 GMT
an-x-request-uuid
6eecb991-89d0-4682-b365-da81c4d5a855
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ads.servenobid.com/sync?pid=312&uid=6125384915149995829
x-proxy-origin
38.132.118.69; 38.132.118.69; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame 97AD
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1---&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1---&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
  • https://ads.servenobid.com/sync?pid=310&uid=HJkhbLZHRtsgZLtNTqiinddP
0
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=HJkhbLZHRtsgZLtNTqiinddP
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?usp_consent=1---
Protocol
H2
Server
52.22.181.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-181-173.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:00 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=310&uid=HJkhbLZHRtsgZLtNTqiinddP
pragma
no-cache
date
Mon, 14 Aug 2023 12:49:59 GMT
cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires
Fri, 20 Mar 2009 00:00:00 GMT
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
sync
ads.servenobid.com/ Frame 97AD
Redirect Chain
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1---&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1---&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true
  • https://ads.servenobid.com/sync?pid=310&uid=HJkhbLZHRtsgZLtNTqiinddP
0
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=HJkhbLZHRtsgZLtNTqiinddP
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?usp_consent=1---
Protocol
H2
Server
52.22.181.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-181-173.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:00 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Date
Mon, 14 Aug 2023 12:49:59 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://ads.servenobid.com/sync?pid=310&uid=HJkhbLZHRtsgZLtNTqiinddP
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
cs
cs-server-s2s.yellowblue.io/ Frame 97AD
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://ad.turn.com/r/cs?pid=45&rndcb=7290121229
  • https://sync.1rx.io/usersync/turn/4086215225291572915?dspret=1&gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-8473adf2-1b89-4704-a0af-ee0cafa92d52-005?redir=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11579%26id%3DRX-8473adf2-1b89-4704-a0af-ee0cafa...
  • https://cs-server-s2s.yellowblue.io/cs?aid=11579&id=RX-8473adf2-1b89-4704-a0af-ee0cafa92d52-005
0
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11579&id=RX-8473adf2-1b89-4704-a0af-ee0cafa92d52-005
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?usp_consent=1---
Protocol
H2
Server
35.169.215.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-215-20.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:01 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://public.servenobid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Date
Mon, 14 Aug 2023 12:50:00 GMT
Server
Tengine
ETag
RX8473adf21b894704a0afee0cafa92d52005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://cs-server-s2s.yellowblue.io/cs?aid=11579&id=RX-8473adf2-1b89-4704-a0af-ee0cafa92d52-005
Content-Type
text/html
Connection
keep-alive
sync
ads.servenobid.com/ Frame 97AD
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=969188718189332721
0
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=969188718189332721
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?usp_consent=1---
Protocol
H2
Server
52.22.181.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-181-173.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:59 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=969188718189332721
Date
Mon, 14 Aug 2023 12:49:59 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
ads.servenobid.com/ Frame 97AD
Redirect Chain
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
  • https://ads.servenobid.com/sync?pid=332&uid=273e4370-6533-4b38-9af5-edc3c5d51bd0
0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=332&uid=273e4370-6533-4b38-9af5-edc3c5d51bd0
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?usp_consent=1---
Protocol
H2
Server
52.22.181.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-181-173.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:59 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:59 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-82
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ads.servenobid.com/sync?pid=332&uid=273e4370-6533-4b38-9af5-edc3c5d51bd0
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
sync
ads.servenobid.com/ Frame 97AD
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1---&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F4613%3Fgdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26us_privacy%3D1---%26A%3D50478a03-0398-43f7-86fc-e8df8347d808%26bid...
  • https://prebid.a-mo.net/cchain/0/4613?gdpr=0&gdpr_consent=&gpp=&gpp_sid=&us_privacy=1---&A=50478a03-0398-43f7-86fc-e8df8347d808&bidder=appnexus&cbx=aHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9M...
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F4613%3Fgdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26u...
  • https://prebid.a-mo.net/cchain/1/4613?gdpr=0&gdpr_consent=&gpp=&gpp_sid=&us_privacy=1---&A=50478a03-0398-43f7-86fc-e8df8347d808&bidder=index_rtb&cbx=aHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9...
  • https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F4%2F4613%3Fgdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26us_privacy%3D1---%26A%3D50478a0...
  • https://prebid.a-mo.net/cchain/4/4613?gdpr=0&gdpr_consent=&gpp=&gpp_sid=&us_privacy=1---&A=50478a03-0398-43f7-86fc-e8df8347d808&bidder=adform&cbx=aHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI...
  • https://ads.servenobid.com/sync?pid=327&uid=50478a03-0398-43f7-86fc-e8df8347d808&us_privacy=1---&gdpr=0
0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=327&uid=50478a03-0398-43f7-86fc-e8df8347d808&us_privacy=1---&gdpr=0
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?usp_consent=1---
Protocol
H2
Server
52.22.181.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-181-173.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:05 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=327&uid=50478a03-0398-43f7-86fc-e8df8347d808&us_privacy=1---&gdpr=0
date
Mon, 14 Aug 2023 12:50:04 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame 97AD
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ads.servenobid.com/sync?pid=337&uid=y-ka0IJ91E2uEn8mIOLyAuUA.dc8QajnFTWDzb2vs-~A
0
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-ka0IJ91E2uEn8mIOLyAuUA.dc8QajnFTWDzb2vs-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?usp_consent=1---
Protocol
H2
Server
52.22.181.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-181-173.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:59 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-ka0IJ91E2uEn8mIOLyAuUA.dc8QajnFTWDzb2vs-~A
date
Mon, 14 Aug 2023 12:49:59 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ads.servenobid.com/ Frame 97AD
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://ads.servenobid.com/sync?pid=346&uid=ua-232b251a-73f7-38d2-b385-866b557f8a46
0
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=346&uid=ua-232b251a-73f7-38d2-b385-866b557f8a46
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?usp_consent=1---
Protocol
H2
Server
52.22.181.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-181-173.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:59 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=346&uid=ua-232b251a-73f7-38d2-b385-866b557f8a46
pragma
no-cache
date
Mon, 14 Aug 2023 12:49:59 GMT
cache-control
no-store
content-length
0
expires
0
sync
ads.servenobid.com/ Frame 97AD
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ads.servenobid.com/sync?pid=339&uid=y-ka0IJ91E2uEn8mIOLyAuUA.dc8QajnFTWDzb2vs-~A
0
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=339&uid=y-ka0IJ91E2uEn8mIOLyAuUA.dc8QajnFTWDzb2vs-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?usp_consent=1---
Protocol
H2
Server
52.22.181.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-181-173.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:59 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=339&uid=y-ka0IJ91E2uEn8mIOLyAuUA.dc8QajnFTWDzb2vs-~A
date
Mon, 14 Aug 2023 12:49:59 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ads.servenobid.com/ Frame 97AD
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=KW3eSFMR&gdpr=0&gdpr_consent=&us_privacy=1---&
  • https://ads.servenobid.com/sync?pid=351&uid=2e7556fa-d433-4e40-9dcf-8adfe374e481&gdpr=0
0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=351&uid=2e7556fa-d433-4e40-9dcf-8adfe374e481&gdpr=0
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?usp_consent=1---
Protocol
H2
Server
52.22.181.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-181-173.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:59 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=351&uid=2e7556fa-d433-4e40-9dcf-8adfe374e481&gdpr=0
date
Mon, 14 Aug 2023 12:49:59 GMT
content-length
0
sync
ads.servenobid.com/ Frame 97AD
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E
  • https://ads.servenobid.com/sync?pid=353&uid=3350189961523764000V10
0
346 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=353&uid=3350189961523764000V10
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?usp_consent=1---
Protocol
H2
Server
52.22.181.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-181-173.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:59 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Mon, 14 Aug 2023 12:49:59 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://ads.servenobid.com/sync?pid=353&uid=3350189961523764000V10
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Mon, 14 Aug 2023 12:49:59 GMT
sync
ads.servenobid.com/ Frame 97AD
Redirect Chain
  • https://sync.admanmedia.com/pbs.gif?gdpr=0&gdpr_consent=&us_privacy=1---&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D328%26uid%3D%5BUID%5D
  • https://ads.servenobid.com/sync?pid=328&uid=ca97df06-6c9e-4029-8a33-8a416c993787
0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=328&uid=ca97df06-6c9e-4029-8a33-8a416c993787
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?usp_consent=1---
Protocol
H2
Server
52.22.181.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-181-173.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:59 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=328&uid=ca97df06-6c9e-4029-8a33-8a416c993787
Date
Mon, 14 Aug 2023 12:49:59 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
setuid
elb.the-ozone-project.com/ Frame E226
Redirect Chain
  • https://crb.kargo.com/api/v1/dsync/PrebidServer?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dkargo%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%2...
  • https://elb.the-ozone-project.com/setuid?bidder=kargo&uid=0b404d44-1ef0-08ca-124f-fb3dc2e750df&us_privacy=pbs-ozone
0
718 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=kargo&uid=0b404d44-1ef0-08ca-124f-fb3dc2e750df&us_privacy=pbs-ozone
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1---&pubcid=e27f856b-b396-4c82-98f1-d0573477e720&publisherId=OZONENYP0001&siteId=1500000033&cb=1692017396666&bidder=ozone
Protocol
H2
Server
104.18.6.50 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:59 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
7f69522d4a868daf-MIA
content-length
0
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 14 Aug 2023 12:49:59 GMT
Content-Encoding
gzip
X-Accel-Expires
0
Vary
Origin
Content-Type
text/html; charset=utf-8
Location
https://elb.the-ozone-project.com/setuid?bidder=kargo&uid=0b404d44-1ef0-08ca-124f-fb3dc2e750df&us_privacy=pbs-ozone
Cache-Control
no-cache, no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
153
Expires
Thu, 01 Jan 1970 00:00:00 UTC
segment
api.permutive.com/adv/v2/ 		14 B
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/adv/v2/segment?new-session=true&k=8716c0bf-3e57-4603-9c05-89d10477c922
Requested by
Host: 0cf17917-395b-4f25-91cc-db3bdd6044b0.edge.permutive.app
URL: https://0cf17917-395b-4f25-91cc-db3bdd6044b0.edge.permutive.app/f34a8612-9c89-4e7a-adeb-71a2902d9634-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3aeeb9b76fb8242067c35d89b2a5281561e92a7c9a25239d630f818fe978a7d

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Mon, 14 Aug 2023 12:49:59 GMT
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14
content-type
application/json
pubcid.php
hbx.media.net/ Frame B810 		57 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hbx.media.net/pubcid.php?itype=HB&cb=window.advBidxc.mnetCoRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU3I8M1G&prvid=2033%2C2030%2C2073%2C273%2C2027%2C159%2C2026%2C117%2C238%2C239%2C97%2C99%2C59%2C3012%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C171%2C173%2C294%2C251%2C178%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C459%2C77%2C184%2C261%2C141%2C262%2C461%2C188%2C222%2C345%2C225%2C226%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.36.23 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-36-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7b48a74fa0f94d83ae6d60c772f5e7aa66e7be1b63ccf223ca14e34d3d7b0d22
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
content-encoding
gzip
date
Mon, 14 Aug 2023 12:49:59 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=1800
content-length
18543
x-mnet-hl2
E
expires
Mon, 14 Aug 2023 13:19:59 GMT
sync
gum.criteo.com/ Frame B810 		88 B
328 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=1---&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU3I8M1G&prvid=2033%2C2030%2C2073%2C273%2C2027%2C159%2C2026%2C117%2C238%2C239%2C97%2C99%2C59%2C3012%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C171%2C173%2C294%2C251%2C178%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C459%2C77%2C184%2C261%2C141%2C262%2C461%2C188%2C222%2C345%2C225%2C226%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
d0be3aa83c1b8be68b4c7fb1516e3700cc09303eacf88d315eca13f1605daf8d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:58 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
1306849
expires
60
cksync.html
contextual.media.net/ Frame FC60
Redirect Chain
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3350189961523764000V10%26type%3Drkt%26refUrl%3D%26vid%3D201739943733501899615237640...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3350189961523764000V10&type=rkt&refUrl=&vid=20173994373350189961523764000V10&ovsid=969188718189332721
235 B
658 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3350189961523764000V10&type=rkt&refUrl=&vid=20173994373350189961523764000V10&ovsid=969188718189332721
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU3I8M1G&prvid=2033%2C2030%2C2073%2C273%2C2027%2C159%2C2026%2C117%2C238%2C239%2C97%2C99%2C59%2C3012%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C171%2C173%2C294%2C251%2C178%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C459%2C77%2C184%2C261%2C141%2C262%2C461%2C188%2C222%2C345%2C225%2C226%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7adfac299561b9d5ab03c88e9d582cf76bd31746a4c0564d7d0d428199c943df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
235
content-type
text/html;charset=UTF-8
date
Mon, 14 Aug 2023 12:49:59 GMT
expires
Mon, 14 Aug 2023 12:49:59 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E

Redirect headers

Content-Length
0
Date
Mon, 14 Aug 2023 12:49:59 GMT
Location
https://contextual.media.net/cksync.html?cs=8&vsid=3350189961523764000V10&type=rkt&refUrl=&vid=20173994373350189961523764000V10&ovsid=969188718189332721
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
cksync.php
contextual.media.net/ Frame B810
Redirect Chain
  • https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3350189961523764000V10%26type%3Dcon%26refUrl...
  • https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=a74e574c38321b6&is_secure=true&version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D33...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3350189961523764000V10&type=con&refUrl=&vid=20173994373350189961523764000V10&ovsid=AAAMuSdE6J2fHANCmUS6AAAAAAA&expiration=1692103799&is_secure=true
61 B
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3350189961523764000V10&type=con&refUrl=&vid=20173994373350189961523764000V10&ovsid=AAAMuSdE6J2fHANCmUS6AAAAAAA&expiration=1692103799&is_secure=true
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU3I8M1G&prvid=2033%2C2030%2C2073%2C273%2C2027%2C159%2C2026%2C117%2C238%2C239%2C97%2C99%2C59%2C3012%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C171%2C173%2C294%2C251%2C178%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C459%2C77%2C184%2C261%2C141%2C262%2C461%2C188%2C222%2C345%2C225%2C226%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 14 Aug 2023 12:50:00 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Mon, 14 Aug 2023 12:50:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:59 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://contextual.media.net/cksync.php?cs=8&vsid=3350189961523764000V10&type=con&refUrl=&vid=20173994373350189961523764000V10&ovsid=AAAMuSdE6J2fHANCmUS6AAAAAAA&expiration=1692103799&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
cs
cs.yellowblue.io/ Frame B810
Redirect Chain
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3350189961523764000V10%26type%3Dr1%26refUrl%3D%26vid%3D20173994373350189961...
  • https://ad.turn.com/r/cs?pid=45&rndcb=2478565048
  • https://sync.1rx.io/usersync/turn/4086215225291572915?dspret=1&gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-8473adf2-1b89-4704-a0af-ee0cafa92d52-005?redir=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11599%26id%3DRX-8473adf2-1b89-4704-a0af-ee0cafa92d52-005
  • https://cs.yellowblue.io/cs?aid=11599&id=RX-8473adf2-1b89-4704-a0af-ee0cafa92d52-005
0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11599&id=RX-8473adf2-1b89-4704-a0af-ee0cafa92d52-005
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU3I8M1G&prvid=2033%2C2030%2C2073%2C273%2C2027%2C159%2C2026%2C117%2C238%2C239%2C97%2C99%2C59%2C3012%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C171%2C173%2C294%2C251%2C178%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C459%2C77%2C184%2C261%2C141%2C262%2C461%2C188%2C222%2C345%2C225%2C226%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
35.169.215.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-215-20.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:01 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://contextual.media.net/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Date
Mon, 14 Aug 2023 12:50:00 GMT
Server
Tengine
ETag
RX8473adf21b894704a0afee0cafa92d52005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://cs.yellowblue.io/cs?aid=11599&id=RX-8473adf2-1b89-4704-a0af-ee0cafa92d52-005
Content-Type
text/html
Connection
keep-alive
cksync
cs.media.net/ Frame B810
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzM1MDE4OTk2MTUyMzc2NDAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEAd430h0QrBN59qV5xXs-WM&google_cver=1
61 B
453 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEAd430h0QrBN59qV5xXs-WM&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU3I8M1G&prvid=2033%2C2030%2C2073%2C273%2C2027%2C159%2C2026%2C117%2C238%2C239%2C97%2C99%2C59%2C3012%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C171%2C173%2C294%2C251%2C178%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C459%2C77%2C184%2C261%2C141%2C262%2C461%2C188%2C222%2C345%2C225%2C226%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
184.24.36.23 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-36-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:59 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Mon, 14 Aug 2023 12:49:59 GMT

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEAd430h0QrBN59qV5xXs-WM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame B810
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3350189961523764000V10%26type%3Ddxu%26refUrl%3D%26vid%3D20173994373350189961523...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3350189961523764000V10%26type%3Ddxu%26refUrl%3D%26vid%3D20173994373350189...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3350189961523764000V10&type=dxu&refUrl=&vid=20173994373350189961523764000V10&ovsid=b7GxuppY1Qvx1d5
61 B
458 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3350189961523764000V10&type=dxu&refUrl=&vid=20173994373350189961523764000V10&ovsid=b7GxuppY1Qvx1d5
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU3I8M1G&prvid=2033%2C2030%2C2073%2C273%2C2027%2C159%2C2026%2C117%2C238%2C239%2C97%2C99%2C59%2C3012%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C171%2C173%2C294%2C251%2C178%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C459%2C77%2C184%2C261%2C141%2C262%2C461%2C188%2C222%2C345%2C225%2C226%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 14 Aug 2023 12:50:00 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Mon, 14 Aug 2023 12:50:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 14 Aug 2023 12:49:59 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-788-g55788f4#dev-temp-decrease-retargeting-updates-batch i-0c3405553160fb37b@us-east-1b@dxedge-app-us-east-1-prod-asg
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3350189961523764000V10&type=dxu&refUrl=&vid=20173994373350189961523764000V10&ovsid=b7GxuppY1Qvx1d5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame B810
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=43438add-310c-42c6-a606-253d769a587a
61 B
622 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=43438add-310c-42c6-a606-253d769a587a
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU3I8M1G&prvid=2033%2C2030%2C2073%2C273%2C2027%2C159%2C2026%2C117%2C238%2C239%2C97%2C99%2C59%2C3012%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C171%2C173%2C294%2C251%2C178%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C459%2C77%2C184%2C261%2C141%2C262%2C461%2C188%2C222%2C345%2C225%2C226%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 14 Aug 2023 12:50:00 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Mon, 14 Aug 2023 12:50:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:58 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=43438add-310c-42c6-a606-253d769a587a
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1110379
content-length
0
expires
Mon, 14 Aug 2023 00:00:00 GMT
cksync.php
contextual.media.net/ Frame B810
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dmedianet
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dmedianet
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=df42ed37-b5c3-41cf-a6a0-9e25fb4c785b&ssp=medianet
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=2ec00d2e-f53c-465e-92d3-2beaa816ca85&gdpr=&gdpr_consent=&gdpr_pd=
61 B
471 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=2ec00d2e-f53c-465e-92d3-2beaa816ca85&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU3I8M1G&prvid=2033%2C2030%2C2073%2C273%2C2027%2C159%2C2026%2C117%2C238%2C239%2C97%2C99%2C59%2C3012%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C171%2C173%2C294%2C251%2C178%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C459%2C77%2C184%2C261%2C141%2C262%2C461%2C188%2C222%2C345%2C225%2C226%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 14 Aug 2023 12:50:03 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Mon, 14 Aug 2023 12:50:03 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?cs=1&type=bs&ovsid=2ec00d2e-f53c-465e-92d3-2beaa816ca85&gdpr=&gdpr_consent=&gdpr_pd=
Date
Mon, 14 Aug 2023 12:50:01 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cksync.php
contextual.media.net/ Frame B810
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?puid=${VSID}&cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__https%3A%2F%2Fcontextual.media.net%2Fcksync.php...
  • https://stags.bluekai.com/site/23178?id=JJ-Bcr2ZgPSZovj0FZ9P&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2MJGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKKJIWUEY3SGJNGOUCTLJXXM2RQIZNDS...
  • https://contextual.media.net/cksync.php?cs=1&ovsid=JJ-Bcr2ZgPSZovj0FZ9Phttps%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8&ovsid=__ZUID__&refUrl=&type=zem&type=zem&vid=201739943733501899615237...
60 B
298 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&ovsid=JJ-Bcr2ZgPSZovj0FZ9Phttps%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8&ovsid=__ZUID__&refUrl=&type=zem&type=zem&vid=20173994373350189961523764000V10&vsid=3350189961523764000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU3I8M1G&prvid=2033%2C2030%2C2073%2C273%2C2027%2C159%2C2026%2C117%2C238%2C239%2C97%2C99%2C59%2C3012%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C171%2C173%2C294%2C251%2C178%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C459%2C77%2C184%2C261%2C141%2C262%2C461%2C188%2C222%2C345%2C225%2C226%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0c34dc4de2a524e93b1315788f03ba101b99e22ff50082945e84a00368d73e16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 14 Aug 2023 12:50:01 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
60
x-mnet-hl2
E
expires
Mon, 14 Aug 2023 12:50:01 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 14 Aug 2023 12:50:00 GMT
Content-Type
text/html; charset=utf-8
Location
https://contextual.media.net/cksync.php?cs=1&ovsid=JJ-Bcr2ZgPSZovj0FZ9Phttps%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8&ovsid=__ZUID__&refUrl=&type=zem&type=zem&vid=20173994373350189961523764000V10&vsid=3350189961523764000V10
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
284
Expires
Thu, 01 Dec 1994 16:00:00 GMT
/
dmp.adblade.com/srv/sync/gateway/ Frame B810 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adblade.com/srv/sync/gateway/?cId=Medianet;__src=adblade
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU3I8M1G&prvid=2033%2C2030%2C2073%2C273%2C2027%2C159%2C2026%2C117%2C238%2C239%2C97%2C99%2C59%2C3012%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C171%2C173%2C294%2C251%2C178%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C459%2C77%2C184%2C261%2C141%2C262%2C461%2C188%2C222%2C345%2C225%2C226%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.73.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-73-116.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 12:49:59 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
cksync.php
contextual.media.net/ Frame B810
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3350189961523764000V10
  • https://contextual.media.net/cksync.php?type=mf&ovsid=8759a31e-b0b9-4b35-8fbe-32318a0f4a18&cs=1
61 B
472 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=mf&ovsid=8759a31e-b0b9-4b35-8fbe-32318a0f4a18&cs=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU3I8M1G&prvid=2033%2C2030%2C2073%2C273%2C2027%2C159%2C2026%2C117%2C238%2C239%2C97%2C99%2C59%2C3012%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C171%2C173%2C294%2C251%2C178%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C459%2C77%2C184%2C261%2C141%2C262%2C461%2C188%2C222%2C345%2C225%2C226%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 14 Aug 2023 12:50:00 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Mon, 14 Aug 2023 12:50:00 GMT

Redirect headers

location
//contextual.media.net/cksync.php?type=mf&ovsid=8759a31e-b0b9-4b35-8fbe-32318a0f4a18&cs=1
date
Mon, 14 Aug 2023 12:49:59 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
710489.gif
id.rlcdn.com/ Frame B810 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/710489.gif
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU3I8M1G&prvid=2033%2C2030%2C2073%2C273%2C2027%2C159%2C2026%2C117%2C238%2C239%2C97%2C99%2C59%2C3012%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C171%2C173%2C294%2C251%2C178%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C459%2C77%2C184%2C261%2C141%2C262%2C461%2C188%2C222%2C345%2C225%2C226%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:59 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
cksync
cs.media.net/ Frame B810
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=885e676c-3a70-45fe-acfc-e7ad294a43e8
61 B
457 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=885e676c-3a70-45fe-acfc-e7ad294a43e8
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU3I8M1G&prvid=2033%2C2030%2C2073%2C273%2C2027%2C159%2C2026%2C117%2C238%2C239%2C97%2C99%2C59%2C3012%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C171%2C173%2C294%2C251%2C178%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C459%2C77%2C184%2C261%2C141%2C262%2C461%2C188%2C222%2C345%2C225%2C226%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
184.24.36.23 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-36-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:59 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Mon, 14 Aug 2023 12:49:59 GMT

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:59 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=885e676c-3a70-45fe-acfc-e7ad294a43e8
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
199
cksync.php
contextual.media.net/ Frame B810
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=medianet
  • https://contextual.media.net/cksync.php?cs=1&vsid=%7BMedia.net_User_id%7D&type=rbh&ovsid=nbVMDximHKFhSA45Jmrh&pi=medianet
61 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&vsid=%7BMedia.net_User_id%7D&type=rbh&ovsid=nbVMDximHKFhSA45Jmrh&pi=medianet
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU3I8M1G&prvid=2033%2C2030%2C2073%2C273%2C2027%2C159%2C2026%2C117%2C238%2C239%2C97%2C99%2C59%2C3012%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C171%2C173%2C294%2C251%2C178%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C459%2C77%2C184%2C261%2C141%2C262%2C461%2C188%2C222%2C345%2C225%2C226%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 14 Aug 2023 12:50:00 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Mon, 14 Aug 2023 12:50:00 GMT

Redirect headers

location
https://contextual.media.net/cksync.php?cs=1&vsid=%7BMedia.net_User_id%7D&type=rbh&ovsid=nbVMDximHKFhSA45Jmrh&pi=medianet
pragma
no-cache
date
Mon, 14 Aug 2023 12:49:59 GMT, Mon, 14 Aug 2023 12:49:59 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
src_next_index_tsx-bundle.js
static-cdn.spot.im/production/notifications/tags/v1.21.1/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/notifications/tags/v1.21.1/src_next_index_tsx-bundle.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.66 , United States, ASN (),
Reverse DNS
server-18-173-219-66.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4ee0a0af2086d2d7842764f77c154b9235587cf9ba0b961cb2b4d692405a4009

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
EJUKuDThFHqx4z64K_smKlRLYYBpdIzw
content-encoding
br
via
1.1 6d137176634825df2648120ac1bcc782.cloudfront.net (CloudFront)
date
Mon, 14 Aug 2023 06:04:22 GMT
last-modified
Wed, 19 Jul 2023 05:10:34 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P1
age
24338
x-amz-server-side-encryption
AES256
etag
W/"5976e9d633d279e5719ef0f80447f593"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-replication-status
COMPLETED
x-amz-cf-id
ACOo6rSfM1lyk-8Yytwnb7s6oOQON5HkqAo-pWQKdrKORVC4ajzmjQ==
conversation-bundle.js
static-cdn.spot.im/production/conversation/tags/v3.82.22/ 		47 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/conversation/tags/v3.82.22/conversation-bundle.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.66 , United States, ASN (),
Reverse DNS
server-18-173-219-66.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
325600cdfabdb5abad38c4ea373c47bb8654dceb653dd4e0fdf71d0f78336b9c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 09:15:26 GMT
content-encoding
br
via
1.1 6d137176634825df2648120ac1bcc782.cloudfront.net (CloudFront)
x-amz-version-id
CGE1XaTlS5N03WjvdGgpPHjNV.eKSP9w
x-amz-cf-pop
JFK52-P1
age
1913674
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
14689
last-modified
Wed, 19 Jul 2023 05:05:15 GMT
server
AmazonS3
etag
"fd32d049a6d8d546e153e2b4272b5f9a"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
_w37u30TLJ-Ip4bzc7cQnP4P_h767MMbrVIIY7wu_IfVW96Sj6JOTA==
reactions-bundle.js
static-cdn.spot.im/production/reactions/tags/v4.3.1/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/reactions/tags/v4.3.1/reactions-bundle.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.66 , United States, ASN (),
Reverse DNS
server-18-173-219-66.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d047924f28a6f7da65cccee885e334a961441c4b02f584286034114f8da8ea1a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
EbB_2CRncB0FdXJG_LRcWZlE5YumeTHa
content-encoding
br
via
1.1 6d137176634825df2648120ac1bcc782.cloudfront.net (CloudFront)
date
Mon, 14 Aug 2023 08:46:26 GMT
last-modified
Thu, 29 Dec 2022 10:32:12 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P1
age
14784
x-amz-server-side-encryption
AES256
etag
W/"687726c1e6689b01bd911121a3561f85"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-replication-status
COMPLETED
x-amz-cf-id
ssUgjGptOEnRQpfHNQW6Azh2-2Ok7TRkxcvDTjdiiXtdPIqAla1Hzg==
ec24cb303220fcfc94f8.svg
static-cdn.spot.im/production/launcher/tags/v3.8.1/launcher/ 		3 KB
1019 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-cdn.spot.im/production/launcher/tags/v3.8.1/launcher/ec24cb303220fcfc94f8.svg
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.66 , United States, ASN (),
Reverse DNS
server-18-173-219-66.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2df75dd5414f39139ce6f757636066e98d685654dbb93bf2c0f93f37092f1abd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 09:15:26 GMT
content-encoding
br
via
1.1 6d137176634825df2648120ac1bcc782.cloudfront.net (CloudFront)
x-amz-version-id
0zFHWFz8oTnJkaWRo5LJoIYrkbnxX_Q4
x-amz-cf-pop
JFK52-P1
age
1913674
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
549
last-modified
Wed, 19 Jul 2023 12:42:54 GMT
server
AmazonS3
etag
"2fb4c511e325b1064ff9babf599fbcee"
vary
Origin
content-type
image/svg+xml
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
kJpXm9-F7PacZo865XnoL0Zu8ErpTydKiZHYuF2S9B8LbcTHOKAiJA==
unifiedPixel
tr.outbrain.com/ 		53 B
248 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tr.outbrain.com/unifiedPixel?optOut=false&bust=06878540842704588&referrer=&cht=ot&marketerId=00c0feecc40196b47a738de28ad44794ac&name=PAGE_VIEW&dl=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&g=1&obApiVersion=1.1&obtpVersion=2.0.5
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.255 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 12:49:59 GMT
Cache-Control
no-cache
content-encoding
br
X-TraceId
db86abdaf92a8fee62036115e23ee3ef
Content-Length
54
Content-Type
image/gif;
cachedClickId
tr.outbrain.com/ 		35 B
220 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.outbrain.com/cachedClickId?marketerId=00c0feecc40196b47a738de28ad44794ac,00c0feecc40196b47a738de28ad44794ac
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.255 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 12:49:59 GMT
content-encoding
br
X-TraceId
5197ee7d5b1b71fa571bcb9c648a7676
Content-Length
39
Content-Type
application/javascript
00c0feecc40196b47a738de28ad44794ac
wave.outbrain.com/mtWavesBundler/handler/ 		2 B
258 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wave.outbrain.com/mtWavesBundler/handler/00c0feecc40196b47a738de28ad44794ac
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.220.189.76 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-189-76.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:59 GMT
content-encoding
gzip
ob-sent-time
1691603993195
etag
W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
*
x-rg
NA
cache-control
max-age=60
x-cc
US
x-traceid
d95fd52b358e7834cd66d2e701bff880
content-length
22
expires
Mon, 14 Aug 2023 12:50:59 GMT
usermatch
ssum-sec.casalemedia.com/ Frame F02F 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
1670ee422d780fa3b73c0c8710eaaabad3bb445574e9e0efd7195391e2ffb807

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1807
Content-Type
text/html
Date
Mon, 14 Aug 2023 12:49:59 GMT
Expires
0
Keep-Alive
timeout=1, max=499
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
usermatch
ssum-sec.casalemedia.com/ Frame 1CC2 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
62e7add37de51562a82b49367fb7675f5de0b6b11826fee827166e269cfc5734

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1593
Content-Type
text/html
Date
Mon, 14 Aug 2023 12:49:59 GMT
Expires
0
Keep-Alive
timeout=1, max=498
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
ad-choises.png
publisher-assets.spot.im/yad/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://publisher-assets.spot.im/yad/ad-choises.png
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.116.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-114.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f27b4cdbd821100765224a52c7c8d544fa9fdd6d0aba21015eb66c11735e0989

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 07:07:11 GMT
via
1.1 cedbf7a51c689bd1e26af4b73768d270.cloudfront.net (CloudFront)
last-modified
Mon, 02 Jul 2018 15:08:43 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
20569
etag
"643378ef8a85df26380de21f9beb58ba"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
4550
x-amz-cf-id
A6Sdobrn9QBUst11jpyYESSf4Tw33YRh39lJQN9UlrDjbX1lj7YV5g==
sync
ads.servenobid.com/ Frame DB39 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=8978801468337922557&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.181.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-181-173.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:59 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame DB39
Redirect Chain
  • https://b1sync.zemanta.com/usersync/smart/?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D116%26partneruserid%3D__ZUID__&gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=JJ-Bcr2ZgPSZovj0FZ9P&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIWWG43ZNZRS443NMFZHIYLEONSXE5TFOIXGG33N...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIWWG43ZNZRS443NMFZHIYLEONSXE5TFOIXGG33NF5ZGKZDJOIXT6ZLYMNUGC3THMU6XG3LBOJ2CMZ3EOBZD2MBGNFZXG2J5GETHAYLSORXGK4TJMQ6TCMJWEZYGC...
  • https://rtb-csync.smartadserver.com/redir/?gdpr=0&issi=1&partnerid=116&partneruserid=JJ-Bcr2ZgPSZovj0FZ9P
43 B
547 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?gdpr=0&issi=1&partnerid=116&partneruserid=JJ-Bcr2ZgPSZovj0FZ9P
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
23.105.12.137 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 14 Aug 2023 12:50:01 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Pragma
no-cache
Date
Mon, 14 Aug 2023 12:50:00 GMT
Content-Type
text/html; charset=utf-8
Location
https://rtb-csync.smartadserver.com/redir/?gdpr=0&issi=1&partnerid=116&partneruserid=JJ-Bcr2ZgPSZovj0FZ9P
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
140
Expires
Thu, 01 Dec 1994 16:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame DB39
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=5&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7267159384384272534&gdpr=0&gdpr_consent=
43 B
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7267159384384272534&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
23.105.12.137 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 14 Aug 2023 12:49:59 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Location
https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7267159384384272534&gdpr=0&gdpr_consent=
Date
Mon, 14 Aug 2023 12:50:00 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
RX-8473adf2-1b89-4704-a0af-ee0cafa92d52-005
sync.targeting.unrulymedia.com/csync/ Frame DB39
Redirect Chain
  • https://sync.1rx.io/usersync2/smartadserver?gdpr=0&gdpr_consent=
  • https://ad.turn.com/r/cs?pid=45&rndcb=8220879763
  • https://sync.1rx.io/usersync/turn/4086215225291572915?dspret=1&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://sync.targeting.unrulymedia.com/csync/RX-8473adf2-1b89-4704-a0af-ee0cafa92d52-005
43 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-8473adf2-1b89-4704-a0af-ee0cafa92d52-005
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
199.127.204.171 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 12:50:01 GMT
Server
Tengine
Connection
keep-alive
Content-Length
43
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

Pragma
no-cache
Date
Mon, 14 Aug 2023 12:50:00 GMT
Server
Tengine
Transfer-Encoding
chunked
Content-Type
text/html
Location
https://sync.targeting.unrulymedia.com/csync/RX-8473adf2-1b89-4704-a0af-ee0cafa92d52-005
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
0
/
rtb-csync.smartadserver.com/redir/ Frame DB39
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%4...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=43438add-310c-42c6-a606-253d769a587a&gdpr=0&gdpr_consent=
43 B
499 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=43438add-310c-42c6-a606-253d769a587a&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
23.105.12.137 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 14 Aug 2023 12:49:59 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:59 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=43438add-310c-42c6-a606-253d769a587a&gdpr=0&gdpr_consent=
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1069638
content-length
0
expires
Mon, 14 Aug 2023 00:00:00 GMT
bl-0211e21-8e8d3089.js
tagan.adlightning.com/nc-nypost/ Frame 06C0 		70 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/nc-nypost/bl-0211e21-8e8d3089.js
Requested by
Host: 0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com
URL: https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-92.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1bdec2c2ad47a9294d4692739fe33d05a37b89967be1e597306be24bb84515c6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 04:25:16 GMT
content-encoding
gzip
via
1.1 e757cbc96b92081ef389914316ecb50c.cloudfront.net (CloudFront)
x-amz-version-id
ZzPD82MtfkyzXFf5Yjqqbf_nNhzd6ury
x-amz-cf-pop
EWR53-C3
age
30284
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30114
x-amz-meta-git_commit
0211e21
last-modified
Sat, 12 Aug 2023 11:31:12 GMT
server
AmazonS3
etag
"db9187ac33943a893b5ebac7e271ab39"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
GG13wYdcXEev_GPydJy1Rw6bMG05KOvToz7Nx-kYWhkOP8Ym0M835g==
b-e09f10f-a7b8af42.js
tagan.adlightning.com/nc-nypost/ Frame 06C0 		79 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/nc-nypost/b-e09f10f-a7b8af42.js
Requested by
Host: 0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com
URL: https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-92.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e68d4edfd3b5b56d6eed01e4eb7dbf84b09cbedf45b75e469efd0037d1f18e8e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 04:25:16 GMT
content-encoding
gzip
via
1.1 e757cbc96b92081ef389914316ecb50c.cloudfront.net (CloudFront)
x-amz-version-id
6k5eMeThttbKLkbqFc7t6mVojRaDpPI7
x-amz-cf-pop
EWR53-C3
age
30284
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30187
x-amz-meta-git_commit
e09f10f
last-modified
Mon, 05 Jun 2023 16:32:15 GMT
server
AmazonS3
etag
"e38307f2b2c7da81aa3de8af486f6e21"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
H5EX35dqQsfQArHLBgk11laY_0zH3OcwADQtvdtzcUts5gjugm-E3A==
gen_204
pagead2.googlesyndication.com/pagead/ Frame 06C0 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AUrGuvn79bPsQIG39VL1nGLDTnDhi32MoX8lLMH1PMvG1tNcloUD9GY77AGJatK6pYpyV-LP_5NiwG3YAAhCgIT7-veYKHhTs_TtAr4hG4A7wfetY
Requested by
Host: 0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com
URL: https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 06C0 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=8767548886201323390&x=1&ct=76
Requested by
Host: 0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com
URL: https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 06C0 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com
URL: https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30167
x-xss-protection
0
server
cafe
etag
12949109546734229676
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Mon, 14 Aug 2023 12:49:59 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 06C0 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/window_focus_fy2021.js
Requested by
Host: 0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com
URL: https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:36:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
36794
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 28 Aug 2023 02:36:47 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 06C0 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com
URL: https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:36:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
36792
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8262
x-xss-protection
0
server
cafe
etag
6392178368060142121
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 28 Aug 2023 02:36:47 GMT
l
www.google.com/ads/measurement/ Frame 06C0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRsa4-SVPyTC9vlkoa_M9ad4gkh23QJOpCE3JGEsxHSuKJvFtkilpbh10wt-c4W0XkQw-kqbnKh_NZYTfKwCQsxnLWB6Q
Requested by
Host: 0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com
URL: https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2004 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 06C0 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com
URL: https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57470
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1691580806885528"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 14 Aug 2023 12:49:59 GMT
bl-0211e21-8e8d3089.js
tagan.adlightning.com/nc-nypost/ Frame A761 		70 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/nc-nypost/bl-0211e21-8e8d3089.js
Requested by
Host: 0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com
URL: https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-92.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1bdec2c2ad47a9294d4692739fe33d05a37b89967be1e597306be24bb84515c6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 04:25:16 GMT
content-encoding
gzip
via
1.1 e757cbc96b92081ef389914316ecb50c.cloudfront.net (CloudFront)
x-amz-version-id
ZzPD82MtfkyzXFf5Yjqqbf_nNhzd6ury
x-amz-cf-pop
EWR53-C3
age
30284
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30114
x-amz-meta-git_commit
0211e21
last-modified
Sat, 12 Aug 2023 11:31:12 GMT
server
AmazonS3
etag
"db9187ac33943a893b5ebac7e271ab39"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
H8tjTc32wjndD2ypGv0m--xBKASSaAuDZM91GGl7BglKzKqMv77RUw==
b-e09f10f-a7b8af42.js
tagan.adlightning.com/nc-nypost/ Frame A761 		79 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/nc-nypost/b-e09f10f-a7b8af42.js
Requested by
Host: 0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com
URL: https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-92.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e68d4edfd3b5b56d6eed01e4eb7dbf84b09cbedf45b75e469efd0037d1f18e8e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 04:25:16 GMT
content-encoding
gzip
via
1.1 e757cbc96b92081ef389914316ecb50c.cloudfront.net (CloudFront)
x-amz-version-id
6k5eMeThttbKLkbqFc7t6mVojRaDpPI7
x-amz-cf-pop
EWR53-C3
age
30284
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30187
x-amz-meta-git_commit
e09f10f
last-modified
Mon, 05 Jun 2023 16:32:15 GMT
server
AmazonS3
etag
"e38307f2b2c7da81aa3de8af486f6e21"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
Mt1khhdnN6Z7sTC2ZYsWKNb9oPtKbIXw5tMN9HEbt_1cC2CM3Mpkmw==
gen_204
pagead2.googlesyndication.com/pagead/ Frame A761 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-COXh7oF6dKvTzmZr7_7x1qRhIHD8pMHQG_7GT4AhxzLN600hnkcEtptBFXPHy40J6OLSYYhMYoywPQ_8AwiXCSVI2gZDM0J3ZUqRsBaf0dv3AI-lQ
Requested by
Host: 0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com
URL: https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A761 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=5394226090910107919&x=1&ct=76
Requested by
Host: 0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com
URL: https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame A761 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com
URL: https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30167
x-xss-protection
0
server
cafe
etag
12949109546734229676
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Mon, 14 Aug 2023 12:49:59 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame A761 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/window_focus_fy2021.js
Requested by
Host: 0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com
URL: https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:36:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
36794
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 28 Aug 2023 02:36:47 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame A761 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com
URL: https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:36:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
36792
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8262
x-xss-protection
0
server
cafe
etag
6392178368060142121
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 28 Aug 2023 02:36:47 GMT
l
www.google.com/ads/measurement/ Frame A761 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQn0xtfCN1i2-7lYqIIcg_ZTxHrTy2j425s0rVO37ZNw9pylXN7dJEkIdApaz9iWTwUI9Tbw_6FUz3EtrRWD7hSrtCtUw
Requested by
Host: 0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com
URL: https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2004 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A761 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com
URL: https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57470
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1691580806885528"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 14 Aug 2023 12:49:59 GMT
bl-0211e21-8e8d3089.js
tagan.adlightning.com/nc-nypost/ Frame A17B 		70 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/nc-nypost/bl-0211e21-8e8d3089.js
Requested by
Host: 0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com
URL: https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-92.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1bdec2c2ad47a9294d4692739fe33d05a37b89967be1e597306be24bb84515c6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 04:25:16 GMT
content-encoding
gzip
via
1.1 e757cbc96b92081ef389914316ecb50c.cloudfront.net (CloudFront)
x-amz-version-id
ZzPD82MtfkyzXFf5Yjqqbf_nNhzd6ury
x-amz-cf-pop
EWR53-C3
age
30284
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30114
x-amz-meta-git_commit
0211e21
last-modified
Sat, 12 Aug 2023 11:31:12 GMT
server
AmazonS3
etag
"db9187ac33943a893b5ebac7e271ab39"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
zEAKRD7De-F14dx6oPbGfRDD4F2dfBHthBKHOR_gv9lEbWy_rOKowA==
b-e09f10f-a7b8af42.js
tagan.adlightning.com/nc-nypost/ Frame A17B 		79 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/nc-nypost/b-e09f10f-a7b8af42.js
Requested by
Host: 0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com
URL: https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-92.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e68d4edfd3b5b56d6eed01e4eb7dbf84b09cbedf45b75e469efd0037d1f18e8e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 04:25:16 GMT
content-encoding
gzip
via
1.1 e757cbc96b92081ef389914316ecb50c.cloudfront.net (CloudFront)
x-amz-version-id
6k5eMeThttbKLkbqFc7t6mVojRaDpPI7
x-amz-cf-pop
EWR53-C3
age
30284
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30187
x-amz-meta-git_commit
e09f10f
last-modified
Mon, 05 Jun 2023 16:32:15 GMT
server
AmazonS3
etag
"e38307f2b2c7da81aa3de8af486f6e21"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
Dc6MoefyZuzsTDNyYG1I17rleqvQ3wJm-ivlf7uWCPEzduPWLSRcng==
gen_204
pagead2.googlesyndication.com/pagead/ Frame A17B 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CozIvocDIS9dV8sbRumvISqeJzUw0nwnK_C_-lhBy9ZQ-jeIh7hoi3a6cVYlEv9Mxzz67voNabyBKjGddfurvPIlnD9RAhUzeej4zOE1E32VJT4H0
Requested by
Host: 0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com
URL: https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A17B 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=324828734998716231&x=1&ct=76
Requested by
Host: 0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com
URL: https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame A17B 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com
URL: https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30167
x-xss-protection
0
server
cafe
etag
12949109546734229676
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Mon, 14 Aug 2023 12:49:59 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame A17B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/window_focus_fy2021.js
Requested by
Host: 0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com
URL: https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:36:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
36794
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 28 Aug 2023 02:36:47 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame A17B 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com
URL: https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:36:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
36792
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8262
x-xss-protection
0
server
cafe
etag
6392178368060142121
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 28 Aug 2023 02:36:47 GMT
l
www.google.com/ads/measurement/ Frame A17B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRZ4qyjDjvnt8xZ4oMPfGg5ebJ6f7pDArBcl3ZkC0eiiiSB0D_2MzN0TLHcFJhL9igu0LTD1NiIxvqvrRHyh_U4l0780w
Requested by
Host: 0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com
URL: https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2004 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A17B 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com
URL: https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57470
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1691580806885528"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 14 Aug 2023 12:49:59 GMT
bl-0211e21-8e8d3089.js
tagan.adlightning.com/nc-nypost/ Frame 7F85 		70 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/nc-nypost/bl-0211e21-8e8d3089.js
Requested by
Host: 0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com
URL: https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-92.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1bdec2c2ad47a9294d4692739fe33d05a37b89967be1e597306be24bb84515c6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 04:25:16 GMT
content-encoding
gzip
via
1.1 e757cbc96b92081ef389914316ecb50c.cloudfront.net (CloudFront)
x-amz-version-id
ZzPD82MtfkyzXFf5Yjqqbf_nNhzd6ury
x-amz-cf-pop
EWR53-C3
age
30284
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30114
x-amz-meta-git_commit
0211e21
last-modified
Sat, 12 Aug 2023 11:31:12 GMT
server
AmazonS3
etag
"db9187ac33943a893b5ebac7e271ab39"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
lZLe7LlLMKEVzJLuSlsQ0fOwFreYsmH_cWSikuM4GjntuuhcTAtFbA==
b-e09f10f-a7b8af42.js
tagan.adlightning.com/nc-nypost/ Frame 7F85 		79 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/nc-nypost/b-e09f10f-a7b8af42.js
Requested by
Host: 0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com
URL: https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-92.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e68d4edfd3b5b56d6eed01e4eb7dbf84b09cbedf45b75e469efd0037d1f18e8e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 04:25:16 GMT
content-encoding
gzip
via
1.1 e757cbc96b92081ef389914316ecb50c.cloudfront.net (CloudFront)
x-amz-version-id
6k5eMeThttbKLkbqFc7t6mVojRaDpPI7
x-amz-cf-pop
EWR53-C3
age
30284
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30187
x-amz-meta-git_commit
e09f10f
last-modified
Mon, 05 Jun 2023 16:32:15 GMT
server
AmazonS3
etag
"e38307f2b2c7da81aa3de8af486f6e21"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
bt6d6s4ANQnN65CKS7za-fRmE3TiBrkA2BL1YnYdjN7NetytG9wXJg==
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7F85 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CQH3uG22oKdEXbKE2oCfdnatIdNE21EdqiEGxgJS3eecCDs65_Xtea7ik04VYX25nfpDCAezjSkk8eemdxRAlRzv2C2lh92r0MPVCYSsTCWrOa4Ts
Requested by
Host: 0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com
URL: https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7F85 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=881002894574673731&x=1&ct=76
Requested by
Host: 0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com
URL: https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 7F85 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com
URL: https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30167
x-xss-protection
0
server
cafe
etag
12949109546734229676
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Mon, 14 Aug 2023 12:49:59 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 7F85 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/window_focus_fy2021.js
Requested by
Host: 0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com
URL: https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:36:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
36794
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 28 Aug 2023 02:36:47 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 7F85 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com
URL: https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:36:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
36792
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8262
x-xss-protection
0
server
cafe
etag
6392178368060142121
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 28 Aug 2023 02:36:47 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7F85 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com
URL: https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57470
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1691580806885528"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 14 Aug 2023 12:49:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 067A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvfNoyYU82RYHOI52QKs0RTqT4ddFSUu1ON89ohfrJsHwbQmG_dddU70bKvCOZ813_Z9U3hYSfqLIow2xbT4chqmukcxWNPv2rBOAvVn4-KCRaikCbH9s3borRF-xYsmBsNAVpoFI-STFTogGMin7pdWiv842GNp_5BOWpaBO-RgtVdIoaenh-s-mo2WeyDsYsTKeEqNUAK9ambKqegD9fqkN5tnpnl9QnLmrhub58RSDDoFJOKyPmxdk8chgVNm7h4C7XX6efqZpnGuIREOJ0WHlBMt_INo2mUO0db31hVZKeHyR9VT5rL9pPkYkq7q_UakFRNrsNFAW1tLTzN2QLz&sai=AMfl-YRM4JOT1Axq74BFZlOjV_A8EESpLorrwev3F3eSf6sF4CflPm_RcP6R4xya8Ea9N3v_uM3LOVQAAg0-Ry7qSum2hLgHLQp6PJv5iAwDZGkJSDuqyMMhaNw5iyRvidLXxK_7Rl8DtuCEi0r-3OaeqQ&sig=Cg0ArKJSzDvv9rmmdRZHEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-e09f10f-a7b8af42.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
connatix.player.js
cds.connatix.com/p/313598/ Frame 8C8F
Redirect Chain
  • https://cd.connatix.com/connatix.player.js
  • https://cds.connatix.com/p/313598/connatix.player.js
1 MB
290 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/313598/connatix.player.js
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Server
104.18.1.32 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34f947462e57db099dfb1a87b6dfe310b1ee72d7bbd0a916589460e83bae42a8

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:00 GMT
x-amz-version-id
Cu3O5WKZDsXRJJmvlHnXLpSIqoQdaRb4
content-encoding
br
cf-cache-status
HIT
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 14 Aug 2023 11:35:23 GMT
server
cloudflare
etag
W/"fb67f0f82dbc6f4034d3c0fa5ff707a2"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age
86400
cf-ray
7f69522f0b0b25a1-MIA
access-control-allow-headers
range
expires
Tue, 13 Aug 2024 12:50:00 GMT

Redirect headers

date
Mon, 14 Aug 2023 12:49:59 GMT
cf-cache-status
DYNAMIC
server
cloudflare
surrogate-control
no-cache, no-store, must-revalidate, max-age=0
vary
Accept-Encoding
location
https://cds.connatix.com/p/313598/connatix.player.js
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
7f69522ccf9e25a1-MIA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400
si
capi.connatix.com/tr/ Frame 067A 		0
311 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/tr/si?token=8ae371c3-0e93-499d-a72c-f743029599b4
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.1.32 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:59 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/json
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
7f69522cce018dc1-MIA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400
view
securepubads.g.doubleclick.net/pcs/ Frame 4EF7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstVcyKNTYskWrrGZzpq_76HE2Z-KMmYyzkPa18zbZM4P9RGtlI14DjsfH5GkIpOUnBtWVhfUVbYprsj7aNyu56izbf_KIeU2J67xAqDN5TkoBbeM0RGm-mpUN3G-d9VHlouKmeEmsqz2bCwoVTC5OvLdI5PCxx-kl70vRIzbxsNgghBKgefg1a6quzsgIFx-53PJSVCkrYMRlJ9kV3hJTug051rvYBum_GFNO3wFRbSidnnuu-mPVTjlzg1AcsZINHf7dgXkvjswHJoh-5oEwTlq-oB2EouhmrAcrbANiYsIaytgYGBmWlQRZsrnOSc_jHcaGP_NP5wOouUtefPEOsg&sai=AMfl-YRSkbFyQlD_vO7AUVSVOh_aw6EDwUhqseM3tfuGszSFku_PhKCdyVVMc09xWnrqNecRfX_fFfzN-4jUq92fiIEf3tVuucOFX_J2ZUiqmO6cKOALzH9U6JV_nAnEgIiElP7pFRWOq0P0L_Dj6lVr0g&sig=Cg0ArKJSzBGgXx6PicCdEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-e09f10f-a7b8af42.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
ZNoi9Ggn7zBNSI16aEKdmQAADbsAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame D9ED 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZNoi9Ggn7zBNSI16aEKdmQAADbsAAAAB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:d83a:9713:23f4:8b03 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:59 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame D9ED
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6125384915149995829
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6125384915149995829
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Aug 2023 12:50:00 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:59 GMT
an-x-request-uuid
7a0d9b8e-9465-4e4b-a478-20473820e84b
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6125384915149995829
x-proxy-origin
38.132.118.69; 38.132.118.69; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame D9ED
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZNoi9QAIevMY0AAN
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZNoi9QAIevMY0AAN
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Aug 2023 12:50:00 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-mia-kmia1760097-MIA
pragma
no-cache
date
Mon, 14 Aug 2023 12:50:00 GMT
via
1.1 varnish
server
Varnish
x-timer
S1692017400.095203,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZNoi9QAIevMY0AAN
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
rum
dsum-sec.casalemedia.com/ Frame D9ED
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4086215225291572915
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4086215225291572915
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Aug 2023 12:50:00 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4086215225291572915
pragma
no-cache
date
Mon, 14 Aug 2023 12:49:59 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum.casalemedia.com/ Frame D9ED
Redirect Chain
  • https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
  • https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=ec9f51ba-a92d-4bc3-b528-5d83f3416cac
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=ec9f51ba-a92d-4bc3-b528-5d83f3416cac
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Aug 2023 12:50:00 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

x-servername
Track003-iad
pragma
no-cache
date
Mon, 14 Aug 2023 12:49:21 GMT
strict-transport-security
max-age=31536000;
content-type
text/html; charset=utf-8
location
https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=ec9f51ba-a92d-4bc3-b528-5d83f3416cac
cache-control
private,no-cache
content-length
222
expires
-1
crum
dsum-sec.casalemedia.com/ Frame D9ED
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://stags.bluekai.com/site/23178?id=JJ-Bcr2ZgPSZovj0FZ9P&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3S...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2SSKFVBGG...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=JJ-Bcr2ZgPSZovj0FZ9P
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=JJ-Bcr2ZgPSZovj0FZ9P
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Aug 2023 12:50:03 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 14 Aug 2023 12:50:01 GMT
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=JJ-Bcr2ZgPSZovj0FZ9P
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
user-registering
ads.stickyadstv.com/ Frame D9ED 		43 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZNoi9Ggn7zBNSI16aEKdmQAADbsAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.233 Secaucus, United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Aug 2023 12:50:00 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1692017400229044-250
rum
dsum-sec.casalemedia.com/ Frame D9ED
Redirect Chain
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=ZNoi9Ggn7zBNSI16aEKdmQAA%263515&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=b4710917-0b04-4ba8-9535-9bcee0258555-tuctbd3a878
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=b4710917-0b04-4ba8-9535-9bcee0258555-tuctbd3a878
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Aug 2023 12:50:00 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=b4710917-0b04-4ba8-9535-9bcee0258555-tuctbd3a878
date
Mon, 14 Aug 2023 12:50:00 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
67991
sync
ads.servenobid.com/ Frame D9ED 		0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=ZNoi9Ggn7zBNSI16aEKdmQAADbsAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.181.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-181-173.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:00 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usersync
usersync.gumgum.com/ Frame 6F54
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_86675a2e-1fa3-4d4a-8df3-7774f2fc0697&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgumgum2
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgumgum2
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=df42ed37-b5c3-41cf-a6a0-9e25fb4c785b&ssp=gumgum2
  • https://usersync.gumgum.com/usersync?b=bsw&i=2ec00d2e-f53c-465e-92d3-2beaa816ca85&gdpr=&gdpr_consent=&us_privacy=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=2ec00d2e-f53c-465e-92d3-2beaa816ca85&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 14 Aug 2023 12:50:03 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
//usersync.gumgum.com/usersync?b=bsw&i=2ec00d2e-f53c-465e-92d3-2beaa816ca85&gdpr=&gdpr_consent=&us_privacy=
Date
Mon, 14 Aug 2023 12:50:01 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cookie-sync
sync.outbrain.com/ Frame 6F54
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_86675a2e-1fa3-4d4a-8df3-7774f2fc0697&obuid=ENC(KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR...
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0
  • https://ice.360yield.com/server_match?partner_id=1863&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dimprove_digital%26uid%3D%7BPUB_USER_ID%7D%26obUid%3DKQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5X...
  • https://sync.outbrain.com/cookie-sync?p=improve_digital&uid=9ee49186-746a-4a99-b9ae-326ad01ba3bd&obUid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&gdpr=0&gdpr_consent=$CONSNT_S...
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=improve_digital&uid=9ee49186-746a-4a99-b9ae-326ad01ba3bd&obUid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&gdpr=0&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&initiator=platform
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
64.202.112.255 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 12:50:04 GMT
Cache-Control
no-cache
X-TraceId
e4faac742e5e7bd31eed0276ca8eaad1
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/cookie-sync?p=improve_digital&uid=9ee49186-746a-4a99-b9ae-326ad01ba3bd&obUid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&gdpr=0&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&initiator=platform
access-control-allow-origin
*
date
Mon, 14 Aug 2023 12:50:03 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame 6F54
Redirect Chain
  • https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=dit&i=di_46728c7c51484919aba18
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=dit&i=di_46728c7c51484919aba18
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 14 Aug 2023 12:50:00 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=dit&i=di_46728c7c51484919aba18
date
Mon, 14 Aug 2023 12:49:59 GMT
content-type
image/gif
server
c
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
usersync
usersync.gumgum.com/ Frame 6F54
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=8978801468337922557
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=8978801468337922557
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 14 Aug 2023 12:50:00 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=8978801468337922557
date
Mon, 14 Aug 2023 12:49:59 GMT
content-length
0
sync
ads.servenobid.com/ Frame 6F54 		0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=u_86675a2e-1fa3-4d4a-8df3-7774f2fc0697
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.181.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-181-173.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:00 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
RX-8473adf2-1b89-4704-a0af-ee0cafa92d52-005
sync.targeting.unrulymedia.com/csync/ Frame 85EC
Redirect Chain
  • https://sync.1rx.io/usersync2/rise?redir=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11579%26id%3D%5BRX_UUID%5D
  • https://ad.turn.com/r/cs?pid=45&rndcb=6798550393
  • https://sync.1rx.io/usersync/turn/4086215225291572915?dspret=1&gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-8473adf2-1b89-4704-a0af-ee0cafa92d52-005
43 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-8473adf2-1b89-4704-a0af-ee0cafa92d52-005
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Server
199.127.204.171 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 12:50:01 GMT
Server
Tengine
Connection
keep-alive
Content-Length
43
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

Pragma
no-cache
Date
Mon, 14 Aug 2023 12:50:00 GMT
Server
Tengine
Transfer-Encoding
chunked
Content-Type
text/html
Location
https://sync.targeting.unrulymedia.com/csync/RX-8473adf2-1b89-4704-a0af-ee0cafa92d52-005
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
0
cs
cs-server-s2s.yellowblue.io/ Frame 85EC
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11603%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BUSER_CONSENT%5D%26uid%3D$%7BBSW_UUID%7D
  • https://cs-server-s2s.yellowblue.io/cs?aid=11603&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&uid=2ec00d2e-f53c-465e-92d3-2beaa816ca85
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11603&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&uid=2ec00d2e-f53c-465e-92d3-2beaa816ca85
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
35.169.215.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-215-20.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:00 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Location
https://cs-server-s2s.yellowblue.io/cs?aid=11603&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&uid=2ec00d2e-f53c-465e-92d3-2beaa816ca85
Date
Mon, 14 Aug 2023 12:49:59 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cs
cs-server-s2s.yellowblue.io/ Frame 85EC
Redirect Chain
  • https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11575%26uid%3D%5BUSER_ID%5D
  • https://cs-server-s2s.yellowblue.io/cs?aid=11575&uid=2129E09A41B14F3196FBE4892007BDC9
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11575&uid=2129E09A41B14F3196FBE4892007BDC9
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
35.169.215.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-215-20.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:00 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

date
Mon, 14 Aug 2023 12:50:00 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
text/plain; charset=utf-8
location
https://cs-server-s2s.yellowblue.io/cs?aid=11575&uid=2129E09A41B14F3196FBE4892007BDC9
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
x-varnish
835505918
access-control-allow-credentials
true
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 85EC
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=68531A78-C812-44CF-A2C6-1C611A476111&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=2f790f6bcd1823d0&is_secure=true&networkId=17100&version=1&nuid=68531A78-C812-44CF-A2C6-1C611A476111&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMgybzHMEkcQMa0loRAAAAAAA&expiration=1692103801&nuid=68531A78-C812-44CF-A2C6-1C611A476111&...
42 B
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMgybzHMEkcQMa0loRAAAAAAA&expiration=1692103801&nuid=68531A78-C812-44CF-A2C6-1C611A476111&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 14 Aug 2023 12:50:03 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:01 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMgybzHMEkcQMa0loRAAAAAAA&expiration=1692103801&nuid=68531A78-C812-44CF-A2C6-1C611A476111&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
cs
cs-server-s2s.yellowblue.io/ Frame 85EC
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562615&ev=1&us_privacy=[US_PRIVACY]&gdpr=0&gdpr_consent=&rurl=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11592%26uid%3D%25%25VGUID%25%25
  • https://cs-server-s2s.yellowblue.io/cs?aid=11592&uid=5TsF0pv5gg6c&ev=1&us_privacy=[US_PRIVACY]&pid=562615&gdpr_consent=&gdpr=0
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11592&uid=5TsF0pv5gg6c&ev=1&us_privacy=[US_PRIVACY]&pid=562615&gdpr_consent=&gdpr=0
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
35.169.215.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-215-20.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:00 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://cs-server-s2s.yellowblue.io/cs?aid=11592&uid=5TsF0pv5gg6c&ev=1&us_privacy=[US_PRIVACY]&pid=562615&gdpr_consent=&gdpr=0
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6f79b8d6bf-rnvd6
expires
-1
cs
cs.yellowblue.io/ Frame 85EC
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=77&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11600&id=8978801468337922557&gdpr=0&gdpr_consent=
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11600&id=8978801468337922557&gdpr=0&gdpr_consent=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
35.169.215.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-215-20.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:00 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.yellowblue.io/cs?aid=11600&id=8978801468337922557&gdpr=0&gdpr_consent=
date
Mon, 14 Aug 2023 12:49:59 GMT
content-length
0
cs
cs-server-s2s.yellowblue.io/ Frame 85EC
Redirect Chain
  • https://sync.go.sonobi.com/us?gdpr=0&consent_string=&loc=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D115667%26uid%3D%5BUID%5D
  • https://cs-server-s2s.yellowblue.io/cs?aid=115667&uid=273e4370-6533-4b38-9af5-edc3c5d51bd0
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=115667&uid=273e4370-6533-4b38-9af5-edc3c5d51bd0
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
35.169.215.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-215-20.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:00 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:00 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-82
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cs-server-s2s.yellowblue.io/cs?aid=115667&uid=273e4370-6533-4b38-9af5-edc3c5d51bd0
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
cs
cs-server-s2s.yellowblue.io/ Frame 85EC
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11596%26id%3D$UID&gdpr=0&gdpr_consent=
  • https://cs-server-s2s.yellowblue.io/cs?aid=11596&id=6125384915149995829&gdpr=0&gdpr_consent=
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11596&id=6125384915149995829&gdpr=0&gdpr_consent=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
35.169.215.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-215-20.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:00 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:00 GMT
an-x-request-uuid
eeda1611-3a17-4e48-8d11-e88f74337343
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cs-server-s2s.yellowblue.io/cs?aid=11596&id=6125384915149995829&gdpr=0&gdpr_consent=
x-proxy-origin
38.132.118.69; 38.132.118.69; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cs
cs.yellowblue.io/ Frame 85EC
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11601&id=02b7552c669c0daad14cb542a333f7&gdpr_consent=&gdpr=0
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11601&id=02b7552c669c0daad14cb542a333f7&gdpr_consent=&gdpr=0
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
35.169.215.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-215-20.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:00 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
Date
Mon, 14 Aug 2023 12:50:00 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cs.yellowblue.io/cs?aid=11601&id=02b7552c669c0daad14cb542a333f7&gdpr_consent=&gdpr=0
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1692017400232037-105
cs
cs-server-s2s.yellowblue.io/ Frame 85EC
Redirect Chain
  • https://ads.yieldmo.com/pbsync?is=rise&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11584%26uid%3D$UID
  • https://cs-server-s2s.yellowblue.io/cs?aid=11584&uid=3miJdzzTTJz59jIHRbNE&gdpr=0&gdpr_consent=&us_privacy=
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11584&uid=3miJdzzTTJz59jIHRbNE&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
35.169.215.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-215-20.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:00 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:00 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://cs-server-s2s.yellowblue.io/cs?aid=11584&uid=3miJdzzTTJz59jIHRbNE&gdpr=0&gdpr_consent=&us_privacy=
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
cs
cs.yellowblue.io/ Frame 85EC
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=5926d422&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11587&uid=2e7556fa-d433-4e40-9dcf-8adfe374e481&gdpr=0
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11587&uid=2e7556fa-d433-4e40-9dcf-8adfe374e481&gdpr=0
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
35.169.215.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-215-20.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:00 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.yellowblue.io/cs?aid=11587&uid=2e7556fa-d433-4e40-9dcf-8adfe374e481&gdpr=0
date
Mon, 14 Aug 2023 12:50:00 GMT
content-length
0
cs
cs-server-s2s.yellowblue.io/ Frame 85EC
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=58ceaaf5-c766-4c17-869a-d76e43401714&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11563%26id%3D
  • https://cs-server-s2s.yellowblue.io/cs?aid=11563&id=444b66c8-7f16-4fc1-ac62-c3839d97f4c6
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11563&id=444b66c8-7f16-4fc1-ac62-c3839d97f4c6
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
35.169.215.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-215-20.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:00 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

date
Mon, 14 Aug 2023 12:50:00 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cs-server-s2s.yellowblue.io/cs?aid=11563&id=444b66c8-7f16-4fc1-ac62-c3839d97f4c6
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
RX-8473adf2-1b89-4704-a0af-ee0cafa92d52-005
sync.targeting.unrulymedia.com/csync/ Frame 85EC
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=typeaholdings
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1660207985
  • https://sync.1rx.io/usersync/tradedesk/885e676c-3a70-45fe-acfc-e7ad294a43e8
  • https://sync.targeting.unrulymedia.com/csync/RX-8473adf2-1b89-4704-a0af-ee0cafa92d52-005
43 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-8473adf2-1b89-4704-a0af-ee0cafa92d52-005
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Server
199.127.204.171 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 12:50:03 GMT
Server
Tengine
Connection
keep-alive
Content-Length
43
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

Pragma
no-cache
Date
Mon, 14 Aug 2023 12:50:01 GMT
Server
Tengine
Transfer-Encoding
chunked
Content-Type
text/html
Location
https://sync.targeting.unrulymedia.com/csync/RX-8473adf2-1b89-4704-a0af-ee0cafa92d52-005
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
0
cs
cs-server-s2s.yellowblue.io/ Frame 85EC
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=194590&cb=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11583%26id%3D
  • https://cs-server-s2s.yellowblue.io/cs?aid=11583&id=ZNoi9Ggn7zBNSI16aEKdmQAADbsAAAAB
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11583&id=ZNoi9Ggn7zBNSI16aEKdmQAADbsAAAAB
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
35.169.215.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-215-20.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:00 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
Date
Mon, 14 Aug 2023 12:50:00 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cs-server-s2s.yellowblue.io/cs?aid=11583&id=ZNoi9Ggn7zBNSI16aEKdmQAADbsAAAAB
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
cksync.php
contextual.media.net/ Frame 85EC 		61 B
458 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=25&type=ris&ovsid=%7B%7BAPID%7D%7D&redirect=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11585%26id%3D%3Cvsid%3E
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 14 Aug 2023 12:50:00 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Mon, 14 Aug 2023 12:50:00 GMT
cs
cs-server-s2s.yellowblue.io/ Frame 85EC
Redirect Chain
  • https://csync.loopme.me/?pubid=11362&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11571%26id%3D%7Bdevice_id%7D
  • https://cs-server-s2s.yellowblue.io/cs?aid=11571&id=d3b0ff90-af00-45c0-8b53-51476465188b&gdpr_consent=null&gdpr=0
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11571&id=d3b0ff90-af00-45c0-8b53-51476465188b&gdpr_consent=null&gdpr=0
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
35.169.215.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-215-20.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:01 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs-server-s2s.yellowblue.io/cs?aid=11571&id=d3b0ff90-af00-45c0-8b53-51476465188b&gdpr_consent=null&gdpr=0
date
Mon, 14 Aug 2023 12:50:00 GMT
server
_
content-length
0
cs
cs-server-s2s.yellowblue.io/ Frame 85EC
Redirect Chain
  • https://ssc-cms.33across.com/ps/?ri=0015a00002hdV5tAAE&ru=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11580%26puid%3D33XUSERID33X
  • https://cs-server-s2s.yellowblue.io/cs?aid=11580&puid=212236466587534
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11580&puid=212236466587534
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
35.169.215.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-215-20.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:00 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:59 GMT
referrer-policy
unsafe-url
server
33XP006
x-33x-status
100000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://cs-server-s2s.yellowblue.io/cs?aid=11580&puid=212236466587534
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
sync
ads.servenobid.com/ Frame 85EC 		0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=352&uid=V83JJ1Ctkp_s
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.181.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-181-173.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:00 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
user-sync
sync.adkernel.com/ Frame A8E8
Redirect Chain
  • https://ib.adnxs.com/getuid?%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D181225%26dsp%3D578434%26t%3Dimage%26uid%3D%24UID%26us_privacy%3D1---
  • https://sync.adkernel.com/user-sync?zone=181225&dsp=578434&t=image&uid=6125384915149995829&us_privacy=1---
42 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adkernel.com/user-sync?zone=181225&dsp=578434&t=image&uid=6125384915149995829&us_privacy=1---
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1---&
Protocol
HTTP/1.1
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.adkernel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Aug 2023 12:50:00 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
close
Content-Length
42

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:59 GMT
an-x-request-uuid
2ecdcb58-0ce2-4f5c-887f-dda7d5673028
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
//sync.adkernel.com/user-sync?zone=181225&dsp=578434&t=image&uid=6125384915149995829&us_privacy=1---
x-proxy-origin
38.132.118.69; 38.132.118.69; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
RX-8473adf2-1b89-4704-a0af-ee0cafa92d52-005
sync.targeting.unrulymedia.com/csync/ Frame 860C
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=sportority
  • https://ad.turn.com/r/cs?pid=45&rndcb=5785388252
  • https://sync.1rx.io/usersync/turn/4086215225291572915?dspret=1&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://sync.targeting.unrulymedia.com/csync/RX-8473adf2-1b89-4704-a0af-ee0cafa92d52-005
43 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-8473adf2-1b89-4704-a0af-ee0cafa92d52-005
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Server
199.127.204.171 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 12:50:01 GMT
Server
Tengine
Connection
keep-alive
Content-Length
43
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

Pragma
no-cache
Date
Mon, 14 Aug 2023 12:50:00 GMT
Server
Tengine
Transfer-Encoding
chunked
Content-Type
text/html
Location
https://sync.targeting.unrulymedia.com/csync/RX-8473adf2-1b89-4704-a0af-ee0cafa92d52-005
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
0
cs
cs.minutemedia-prebid.com/ Frame 860C
Redirect Chain
  • https://ads.yieldmo.com/pbsync?is=mmed&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]&redirectUri=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21486%26uid%3D$UID
  • https://cs.minutemedia-prebid.com/cs?aid=21486&uid=3miJdzzTTJz59jIHRbNE&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]
0
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21486&uid=3miJdzzTTJz59jIHRbNE&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
34.194.30.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-30-69.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:00 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:00 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://cs.minutemedia-prebid.com/cs?aid=21486&uid=3miJdzzTTJz59jIHRbNE&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
cs
cs.minutemedia-prebid.com/ Frame 860C
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=minutemedia&gdpr=0&gdpr_consent=&user_id=%s
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=2ec00d2e-f53c-465e-92d3-2beaa816ca85&ssp=minutemedia&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10596758823292913325&ssp=minutemedia&gdpr=0&gdpr_consent=
  • https://cs.minutemedia-prebid.com/cs?aid=21490&id=2ec00d2e-f53c-465e-92d3-2beaa816ca85
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21490&id=2ec00d2e-f53c-465e-92d3-2beaa816ca85
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
34.194.30.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-30-69.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:03 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Location
//cs.minutemedia-prebid.com/cs?aid=21490&id=2ec00d2e-f53c-465e-92d3-2beaa816ca85
Date
Mon, 14 Aug 2023 12:50:01 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cs
cs.minutemedia-prebid.com/ Frame 860C
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=2073&r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21489%26id%3D%7BPUB_USER_ID%7D
  • https://cs.minutemedia-prebid.com/cs?aid=21489&id=9ee49186-746a-4a99-b9ae-326ad01ba3bd
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21489&id=9ee49186-746a-4a99-b9ae-326ad01ba3bd
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
34.194.30.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-30-69.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:00 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21489&id=9ee49186-746a-4a99-b9ae-326ad01ba3bd
access-control-allow-origin
*
date
Mon, 14 Aug 2023 12:50:00 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pug
simage2.pubmatic.com/AdServer/ Frame 860C
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=161683&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=68531A78-C812-44CF-A2C6-1C611A476111&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=5630058156e82338&is_secure=true&networkId=17100&version=1&nuid=68531A78-C812-44CF-A2C6-1C611A476111&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMgybzHMEkeANPQjKEAAAAAAA&expiration=1692103801&nuid=68531A78-C812-44CF-A2C6-1C611A476111&...
42 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMgybzHMEkeANPQjKEAAAAAAA&expiration=1692103801&nuid=68531A78-C812-44CF-A2C6-1C611A476111&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 14 Aug 2023 12:50:03 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:01 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMgybzHMEkeANPQjKEAAAAAAA&expiration=1692103801&nuid=68531A78-C812-44CF-A2C6-1C611A476111&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
ImgSync
image8.pubmatic.com/AdServer/ Frame 860C
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21492%26uid%3D
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F4890%3Fgdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D50478a03...
  • https://prebid.a-mo.net/cchain/1/4890?gdpr=0&gdpr_consent=&gpp=&gpp_sid=&us_privacy=&A=50478a03-0398-43f7-86fc-e8df8347d808&bidder=sovrn&cbx=aHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0y...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo....
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7015751175867750616
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
162.248.18.32 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:06 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
date
Mon, 14 Aug 2023 12:50:05 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cs
cs.minutemedia-prebid.com/ Frame 860C
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=minutemedia
  • https://cs.minutemedia-prebid.com/cs?aid=21503&id=8759a31e-b0b9-4b35-8fbe-32318a0f4a18
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21503&id=8759a31e-b0b9-4b35-8fbe-32318a0f4a18
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
34.194.30.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-30-69.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:00 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
//cs.minutemedia-prebid.com/cs?aid=21503&id=8759a31e-b0b9-4b35-8fbe-32318a0f4a18
date
Mon, 14 Aug 2023 12:50:00 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cs
cs.minutemedia-prebid.com/ Frame 860C
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21495%26id%3D$UID&partner=minutemedia
  • https://cs.minutemedia-prebid.com/cs?aid=21495&id=ua-232b251a-73f7-38d2-b385-866b557f8a46
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21495&id=ua-232b251a-73f7-38d2-b385-866b557f8a46
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
34.194.30.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-30-69.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:00 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21495&id=ua-232b251a-73f7-38d2-b385-866b557f8a46
pragma
no-cache
date
Mon, 14 Aug 2023 12:50:00 GMT
cache-control
no-store
content-length
0
expires
0
cs
cs.minutemedia-prebid.com/ Frame 860C
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=44808&gdpr=0&gdpr_consent=&callback_url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21505%26id%3D$%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=44808&gdpr=0&gdpr_consent=&callback_url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21505%26id%3D%24%7BUSER_ID%7D&crf=1&rts=-2274863974816928324
  • https://cs.minutemedia-prebid.com/cs?aid=21505&id=04899144-0d37-53e2-8a09-f160eed3d398
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21505&id=04899144-0d37-53e2-8a09-f160eed3d398
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
34.194.30.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-30-69.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:01 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21505&id=04899144-0d37-53e2-8a09-f160eed3d398
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
minute_media
cs.admanmedia.com/sync/ Frame 860C 		0
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.admanmedia.com/sync/minute_media?gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21497%26puid%3D%5BUID%5D
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.77.87.166 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 12:50:01 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx
Connection
keep-alive
cs
cs.minutemedia-prebid.com/ Frame 860C
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=3r9HMldH&gdpr=0&gdpr_consent=
  • https://cs.minutemedia-prebid.com/cs?aid=21496&id=2e7556fa-d433-4e40-9dcf-8adfe374e481&gdpr=0
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21496&id=2e7556fa-d433-4e40-9dcf-8adfe374e481&gdpr=0
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
34.194.30.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-30-69.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:00 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21496&id=2e7556fa-d433-4e40-9dcf-8adfe374e481&gdpr=0
date
Mon, 14 Aug 2023 12:50:00 GMT
content-length
0
cs
cs.minutemedia-prebid.com/ Frame 860C
Redirect Chain
  • https://cs.krushmedia.com/6185b9cf4d72f7e454746134b8c78716.gif?redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21501%26puid%3D%5BUID%5D
  • https://cs.minutemedia-prebid.com/cs?aid=21501&puid=e619a086-6237-43e7-a4c9-07e5deaedcb9
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21501&puid=e619a086-6237-43e7-a4c9-07e5deaedcb9
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
34.194.30.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-30-69.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:00 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
Date
Mon, 14 Aug 2023 12:50:00 GMT
Server
nginx
Transfer-Encoding
chunked
Location
https://cs.minutemedia-prebid.com/cs?aid=21501&puid=e619a086-6237-43e7-a4c9-07e5deaedcb9
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
cs
cs.minutemedia-prebid.com/ Frame 860C
Redirect Chain
  • https://csync.loopme.me/?pubid=11556&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&redirect=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21511%26id%3D%7Bdevice_id%7D
  • https://cs.minutemedia-prebid.com/cs?aid=21511&id=04ecafb6-a0cb-4e90-9aab-6c7641426e22&gdpr_consent=[USER_CONSENT]&gdpr=[GDPR]
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21511&id=04ecafb6-a0cb-4e90-9aab-6c7641426e22&gdpr_consent=[USER_CONSENT]&gdpr=[GDPR]
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
34.194.30.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-30-69.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:01 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21511&id=04ecafb6-a0cb-4e90-9aab-6c7641426e22&gdpr_consent=[USER_CONSENT]&gdpr=[GDPR]
date
Mon, 14 Aug 2023 12:50:00 GMT
server
_
content-length
0
cs
cs.minutemedia-prebid.com/ Frame 860C
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D$UID
  • https://cs.minutemedia-prebid.com/cs?aid=21480&id=689661242672352996219
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21480&id=689661242672352996219
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
34.194.30.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-30-69.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:00 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21480&id=689661242672352996219
date
Mon, 14 Aug 2023 12:50:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cs
cs.minutemedia-prebid.com/ Frame 860C
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=59&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]
  • https://cs.minutemedia-prebid.com/cs?aid=21498&id=8978801468337922557&gdpr=0&gdpr_consent=
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21498&id=8978801468337922557&gdpr=0&gdpr_consent=
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
34.194.30.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-30-69.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:00 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21498&id=8978801468337922557&gdpr=0&gdpr_consent=
date
Mon, 14 Aug 2023 12:49:59 GMT
content-length
0
cs
cs.minutemedia-prebid.com/ Frame 860C
Redirect Chain
  • https://b1sync.zemanta.com/usersync/minutemedia/?&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21515%26uid%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=JJ-Bcr2ZgPSZovj0FZ9P&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3TFZWWS3TVORSW2ZLENFQS24DSMVRGSZBOMNXW2L3D...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3TFZWWS3TVORSW2ZLENFQS24DSMVRGSZBOMNXW2L3DOM7WC2LEHUZDCNJRGUTGK6DDNBQW4Z3FHVWWS3TVORSW2ZLENFQSM5LJMQ6UUSRNIJRXEMS2M5IFGWTPOZVDA...
  • https://cs.minutemedia-prebid.com/cs?aid=21515&uid=JJ-Bcr2ZgPSZovj0FZ9P
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21515&uid=JJ-Bcr2ZgPSZovj0FZ9P
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
34.194.30.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-30-69.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:03 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
Date
Mon, 14 Aug 2023 12:50:02 GMT
Content-Type
text/html; charset=utf-8
Location
https://cs.minutemedia-prebid.com/cs?aid=21515&uid=JJ-Bcr2ZgPSZovj0FZ9P
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
98
Expires
Thu, 01 Dec 1994 16:00:00 GMT
cs
cs.minutemedia-prebid.com/ Frame 860C
Redirect Chain
  • https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21483%26id%3D%5BUSER_ID%5D
  • https://cs.minutemedia-prebid.com/cs?aid=21483&id=2129E09A41B14F3196FBE4892007BDC9
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21483&id=2129E09A41B14F3196FBE4892007BDC9
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
34.194.30.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-30-69.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:00 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

date
Mon, 14 Aug 2023 12:50:00 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
text/plain; charset=utf-8
location
https://cs.minutemedia-prebid.com/cs?aid=21483&id=2129E09A41B14F3196FBE4892007BDC9
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-varnish
807389218
access-control-allow-credentials
true
content-length
0
cs
cs.minutemedia-prebid.com/ Frame 860C
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21484%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BUSER_CONSENT%5D%26id%3D$UID
  • https://cs.minutemedia-prebid.com/cs?aid=21484&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&id=6125384915149995829
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21484&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&id=6125384915149995829
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
34.194.30.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-30-69.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:00 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:00 GMT
an-x-request-uuid
fecd2081-09a0-452a-ba11-06be8928dee1
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cs.minutemedia-prebid.com/cs?aid=21484&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&id=6125384915149995829
x-proxy-origin
38.132.118.69; 38.132.118.69; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cs
cs.minutemedia-prebid.com/ Frame 860C
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=196326&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26id%3D
  • https://cs.minutemedia-prebid.com/cs?aid=21476&id=ZNoi9Ggn7zBNSI16aEKdmQAA%263515
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21476&id=ZNoi9Ggn7zBNSI16aEKdmQAA%263515
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
34.194.30.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-30-69.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:00 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
Date
Mon, 14 Aug 2023 12:50:00 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cs.minutemedia-prebid.com/cs?aid=21476&id=ZNoi9Ggn7zBNSI16aEKdmQAA%263515
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
cs
cs.minutemedia-prebid.com/ Frame 860C
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=29975467-6f1b-4e06-b545-920b22ea49b2&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26id%3D
  • https://cs.minutemedia-prebid.com/cs?aid=21477&id=3512985a-d76b-4dd0-9fbd-86e6fc3daa60
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21477&id=3512985a-d76b-4dd0-9fbd-86e6fc3daa60
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
34.194.30.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-30-69.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:00 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

date
Mon, 14 Aug 2023 12:50:00 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cs.minutemedia-prebid.com/cs?aid=21477&id=3512985a-d76b-4dd0-9fbd-86e6fc3daa60
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cs
cs.minutemedia-prebid.com/ Frame 860C
Redirect Chain
  • https://ssc-cms.33across.com/ps/?ri=0015a00002hdV5tAAE&ru=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21485%26puid%3D33XUSERID33X
  • https://cs.minutemedia-prebid.com/cs?aid=21485&puid=212236466587534
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21485&puid=212236466587534
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
34.194.30.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-30-69.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:00 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:59 GMT
referrer-policy
unsafe-url
server
33XP010
x-33x-status
100000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://cs.minutemedia-prebid.com/cs?aid=21485&puid=212236466587534
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
cs
cs.minutemedia-prebid.com/ Frame 860C
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562963&ev=1&us_privacy=[US_PRIVACY]&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&rurl=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21494%26id%3D%25%25VGUID...
  • https://cs.minutemedia-prebid.com/cs?aid=21494&id=5TsF0pv5gg6c&ev=1&us_privacy=[US_PRIVACY]&pid=562963&gdpr_consent=[USER_CONSENT]&gdpr=[GDPR]
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21494&id=5TsF0pv5gg6c&ev=1&us_privacy=[US_PRIVACY]&pid=562963&gdpr_consent=[USER_CONSENT]&gdpr=[GDPR]
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
34.194.30.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-30-69.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:00 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://cs.minutemedia-prebid.com/cs?aid=21494&id=5TsF0pv5gg6c&ev=1&us_privacy=[US_PRIVACY]&pid=562963&gdpr_consent=[USER_CONSENT]&gdpr=[GDPR]
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6f79b8d6bf-rnvd6
expires
-1
cs
cs.minutemedia-prebid.com/ Frame 860C
Redirect Chain
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21488%26id%3D%24UID
  • https://cs.minutemedia-prebid.com/cs?aid=21488&id=HJkhbLZHRtsgZLtNTqiinddP
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21488&id=HJkhbLZHRtsgZLtNTqiinddP
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
34.194.30.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-30-69.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:01 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Date
Mon, 14 Aug 2023 12:50:00 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cs.minutemedia-prebid.com/cs?aid=21488&id=HJkhbLZHRtsgZLtNTqiinddP
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
cs
cs.minutemedia-prebid.com/ Frame 860C
Redirect Chain
  • https://sync.go.sonobi.com/us?gdpr=0&consent_string=&loc=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21504%26uid%3D%5BUID%5D
  • https://cs.minutemedia-prebid.com/cs?aid=21504&uid=273e4370-6533-4b38-9af5-edc3c5d51bd0
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21504&uid=273e4370-6533-4b38-9af5-edc3c5d51bd0
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
34.194.30.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-30-69.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:00 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:00 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-82
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cs.minutemedia-prebid.com/cs?aid=21504&uid=273e4370-6533-4b38-9af5-edc3c5d51bd0
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
cs
cs.minutemedia-prebid.com/ Frame 860C
Redirect Chain
  • https://visitor.omnitagjs.com/visitor/bsync?uid=a1aca1d7a7acd80e26595e82223f1e6f&name=MinuteMedia&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21502%26id%3D%5BBUYER...
  • https://cs.minutemedia-prebid.com/cs?aid=21502&id=319d01586de56a5b586bfe7d7e64dd29
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21502&id=319d01586de56a5b586bfe7d7e64dd29
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
34.194.30.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-30-69.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:02 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:00 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
location
https://cs.minutemedia-prebid.com/cs?aid=21502&id=319d01586de56a5b586bfe7d7e64dd29
p3p
CP="CAO PSA OUR"
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
13
content-length
0
expires
0
sync
ads.servenobid.com/ Frame 860C 		0
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=348&uid=E7FJG1ktkp_mm
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.181.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-181-173.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:00 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
in
us.q2s15.com/v5/ 		2 B
170 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://us.q2s15.com/v5/in
Requested by
Host: cdn.watchingthat.net
URL: https://cdn.watchingthat.net/us.wtat.plugin-jw_ima.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.17.205.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-205-49.compute-1.amazonaws.com
Software
/ Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundary1fvTOQbO45IUZqRU

Response headers

access-control-allow-origin
https://nypost.com
date
Mon, 14 Aug 2023 12:49:59 GMT
access-control-allow-credentials
true
x-powered-by
Express
content-length
2
vary
Origin
content-type
text/plain; charset=utf-8
pixels
pix.spot.im/api/v1/ 		0
230 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pix.spot.im/api/v1/pixels
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.8.1/launcher/386-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-91.jfk50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 14 Aug 2023 12:50:00 GMT
via
1.1 77c1752e5c6dfb050c6304b9d473a1e2.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P4
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
content-length
0
x-amz-cf-id
1ASAwYn6FXQpv8n18gzqf5al0XkI2y09w0JV5r3MXci5ZAuzA2Oq5Q==
manifest-audio_eng=112056-video_eng=222542.m3u8
videos-cloudfront-usp.jwpsrv.com/64dacae7_576bd9c3b7b35a25372702f4516e53696b433eca/site/XDErnc08/media/ScrNykYo/version/z3PQF4p5/manifest.ism/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://videos-cloudfront-usp.jwpsrv.com/64dacae7_576bd9c3b7b35a25372702f4516e53696b433eca/site/XDErnc08/media/ScrNykYo/version/z3PQF4p5/manifest.ism/manifest-audio_eng=112056-video_eng=222542.m3u8
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.27.1/provider.hlsjs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:a00:2:cecb:23c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
c3c3128cba06257f8bacf1fd0c0d884f3bc765c815c21b5e1d672cf803460568

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 14:08:25 GMT
via
1.1 08307cdad31639e360e0351e9156d6ba.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P6
age
81695
x-cache
Hit from cloudfront
content-length
1160
server
Apache
etag
"usp-2F82D9A8"
vary
Accept-Encoding
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
access-control-expose-headers
server,range,date,x-cdn-forward
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
origin, range, x-cdn-forward
x-amz-cf-id
dBLKcX9Tm7xfutMKABXHXozGA55lp5LuocLuwOpT2WE5Oi80nzIxhA==
aniview.js
player.aniview.com/script/6.1/ 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/aniview.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1402:b800:78d::2c79 Atlanta, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
3584ea9df907fa30b588127fd09db4b8f309a68dc181c4357a62830dff8943d3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:59 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdtadG4wFXJB9OQx0xa5I6-DtyWwfr91v5qY_VJS3p4p1pfLE8ApXL0HA-o5wdCbQl4E3LwDtdnoTWcS3T_DkxNjglen3Gfk
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
13567
last-modified
Thu, 10 Aug 2023 14:53:46 GMT
server
UploadServer
etag
"f7945c165c2042ef415327fc68cb4b56"
vary
Accept-Encoding
x-goog-generation
1691679226042826
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=QvqIEw==, md5=95RcFlwgQu9BUyf8aMtLVg==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
13567
accept-ranges
bytes
expires
Mon, 14 Aug 2023 12:59:59 GMT
vpts.js
static.vidazoo.com/basev/ 		42 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.vidazoo.com/basev/vpts.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:651 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b0ecd0b7c8e4db72578c8d28429bff3a47a2d8f306e3c9ecce4f34403b9ed83

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:59 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
C3QQMF5FY2EN7Z84
age
49057
content-length
10884
x-amz-id-2
UFNvVQGAv8vW3PwLtu9ihWeAmGrNuFN7H/ybKaWmGbvvOKjKQkFFs4rPwKJ4UCt0YjWNTP54f2s=
last-modified
Tue, 08 Jun 2021 05:47:52 GMT
server
cloudflare
etag
"c5a750a1ed58c511f163f50523350222"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7f69522ddbb44982-MIA
access-control-allow-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
expires
Tue, 15 Aug 2023 12:49:59 GMT
omp.min.js
libs.outbrain.com/video/outbrain-media-player/current/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://libs.outbrain.com/video/outbrain-media-player/current/omp.min.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.220.189.76 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-189-76.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
ebff6c0185f82da56ae24b05179c5c24dcc630c5002ce833e7f7f53eca8a0df8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:59 GMT
content-encoding
gzip
last-modified
Tue, 08 Aug 2023 10:46:31 GMT
server
AkamaiNetStorage
etag
"960e0361e29d3558ee4e141672f42b6a:1691493079.927416"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
5785
expires
Mon, 14 Aug 2023 16:49:59 GMT
usync.js
eus.rubiconproject.com/ Frame 31AA 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.126.114.69 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-114-69.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
79174ee77b6396cce4fcb7cb25caa2eef27936e6d5dc920a88ea4dfe47e179cb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 12:50:00 GMT
Content-Encoding
gzip
Last-Modified
Mon, 14 Aug 2023 09:42:34 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=75187
Connection
keep-alive
Content-Length
10116
Expires
Tue, 15 Aug 2023 09:43:07 GMT
grumi-ip.js
rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/ Frame 32A4 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/ads/tags/v22.3.0/ads/ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:cc00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
649c937aa09a423947b473150880a77ca3c75e58c547e11d425325110e3f9420

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:32:57 GMT
x-amz-version-id
khzbv63B8WR6SPN8vZQwSklC5FaYaNbw
content-encoding
br
last-modified
Sun, 06 Aug 2023 15:32:29 GMT
server
AmazonS3
via
1.1 d98647edce17345f3d148190339e9d8c.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P6
etag
W/"85b44254afeb4daabf9f185a1f8d8590"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=14400, stale-while-revalidate=14400, immutable
age
1024
x-amz-cf-id
hWuBGcaIe7Z_xvSr8CAj8v07fWBw8V2qqpxXe8AVi3rS3ItSkcGSUQ==
hb_270443_10247.js
player.spotim.market/prebidlink/470004/ Frame 32A4 		918 B
785 B 		Script
General
Check archive.org
Download Go to
Full URL
https://player.spotim.market/prebidlink/470004/hb_270443_10247.js
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
555cd03ff6898614166494825516fbaf15aadfb16f88611778b580257d120a24

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires
Wed, 16 Aug 2023 12:50:00 GMT
date
Mon, 14 Aug 2023 12:50:00 GMT
content-encoding
gzip
last-modified
Tue, 08 Aug 2023 14:45:24 GMT
server
nginx
etag
W/"64d25504-396"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
x-proxy-cache
HIT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 32A4 		85 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f178859fa575ca6b65f4a221fec2c0f37194dbf8562a1c1f467151e08f38b110
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28664
x-xss-protection
0
server
cafe
etag
267 / 19583 / 31076935 / config-hash: 9566803040182507923
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 14 Aug 2023 12:49:59 GMT
wrapper_hb_270443_10247.js
player.spotim.market/prebidlink/470004/ Frame 32A4 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.spotim.market/prebidlink/470004/wrapper_hb_270443_10247.js
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
f2bed8001d93323f2d479a68e37d7ab22675434fdd31e60ce603407716fff0a4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires
Wed, 16 Aug 2023 12:50:00 GMT
date
Mon, 14 Aug 2023 12:50:00 GMT
content-encoding
gzip
last-modified
Tue, 08 Aug 2023 14:45:24 GMT
server
nginx
etag
W/"64d25504-863"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
x-proxy-cache
HIT
grumi-ip.js
rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/ Frame 4655 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/ads/tags/v22.3.0/ads/ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:cc00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
649c937aa09a423947b473150880a77ca3c75e58c547e11d425325110e3f9420

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:32:57 GMT
x-amz-version-id
khzbv63B8WR6SPN8vZQwSklC5FaYaNbw
content-encoding
br
last-modified
Sun, 06 Aug 2023 15:32:29 GMT
server
AmazonS3
via
1.1 d98647edce17345f3d148190339e9d8c.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P6
etag
W/"85b44254afeb4daabf9f185a1f8d8590"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=14400, stale-while-revalidate=14400, immutable
age
1024
x-amz-cf-id
g6TAJuD8bi0IdLudEYWr2LUQ58AkW5Y3fHxihO4XkUjekSkIk5pfyQ==
hb_270443_13401.js
player.spotim.market/prebidlink/470004/ Frame 4655 		918 B
784 B 		Script
General
Check archive.org
Download Go to
Full URL
https://player.spotim.market/prebidlink/470004/hb_270443_13401.js
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
155634641e0af9f8618778ad4385e5ecb1a8c61808b59d593963f9f6efc73bbb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires
Wed, 16 Aug 2023 12:50:00 GMT
date
Mon, 14 Aug 2023 12:50:00 GMT
content-encoding
gzip
last-modified
Tue, 08 Aug 2023 14:51:22 GMT
server
nginx
etag
W/"64d2566a-396"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
x-proxy-cache
HIT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 4655 		85 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3863276a33d1d80116435988b3ef289f0f2b2ada9ea368a07d0756022491f747
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28660
x-xss-protection
0
server
cafe
etag
84 / 19583 / m202308030102 / config-hash: 9566803040182507923
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 14 Aug 2023 12:49:59 GMT
wrapper_hb_270443_13401.js
player.spotim.market/prebidlink/470004/ Frame 4655 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.spotim.market/prebidlink/470004/wrapper_hb_270443_13401.js
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
78c4775acc252edf88fccc6bc27a0dda23a3bf315026411a4ed052bffcc2787c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires
Wed, 16 Aug 2023 12:50:00 GMT
date
Mon, 14 Aug 2023 12:50:00 GMT
content-encoding
gzip
last-modified
Tue, 08 Aug 2023 14:51:22 GMT
server
nginx
etag
W/"64d2566a-863"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
x-proxy-cache
HIT
bundle.js
ib.3lift.com/rev/bbfe464cfa202ee859a6cd5905b6a2a671e56747/dist/ Frame 4EF7 		192 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.3lift.com/rev/bbfe464cfa202ee859a6cd5905b6a2a671e56747/dist/bundle.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-e09f10f-a7b8af42.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-10.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e89d2a2cf9ee12f1ea7af8c47450a484982bb1ab4d1c4e096624a6ae617d1c17

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 14:59:10 GMT
content-encoding
gzip
via
1.1 e3fb879a67c14c7a96059b2b777ccbc8.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C3
age
597050
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
61870
last-modified
Mon, 07 Aug 2023 14:51:53 GMT
server
AmazonS3
etag
"d0869557762dad1bd87dacd8c0cea1fe"
content-type
text/javascript
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-amz-cf-id
38ZcZptwBL_jyikT0l33vHzWcDiFC9Chl0vjhmX_H30Q7w5CfomlrQ==
ZNoi9Ggn7zBNSI16aEKdmQAADbsAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame F02F 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZNoi9Ggn7zBNSI16aEKdmQAADbsAAAAB?gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:d83a:9713:23f4:8b03 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:49:59 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame F02F
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&us_privacy=1---
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6125384915149995829&us_privacy=1---
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6125384915149995829&us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Aug 2023 12:50:00 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:59 GMT
an-x-request-uuid
23c3fa4c-4eef-4518-9257-70101d851fe2
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6125384915149995829&us_privacy=1---
x-proxy-origin
38.132.118.69; 38.132.118.69; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame F02F
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie?us_privacy=1---
  • https://match.prod.bidr.io/cookie-sync/ie?us_privacy=1---&_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABIlE7JtEYAACU0N_3KsQ&expiration=1693227000&us_privacy=1---
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABIlE7JtEYAACU0N_3KsQ&expiration=1693227000&us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Aug 2023 12:50:01 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=494
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABIlE7JtEYAACU0N_3KsQ&expiration=1693227000&us_privacy=1---
Date
Mon, 14 Aug 2023 12:50:00 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
user-registering
ads.stickyadstv.com/ Frame F02F 		43 B
608 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZNoi9Ggn7zBNSI16aEKdmQAADbsAAAAB&gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.233 Secaucus, United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Aug 2023 12:50:00 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1692017400292079-291
rum
dsum-sec.casalemedia.com/ Frame F02F
Redirect Chain
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=1---&gdpr=&gdpr_consent=&id=ZNoi9Ggn7zBNSI16aEKdmQAA%263515&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=1fda57ea-2c09-4838-9cc1-26167d51b9d6-tuctbd3a878
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=1fda57ea-2c09-4838-9cc1-26167d51b9d6-tuctbd3a878
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Aug 2023 12:50:00 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=1fda57ea-2c09-4838-9cc1-26167d51b9d6-tuctbd3a878
date
Mon, 14 Aug 2023 12:50:00 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
67991
index
dmp.brand-display.com/cm/api/ Frame F02F 		0
0
ZNoi9Ggn7zBNSI16aEKdmQAADbsAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame F02F
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZNoi9Ggn7zBNSI16aEKdmQAADbsAAAAB&gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZNoi9Ggn7zBNSI16aEKdmQAADbsAAAAB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZNoi9Ggn7zBNSI16aEKdmQAADbsAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
2600:1f18:4e9:5a02:d83a:9713:23f4:8b03 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:00 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZNoi9Ggn7zBNSI16aEKdmQAADbsAAAAB
date
Mon, 14 Aug 2023 12:50:00 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rum
dsum-sec.casalemedia.com/ Frame F02F
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&us_privacy=1---
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4086215225291572915
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4086215225291572915
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Aug 2023 12:50:00 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4086215225291572915
pragma
no-cache
date
Mon, 14 Aug 2023 12:49:59 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
htw-pixel.gif
cdn.indexww.com/ht/ Frame F02F 		43 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZNoi9Ggn7zBNSI16aEKdmQAA%263515=&us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:00 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
65706
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7f69522fdb6cdafd-MIA
content-length
43
expires
Tue, 15 Aug 2023 12:50:00 GMT
truncated
/ Frame 4EF7 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a5cf82e81d6662bba84d2a3c1cacc20a609daba1b097c633ac0b56f0f2793cf0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/png
ZNoi9Ggn7zBNSI16aEKdmQAADbsAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 1CC2 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZNoi9Ggn7zBNSI16aEKdmQAADbsAAAAB?gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:d83a:9713:23f4:8b03 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:00 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame 1CC2
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&us_privacy=1---
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6125384915149995829&us_privacy=1---
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6125384915149995829&us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Aug 2023 12:50:00 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:00 GMT
an-x-request-uuid
a5052d66-ae7c-493c-9c3c-a373253bd697
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6125384915149995829&us_privacy=1---
x-proxy-origin
38.132.118.69; 38.132.118.69; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 1CC2
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie?us_privacy=1---
  • https://match.prod.bidr.io/cookie-sync/ie?us_privacy=1---&_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABFCk7JtEYAACVAbz7Dsg&expiration=1693227000&us_privacy=1---
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABFCk7JtEYAACVAbz7Dsg&expiration=1693227000&us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Aug 2023 12:50:01 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=493
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABFCk7JtEYAACVAbz7Dsg&expiration=1693227000&us_privacy=1---
Date
Mon, 14 Aug 2023 12:50:00 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
user-registering
ads.stickyadstv.com/ Frame 1CC2 		43 B
606 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZNoi9Ggn7zBNSI16aEKdmQAADbsAAAAB&gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.233 Secaucus, United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Aug 2023 12:50:00 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1692017400296064-294
rum
dsum.casalemedia.com/ Frame 1CC2
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=index&us_privacy=1---
  • https://rtb2-useast.marketiq.com/sync?exchange=685&ssp=index&bsw_param=2ec00d2e-f53c-465e-92d3-2beaa816ca85
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.marketiq.com%2Fsync%3Fexchange%3D685%26ssp%3Dindex%26bsw_param%3D2ec00d2e-f53c-465e-92d3-2beaa816ca85
  • https://rtb2-useast.marketiq.com/sync?adkuid=A4227443290020297021&exchange=685&ssp=index&bsw_param=2ec00d2e-f53c-465e-92d3-2beaa816ca85
  • https://x.bidswitch.net/sync?dsp_id=458&user_id=A4227443290020297021&expires=5&ssp=index&bsw_param=2ec00d2e-f53c-465e-92d3-2beaa816ca85
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=2ec00d2e-f53c-465e-92d3-2beaa816ca85&gdpr=&gdpr_consent=&us_privacy=
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=2ec00d2e-f53c-465e-92d3-2beaa816ca85&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Aug 2023 12:50:05 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Location
//dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=2ec00d2e-f53c-465e-92d3-2beaa816ca85&gdpr=&gdpr_consent=&us_privacy=
Date
Mon, 14 Aug 2023 12:50:04 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
crum
dsum-sec.casalemedia.com/ Frame 1CC2
Redirect Chain
  • https://trace.mediago.io/ju/cs/indexexchange
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=12ebf5e67218f0c3469d048f22b57088
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=12ebf5e67218f0c3469d048f22b57088
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Aug 2023 12:50:01 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=12ebf5e67218f0c3469d048f22b57088
date
Mon, 14 Aug 2023 12:50:00 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8
content-type
text/plain; charset=utf-8
crum
dsum-sec.casalemedia.com/ Frame 1CC2
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&us_privacy=1---
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=4F94844F4CC4401AB7330777BA793A74&us_privacy=1---
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=4F94844F4CC4401AB7330777BA793A74&us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Aug 2023 12:50:00 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

date
Mon, 14 Aug 2023 12:50:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=4F94844F4CC4401AB7330777BA793A74&us_privacy=1---
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 13 Aug 2023 12:50:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 1CC2
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&us_privacy=1---
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4086215225291572915
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4086215225291572915
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Aug 2023 12:50:00 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4086215225291572915
pragma
no-cache
date
Mon, 14 Aug 2023 12:49:59 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
htw-pixel.gif
cdn.indexww.com/ht/ Frame 1CC2 		43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZNoi9Ggn7zBNSI16aEKdmQAA%263515=&us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:00 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
65706
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7f69522fdb6edafd-MIA
content-length
43
expires
Tue, 15 Aug 2023 12:50:00 GMT
usync.html
eus.rubiconproject.com/ Frame DFF7
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=1---
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1---&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.126.114.69 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-114-69.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1---&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 14 Aug 2023 12:50:00 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 14 Aug 2023 12:50:00 GMT
location
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame BEEC
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=1---&ts=1692017399356.7&ri=25&ru=https%3A%2F%2Fads.pubmatic.com%2FAdServer%2Fjs%2Fuser_sync.html%3F%26p%3D156423%26us_privacy%3D%24%7BUS_PRIVACY%7D%26pre...
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=1---&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D1---%26bidder_id%3D25%26external_user_...
15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=1---&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D1---%26bidder_id%3D25%26external_user_id%3D
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1---&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.220.188.195 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-188-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1---&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=34066
content-encoding
gzip
content-length
5606
content-type
text/html
date
Mon, 14 Aug 2023 12:50:00 GMT
expires
Mon, 14 Aug 2023 22:17:46 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Mon, 14 Aug 2023 12:49:59 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=1---&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D1---%26bidder_id%3D25%26external_user_id%3D
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP016
x-33x-status
40000000008200000A
setuid
prebid-server.rubiconproject.com/ Frame 1A41
Redirect Chain
  • https://ssc-cms.33across.com/ps/?_=1692017399356.&ri=zzz000000000002zzz&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%...
  • https://prebid-server.rubiconproject.com/setuid?bidder=33across&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&account=&f=b&uid=212236466587534
0
676 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=33across&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&account=&f=b&uid=212236466587534
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1---&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
HTTP/1.1
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1---&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:59 GMT
referrer-policy
unsafe-url
server
33XP019
x-33x-status
100000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://prebid-server.rubiconproject.com/setuid?bidder=33across&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&account=&f=b&uid=212236466587534
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 1A41
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy=1---
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=2ec00d2e-f53c-465e-92d3-2beaa816ca85&ssp=the33across&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10596758823292913325&ssp=the33across&gdpr=&gdpr_consent=
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=2ec00d2e-f53c-465e-92d3-2beaa816ca85
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=2ec00d2e-f53c-465e-92d3-2beaa816ca85&ts=1692017402&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=2ec00d2e-f53c-465e-92d3-2beaa816ca85&ts=1692017402&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1---&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1---&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:04 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:01 GMT
referrer-policy
unsafe-url
server
33XP005
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=2ec00d2e-f53c-465e-92d3-2beaa816ca85&ts=1692017402&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 1A41
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-CQQtBoBE2uEV41gJSg4n7Pr2YYMqeIDw~A
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-CQQtBoBE2uEV41gJSg4n7Pr2YYMqeIDw%7EA&ts=1692017400&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-CQQtBoBE2uEV41gJSg4n7Pr2YYMqeIDw%7EA&ts=1692017400&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1---&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1---&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:00 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:59 GMT
referrer-policy
unsafe-url
server
33XP001
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-CQQtBoBE2uEV41gJSg4n7Pr2YYMqeIDw%7EA&ts=1692017400&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 1A41
Redirect Chain
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy=1---
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=7c5a931b7d09103b&is_secure=true&networkId=78390&version=1&us_privacy=1---
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAAMgybzHMEkMwNzJgqMAAAAAAA&expiration=1692103800&is_secure=true&us_privacy=1---
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAMgybzHMEkMwNzJgqMAAAAAAA&ts=1692017400&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
68 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAMgybzHMEkMwNzJgqMAAAAAAA&ts=1692017400&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1---&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1---&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:01 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:00 GMT
referrer-policy
unsafe-url
server
33XP002
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAMgybzHMEkMwNzJgqMAAAAAAA&ts=1692017400&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 1A41
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D1---%26xi%3D33%26xu%3D%24UID
  • https://ssc-cms.33across.com/ps/?us_privacy=1---&xi=33&xu=689661242672352996219
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=689661242672352996219&ts=1692017400&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
68 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=689661242672352996219&ts=1692017400&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1---&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1---&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:00 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:49:59 GMT
referrer-policy
unsafe-url
server
33XP017
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=689661242672352996219&ts=1692017400&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
ping.gif
ping-meta-prd.jwpltx.com/v1/jwplayer6/ 		0
78 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping-meta-prd.jwpltx.com/v1/jwplayer6/ping.gif?h=-719490349&e=xapi&n=7146181084716965&aid=wExvYnLyEeyygEIIgluVXw&emi=1bm2gucf42io&id=ScrNykYo&pli=11ybb8kg0o77&pv=8.27.1&tv=3.43.0&ed=6&prs=buffer&pid=SPdDOYds&ph=1&sdk=0&xam=getVisualQuality&sa=1692017400030
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-served-by
cache-mia-kmia1760020-MIA
date
Mon, 14 Aug 2023 12:50:00 GMT
via
1.1 varnish
server
nginx
accept-ranges
bytes
x-cache
MISS
x-cache-hits
0
hash.gif
pix.cdnwidget.com/
Redirect Chain
  • https://pix.cdnwidget.com/redirect?CID=2TyZhHp4GYUuwOWfeL39OANSHAn&DID=2TyZhINDIDmhyTKWZ3SFLYGq6d5&v=&iv=&deviceid=3597984204655002310&visitid=1692017398043911&wsid=2045&apikey=2^HIykD
  • https://pippio.com/api/sync?pid=5749
  • https://pix.cdnwidget.com/hash.gif?md5=none&sha1=none&sha256=none
68 B
635 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.cdnwidget.com/hash.gif?md5=none&sha1=none&sha256=none
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Server
34.149.254.212 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
212.254.149.34.bc.googleusercontent.com
Software
/
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:01 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

date
Mon, 14 Aug 2023 12:50:00 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pix.cdnwidget.com/hash.gif?md5=none&sha1=none&sha256=none
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
graph
idr.cdnwidget.com/ 		0
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idr.cdnwidget.com/graph?cookieID=2TyZhHp4GYUuwOWfeL39OANSHAn&deviceID=2TyZhINDIDmhyTKWZ3SFLYGq6d5&bxdid=3597984204655002310&bxvid=1692017398043911&bxwid=2045&gm=false&apikey=2^HIykD&loadID=aiKhvVBH3hpsj0x
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.130.207 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
207.130.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 14 Aug 2023 12:50:00 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
id_sync
events.bouncex.net/track.gif/ 		42 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/id_sync?id_sync:id_type=sid&id_sync:id_source=graph&soft_id=2TyZhINDIDmhyTKWZ3SFLYGq6d5&source=web&agent=cjs&deviceid=3597984204655002310&visitid=1692017398043911&websiteid=2045&pageviewid=undefined&sequenceid=undefined
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:00 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
usersync
usersync.gumgum.com/ Frame D688
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZNoi9cCo8X8AAGiFsigAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZNoi9cCo8X8AAGiFsigAAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 14 Aug 2023 12:50:01 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Mon, 14 Aug 2023 12:50:01 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZNoi9cCo8X8AAGiFsigAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
2
X-SO-Cluster-ID
0
X-SO-HostName
m-ad349.dc4p.scaleout.jp
X-SO-IP
38.132.118.69
X-SO-Key
ZNoi9cCo8X8AAGiFsigAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"38.132.118.69","key":"ZNoi9cCo8X8AAGiFsigAAAAA","privacy_sensitive":false,"uid":"ZNoi9cCo8X8AAGiFsigAAAAA","upstream_id":"m-ad349"}
X-SO-LB-Hostname
m-tgng27.dc4p.scaleout.jp
X-SO-UID
ZNoi9cCo8X8AAGiFsigAAAAA
X-SO-Upstream-ID
m-ad349
gumgum
cs.admanmedia.com/sync/ Frame A31C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.admanmedia.com/sync/gumgum?puid=u_86675a2e-1fa3-4d4a-8df3-7774f2fc0697&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.77.87.166 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Date
Mon, 14 Aug 2023 12:50:02 GMT
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
usermatchredir
ssum-sec.casalemedia.com/ Frame AE0E 		43 B
632 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 14 Aug 2023 12:50:00 GMT
Expires
0
Keep-Alive
timeout=1, max=500
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
usync.html
eus.rubiconproject.com/ Frame 164C
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.126.114.69 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-114-69.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 14 Aug 2023 12:50:00 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 14 Aug 2023 12:50:00 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
usync.html
eus.rubiconproject.com/ Frame A9F5
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=rise_engage&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.126.114.69 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-114-69.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cs-server-s2s.yellowblue.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 14 Aug 2023 12:50:00 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 14 Aug 2023 12:50:00 GMT
location
https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
server
AkamaiGHost
/
onetag-sys.com/usync/ Frame 7AE7 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5adb88524e24e50&us_privacy=1---
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1---&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync.adkernel.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
29f836b1c2dd7f7b
ads.us.e-planning.net/uspd/1/ Frame 08FC
Redirect Chain
  • https://ads.us.e-planning.net/uspd/1/29f836b1c2dd7f7b?ruidm=1&du=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D181225%26dsp%3D629319%26t%3Diframe%26uid%3D%24UID%26us_privacy%3D1---
  • https://ads.us.e-planning.net/uspd/1/29f836b1c2dd7f7b?ct=1&ruidm=1&du=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D181225%26dsp%3D629319%26t%3Diframe%26uid%3D%24UID%26us_privacy%3D1---
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/29f836b1c2dd7f7b?ct=1&ruidm=1&du=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D181225%26dsp%3D629319%26t%3Diframe%26uid%3D%24UID%26us_privacy%3D1---
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1---&
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
66c8a7fd77862e3549f38f33023f6fe2dbded3d717a5cdec8348d616067d14d3

Request headers

Referer
https://sync.adkernel.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Mon, 14 Aug 2023 12:50:00 GMT
expires
Mon, 14 Aug 2023 12:50:00 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
IAD-1222

Redirect headers

content-type
text/html; charset=iso-8859-1
date
Mon, 14 Aug 2023 12:50:00 GMT
location
/uspd/1/29f836b1c2dd7f7b?ct=1&ruidm=1&du=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D181225%26dsp%3D629319%26t%3Diframe%26uid%3D%24UID%26us_privacy%3D1---
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
IAD-1222
152media
sync.quantumdex.io/usersync/ Frame 8ED7 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/152media
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1---&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3298446559e3092533afc8e7739ead20d365cf51c846d1b833781643d4150231

Request headers

Referer
https://sync.adkernel.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
7f69522f49dc9abf-MIA
content-encoding
gzip
content-type
text/html
date
Mon, 14 Aug 2023 12:50:00 GMT
server
cloudflare
/
onetag-sys.com/usync/ Frame A593 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://cs-rtb.minutemedia-prebid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
usync.html
eus.rubiconproject.com/ Frame 3CDC
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=minute_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.126.114.69 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-114-69.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cs-rtb.minutemedia-prebid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 14 Aug 2023 12:50:00 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 14 Aug 2023 12:50:00 GMT
location
https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
server
AkamaiGHost
log
hblg.media.net/ 		35 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?logid=kfk&evtid=sre_events&itype=RTD&abte=CONTROL&adt=desktop&cid=8CU3I8M1G&ct=MIAMI&cc=US&ugd=4&pht=7369&pid=&dn=nypost.com&servname=ssp-serving-6446fbb9-5m4rf&svr=1010_326&sc=FL&version=4&vh=1200&vw=1600&vsid=&vid=00001692017393434006462152372511&requrl=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&kwrf=&winner=None&isEmpty=true&size=&dfpAdPath=%2F5850%2Fpost.desktop%2Fcustom%2Fnews%2Fstories&dfpDiv=div-gpt-ad-custom&slotType=DFP&supcrid=&adid=&acid=&pvnm=&dfpbd=&ogbdp=&curr=&bidId=&mnrf=0&mnrfc=0&bdp=&icurr=&dfpcmpId=0&winner=None&isEmpty=true&size=&dfpAdPath=%2F5850%2Fpost.desktop%2Fskin%2Fnews%2Fstories&dfpDiv=div-gpt-ad-skin&slotType=DFP&supcrid=&adid=&acid=&pvnm=&dfpbd=&ogbdp=&curr=&bidId=&mnrf=0&mnrfc=0&bdp=&icurr=&dfpcmpId=0&winner=None&isEmpty=true&size=&dfpAdPath=%2F5850%2Fpost.desktop%2Foverlay_fullpage%2Fnews%2Fstories&dfpDiv=div-gpt-ad-overlay_fullpage&slotType=DFP&supcrid=&adid=&acid=&pvnm=&dfpbd=&ogbdp=&curr=&bidId=&mnrf=0&mnrfc=0&bdp=&icurr=&dfpcmpId=0&winner=DFP&isEmpty=false&size=970x250&dfpAdPath=%2F5850%2Fpost.desktop%2Fbillb_atf%2Fnews%2Fstories&dfpDiv=div-gpt-ad-billb_atf&slotType=Prebid&supcrid=div-gpt-ad-billb_atf&adid=&acid=&pvnm=&dfpbd=&ogbdp=&curr=&bidId=&mnrf=0&mnrfc=0&bdp=&icurr=&dfpcmpId=2707512692&winner=DFP&isEmpty=false&size=1x7&dfpAdPath=%2F5850%2Fpost.desktop%2Finline%2Fnews%2Fstories&dfpDiv=div-gpt-ad-inline&slotType=DFP&supcrid=&adid=&acid=&pvnm=&dfpbd=&ogbdp=&curr=&bidId=&mnrf=0&mnrfc=0&bdp=&icurr=&dfpcmpId=3124739515&winner=DFP&isEmpty=false&size=1x6&dfpAdPath=%2F5850%2Fpost.desktop%2Fnative%2Fnews%2Fstories&dfpDiv=div-gpt-ad-native&slotType=DFP&supcrid=&adid=&acid=&pvnm=&dfpbd=&ogbdp=&curr=&bidId=&mnrf=0&mnrfc=0&bdp=&icurr=&dfpcmpId=2709739563
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.36.23 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-36-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:00 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Mon, 14 Aug 2023 12:50:00 GMT
truncated
/ Frame 067A 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bccd94e403bfccf0a57a4cb856e41e48b7cc082c5a1e8f926ead341f4f673971

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 10FF 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV84NjY3NWEyZS0xZmEzLTRkNGEtOGRmMy03Nzc0ZjJmYzA2OTc=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Mon, 14 Aug 2023 12:50:00 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F743 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.220.188.195 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-188-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=34066
content-encoding
gzip
content-length
5606
content-type
text/html
date
Mon, 14 Aug 2023 12:50:00 GMT
expires
Mon, 14 Aug 2023 22:17:46 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 1A39 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://cs-server-s2s.yellowblue.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
log
c21lg-d.media.net/ Frame B810 		35 B
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&origin=1&pvgid=data-con&ovsid=66812f63-ea26-4d5a-9223-f453693c845e&cs=15&vsid=3350189961523764000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU3I8M1G&prvid=2033%2C2030%2C2073%2C273%2C2027%2C159%2C2026%2C117%2C238%2C239%2C97%2C99%2C59%2C3012%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C171%2C173%2C294%2C251%2C178%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C459%2C77%2C184%2C261%2C141%2C262%2C461%2C188%2C222%2C345%2C225%2C226%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.36.23 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-36-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 14 Aug 2023 12:50:00 GMT
cache-control
max-age=0, no-cache, no-store
expires
Mon, 14 Aug 2023 12:50:00 GMT
content-length
35
content-type
image/gif
view
securepubads.g.doubleclick.net/pcs/ Frame 067A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvEFSAcJJlhPXszqWUENmBWpZokDUvfr5YxXyC5EFVIKg2llvb4WzhsP0feIEMqWBDqJsGlnHfycyhaXMWgi2ESiM_jDYTaySrAb1w-5zM2Xl34JspORY8i3T7ybdr5tuSJY8uyJj6KPCD0iHll7BxjjFXwpSfJXhMUTYQq0cXvK5o3eguPk8_092RS-W3ASaePwTuras39Kmyb8qm6y89zASQQfWvt1l51AWeLjbm9bdifUSStgVwFPdpOzy4FArCqiAPihcRTH1N9kgNeUM22zkqgog-o1IZ_of-0bX4xyp5ox0C8k8bKKMCtVLyZeMwb10DYHF5lfunq1mfWcjouomM&sai=AMfl-YS6y_8HpK46Ecfiil6igMFRiGErC7q7XOxD9OVgnmk16Dqp8hS3ukx2-tnnc2eAHVCD922gcYGliaXuxA7sx7mHLy-rAUxFd0Eva2ZL9Gqb9L45rjhpJQdm2VfDmIl7GbdvqZ1_2y2m0SJ3di2Y1A&sig=Cg0ArKJSzEELVjiXfYyGEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-e09f10f-a7b8af42.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 14 Aug 2023 12:50:00 GMT
vendors-node_modules_babel_runtime_regenerator_index_js-node_modules_spotim_ui-components_dis-cb2aa4.js
static-cdn.spot.im/production/reactions/tags/v4.3.1/ 		154 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/reactions/tags/v4.3.1/vendors-node_modules_babel_runtime_regenerator_index_js-node_modules_spotim_ui-components_dis-cb2aa4.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.66 , United States, ASN (),
Reverse DNS
server-18-173-219-66.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2ddfdbe820acf73e9b01c2a6f912ecd7de131d9e9e82efd748d61b2b84beab42

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
.pzHsJ9OMsPfSNHH4MrkrgNU33TOIwiS
content-encoding
br
via
1.1 6d137176634825df2648120ac1bcc782.cloudfront.net (CloudFront)
date
Mon, 14 Aug 2023 07:42:35 GMT
last-modified
Thu, 29 Dec 2022 10:32:12 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P1
age
18446
x-amz-server-side-encryption
AES256
etag
W/"71ba81daf748daa9747095c40fc4427a"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-replication-status
COMPLETED
x-amz-cf-id
JFhbZAS0ln_MgSH9qGOmE41G5DckAJJccrmNu7c-P_QM3CmexUxghw==
src_components_App_App_tsx-src_i18n_ts-src_state_store_ts-src_utils_getConfig_ts-src_utils_sc-9878f5.js
static-cdn.spot.im/production/reactions/tags/v4.3.1/ 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/reactions/tags/v4.3.1/src_components_App_App_tsx-src_i18n_ts-src_state_store_ts-src_utils_getConfig_ts-src_utils_sc-9878f5.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.66 , United States, ASN (),
Reverse DNS
server-18-173-219-66.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3f56473141577d2b87c23d340192177edda4e2e5860257152f9814e143d5d82d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
wUUyEaMof8Hj5skS21VLUC_bOYUf.XXw
content-encoding
br
via
1.1 6d137176634825df2648120ac1bcc782.cloudfront.net (CloudFront)
date
Mon, 14 Aug 2023 08:43:37 GMT
last-modified
Thu, 29 Dec 2022 10:32:12 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P1
age
14784
x-amz-server-side-encryption
AES256
etag
W/"c5a7b5f86eb37e099a7abe0380cdd3ec"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-replication-status
COMPLETED
x-amz-cf-id
ke2dMsvSonMIuxhBOiXopfzgeO8oKuSTt84GVPBwkw0Yt5wEqM8bPw==
src_boot-next_tsx.js
static-cdn.spot.im/production/reactions/tags/v4.3.1/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/reactions/tags/v4.3.1/src_boot-next_tsx.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.66 , United States, ASN (),
Reverse DNS
server-18-173-219-66.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
66499ddf1a34f67f53c5a31abc9e866f7c54a64a8cda4199a9d6bd1f2b1df51d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
.wG7ZEpgiljIHjQGQV4pelYWDYTZIzgw
content-encoding
br
via
1.1 6d137176634825df2648120ac1bcc782.cloudfront.net (CloudFront)
date
Mon, 14 Aug 2023 08:04:36 GMT
last-modified
Thu, 29 Dec 2022 10:32:12 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P1
age
17125
x-amz-server-side-encryption
AES256
etag
W/"57882e2cb0d213687f49299dda3fdc64"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-replication-status
COMPLETED
x-amz-cf-id
L5eHFUbgHWHahcl6IeDmTc0U69M7F_UAKSUNECw7u7sYlDcllElFzw==
styles.css
static-cdn.spot.im/production/reactions/tags/v4.3.1/ 		114 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/reactions/tags/v4.3.1/styles.css
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.8.1/launcher/initial-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.66 , United States, ASN (),
Reverse DNS
server-18-173-219-66.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aaa022ea6fbc4948712d50850b2f4038de3a68541d87dccd5d1d8abe5ac622df

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
9PELpIWb_NEsxrKLCvR15OertVG3tecs
content-encoding
br
via
1.1 da8cb5b9fb94d7de03d8eaa20297debc.cloudfront.net (CloudFront)
date
Mon, 14 Aug 2023 08:06:48 GMT
x-amz-cf-pop
JFK52-P1
age
16993
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 29 Dec 2022 10:32:12 GMT
server
AmazonS3
etag
W/"546f3b0a9bef119f767d0396fe6572d3"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-amz-cf-id
pZ1hKvR7Nx8IzK-vGXfsxPKzTx6abf61mrZW1-qdf7278vH-aKtwmw==
styles-bundle.js
static-cdn.spot.im/production/conversation/tags/v3.82.22/ 		37 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/conversation/tags/v3.82.22/styles-bundle.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.66 , United States, ASN (),
Reverse DNS
server-18-173-219-66.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f7fc2ee49fb8128a69c38428e8c5609d9e51a83fbbdf782544d0f975b6a61d04

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 12:47:04 GMT
content-encoding
br
via
1.1 6d137176634825df2648120ac1bcc782.cloudfront.net (CloudFront)
x-amz-version-id
pUjNdail78zb_PxYS7PhUU0WsTpcysGK
x-amz-cf-pop
JFK52-P1
age
1900977
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
5626
last-modified
Wed, 19 Jul 2023 05:05:15 GMT
server
AmazonS3
etag
"cdad61b223e4021a525e6d3b91ca1c81"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
lyMWg213gUIkVhFCXYbmfsGZ-5wSywHxo2Cl-5-QZ3DKN72CleZm8g==
vendors-node_modules_reduxjs_toolkit_dist_redux-toolkit_esm_js-node_modules_spotim_message_di-d5f4c0-bundle.js
static-cdn.spot.im/production/conversation/tags/v3.82.22/ 		373 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/conversation/tags/v3.82.22/vendors-node_modules_reduxjs_toolkit_dist_redux-toolkit_esm_js-node_modules_spotim_message_di-d5f4c0-bundle.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.66 , United States, ASN (),
Reverse DNS
server-18-173-219-66.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5c09b27f858e9254397451abbff3927acb9f6fc9745bcf3f56b7ab1c82cfb4a5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 12:47:04 GMT
content-encoding
br
via
1.1 6d137176634825df2648120ac1bcc782.cloudfront.net (CloudFront)
x-amz-version-id
rOJ3hC6_Pj08_x2psnrLZUmclVeekc68
x-amz-cf-pop
JFK52-P1
age
1900977
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
97227
last-modified
Wed, 19 Jul 2023 05:05:16 GMT
server
AmazonS3
etag
"207a6cec3ac701427533117fef662d46"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
OzfU73OtiKDQBja57fpew0sC-mIycVrLALarLZQreA_RSJ_JAljMBg==
app_conversation_components_Main_tsx-app_conversation_services_legacy_helpers_browser-detect_ts-bundle.js
static-cdn.spot.im/production/conversation/tags/v3.82.22/ 		139 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/conversation/tags/v3.82.22/app_conversation_components_Main_tsx-app_conversation_services_legacy_helpers_browser-detect_ts-bundle.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.66 , United States, ASN (),
Reverse DNS
server-18-173-219-66.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8c2767d370df3c0aa9bd8e5374930008ce2b65b44c88734dec1d4355de1afc8b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 12:47:04 GMT
content-encoding
br
via
1.1 6d137176634825df2648120ac1bcc782.cloudfront.net (CloudFront)
x-amz-version-id
3b1mcsRo0u4yUzAYCS3YHZ_j_gP7sjxO
x-amz-cf-pop
JFK52-P1
age
1900977
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
37701
last-modified
Wed, 19 Jul 2023 05:05:15 GMT
server
AmazonS3
etag
"bbe0d9c743a51ac11d2fb02866aee212"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
G4sRW5ofjHstpDQNKN1g04reGCfegTrjtmL2Qck7AE1P2G4NqTFd7A==
app_conversation_i18n_ts-app_conversation_initialize-store_ts-app_conversation_services_legac-f5b848-bundle.js
static-cdn.spot.im/production/conversation/tags/v3.82.22/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/conversation/tags/v3.82.22/app_conversation_i18n_ts-app_conversation_initialize-store_ts-app_conversation_services_legac-f5b848-bundle.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.66 , United States, ASN (),
Reverse DNS
server-18-173-219-66.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ff992f86e73074f88c82d1efc285ec8d1c3189925541f23d94b6cb5420d63e5d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 12:47:04 GMT
content-encoding
br
via
1.1 6d137176634825df2648120ac1bcc782.cloudfront.net (CloudFront)
x-amz-version-id
pnZKAPNeFa.bOyLWxnzRt7AFVkCXGeCB
x-amz-cf-pop
JFK52-P1
age
1900977
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
11629
last-modified
Wed, 19 Jul 2023 05:05:15 GMT
server
AmazonS3
etag
"a5156fb0594750458d4df621594ca8bd"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
Lmizo2Xl2xeu26H0SFcDIKRC25kJ93zRb2FK3SfI-W3nsOtKYetZGA==
conversation-boot-next-bundle.js
static-cdn.spot.im/production/conversation/tags/v3.82.22/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/conversation/tags/v3.82.22/conversation-boot-next-bundle.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.66 , United States, ASN (),
Reverse DNS
server-18-173-219-66.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
98d8c1199a6b9cc2704321101b789ac19ff203961d9ff1668ee04d4d9224d9c1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 12:47:04 GMT
content-encoding
br
via
1.1 6d137176634825df2648120ac1bcc782.cloudfront.net (CloudFront)
x-amz-version-id
OZbUTZN0No_3L0TWFrW84MikfpGcZJVF
x-amz-cf-pop
JFK52-P1
age
1900977
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
3175
last-modified
Wed, 19 Jul 2023 05:05:15 GMT
server
AmazonS3
etag
"cc08ae41786766b182331369f9be0d27"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
4jo3shW5lvwBGWzeD1SOKSapnh8orFNtouam7Zx6opSncXnKZQU1rg==
styles.css
static-cdn.spot.im/production/conversation/tags/v3.82.22/ 		663 KB
38 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/conversation/tags/v3.82.22/styles.css
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.8.1/launcher/initial-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.66 , United States, ASN (),
Reverse DNS
server-18-173-219-66.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b993a0e8f3f053b76d6b10a7ff52f78d56a68242e27cde6737af3bea128e1749

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 12:47:04 GMT
content-encoding
br
via
1.1 da8cb5b9fb94d7de03d8eaa20297debc.cloudfront.net (CloudFront)
x-amz-version-id
jOk8stW58mDdQ9PrL9nUgjPFvhucbCNb
x-amz-cf-pop
JFK52-P1
age
1900977
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
38771
last-modified
Wed, 19 Jul 2023 05:05:15 GMT
server
AmazonS3
etag
"d8a5afe530dbc26709a7e38b75f22917"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
O0w7NubkX_P0JDBZ8MB7Qex1pzaOh7hVFI0lpD5oZIKOUnrx1vtGaQ==
ping.gif
ping-meta-prd.jwpltx.com/v1/jwplayer6/ 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping-meta-prd.jwpltx.com/v1/jwplayer6/ping.gif?h=569954540&e=xapi&n=5488034942431517&aid=wExvYnLyEeyygEIIgluVXw&emi=1bm2gucf42io&id=ScrNykYo&pli=11ybb8kg0o77&pv=8.27.1&tv=3.43.0&ed=6&prs=buffer&pid=SPdDOYds&ph=1&sdk=0&xam=getDuration&sa=1692017400392
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-served-by
cache-mia-kmia1760020-MIA
date
Mon, 14 Aug 2023 12:50:00 GMT
via
1.1 varnish
server
nginx
accept-ranges
bytes
x-cache
MISS
x-cache-hits
0
manifest-audio_eng=112056-video_eng=222542-1.ts
videos-cloudfront-usp.jwpsrv.com/64dacae7_576bd9c3b7b35a25372702f4516e53696b433eca/site/XDErnc08/media/ScrNykYo/version/z3PQF4p5/manifest.ism/ 		171 KB
171 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://videos-cloudfront-usp.jwpsrv.com/64dacae7_576bd9c3b7b35a25372702f4516e53696b433eca/site/XDErnc08/media/ScrNykYo/version/z3PQF4p5/manifest.ism/manifest-audio_eng=112056-video_eng=222542-1.ts
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.27.1/provider.hlsjs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:a00:2:cecb:23c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
666ef5ee78173e66f48d3006d04013d5407d85d54bdb1c7793b4772d2318d339

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 14:08:25 GMT
via
1.1 08307cdad31639e360e0351e9156d6ba.cloudfront.net (CloudFront)
x-usp-info1
t=1970-01-01T00:00:00Z lookahead=2
x-amz-cf-pop
JFK50-P6
age
81695
x-cache
Hit from cloudfront
content-length
174840
server
Apache
etag
"usp-D6FF47FC"
content-type
video/MP2T
access-control-allow-origin
*
access-control-expose-headers
server,range,date,x-cdn-forward
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
link
<manifest-audio_eng=112056-video_eng=222542-2.ts>; rel="next"
access-control-allow-headers
origin, range, x-cdn-forward
x-amz-cf-id
_6Za70dutNfUL3MosLCIsBN7zMts46PbUeenZufxSdypv6-6tEFcaQ==
usync.js
eus.rubiconproject.com/ Frame DFF7 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.126.114.69 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-114-69.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
79174ee77b6396cce4fcb7cb25caa2eef27936e6d5dc920a88ea4dfe47e179cb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 12:50:00 GMT
Content-Encoding
gzip
Last-Modified
Mon, 14 Aug 2023 09:42:34 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=75187
Connection
keep-alive
Content-Length
10116
Expires
Tue, 15 Aug 2023 09:43:07 GMT
async_usersync
ib.adnxs.com/ Frame 3729 		0
594 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.132 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:00 GMT
an-x-request-uuid
95ce2656-c1d2-4712-966a-25e508a4c08c
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.69; 38.132.118.69; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
elb.the-ozone-project.com/ Frame E226
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirectUri=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsmart%26gdpr%3D0%26gdp...
  • https://elb.the-ozone-project.com/setuid?bidder=smart&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=8978801468337922557
0
912 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=smart&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=8978801468337922557
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1---&pubcid=e27f856b-b396-4c82-98f1-d0573477e720&publisherId=OZONENYP0001&siteId=1500000033&cb=1692017396666&bidder=ozone
Protocol
H2
Server
104.18.6.50 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
7f695237d9678daf-MIA
content-length
0
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?bidder=smart&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=8978801468337922557
date
Mon, 14 Aug 2023 12:50:00 GMT
content-length
0
SPug
simage4.pubmatic.com/AdServer/ Frame 01F1 		0
129 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:00 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
async_usersync
ib.adnxs.com/ Frame E96A 		0
595 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.132 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:00 GMT
an-x-request-uuid
a53b164e-f6a8-4b65-aa9b-62eda47a5e86
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.69; 38.132.118.69; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 164C 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.126.114.69 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-114-69.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
79174ee77b6396cce4fcb7cb25caa2eef27936e6d5dc920a88ea4dfe47e179cb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 12:50:00 GMT
Content-Encoding
gzip
Last-Modified
Mon, 14 Aug 2023 09:42:34 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=75187
Connection
keep-alive
Content-Length
10116
Expires
Tue, 15 Aug 2023 09:43:07 GMT
setuid
sync.quantumdex.io/ Frame 8ED7
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=HJkhbLZHRtsgZLtNTqiinddP
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=HJkhbLZHRtsgZLtNTqiinddP
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152media
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7f695239bd7a9abf-MIA
content-length
43
content-type
image/gif

Redirect headers

Date
Mon, 14 Aug 2023 12:50:00 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=HJkhbLZHRtsgZLtNTqiinddP
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
setuid
sync.quantumdex.io/ Frame 8ED7
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://sync.quantumdex.io/setuid?bidder=between&uid=04899144-0d37-53e2-8a09-f160eed3d398
43 B
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=04899144-0d37-53e2-8a09-f160eed3d398
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152media
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7f6952390c7d9abf-MIA
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=04899144-0d37-53e2-8a09-f160eed3d398
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
/
s.ad.smaato.net/c/ Frame 8ED7
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
  • https://us-u.openx.net/w/1.0/cm?id=a9dcab4e-14df-43e4-a5aa-817bd9887939&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FdspId%3D1001758%26gdpr%3D0%26gdpr_consent%3D%26dspCookie%3D
  • https://s.ad.smaato.net/c/?dspId=1001758&gdpr=0&gdpr_consent=&dspCookie=b5596773-acaf-4032-8f52-9596075f9aeb
0
0
setuid
sync.quantumdex.io/ Frame 8ED7
Redirect Chain
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-232b251a-73f7-38d2-b385-866b557f8a46
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-232b251a-73f7-38d2-b385-866b557f8a46
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152media
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:03 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7f695244792b9abf-MIA
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-232b251a-73f7-38d2-b385-866b557f8a46
pragma
no-cache
date
Mon, 14 Aug 2023 12:50:01 GMT
cache-control
no-store
content-length
0
expires
0
setuid
sync.quantumdex.io/ Frame 8ED7
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6125384915149995829
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6125384915149995829
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152media
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:03 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7f69524479329abf-MIA
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:01 GMT
an-x-request-uuid
071a5029-c192-4dcd-a4a4-9268dccf1afb
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6125384915149995829
x-proxy-origin
38.132.118.69; 38.132.118.69; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 8ED7
Redirect Chain
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=2e7556fa-d433-4e40-9dcf-8adfe374e481
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=2e7556fa-d433-4e40-9dcf-8adfe374e481
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152media
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:03 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7f695244792f9abf-MIA
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=2e7556fa-d433-4e40-9dcf-8adfe374e481
date
Mon, 14 Aug 2023 12:50:01 GMT
content-length
0
setuid
sync.quantumdex.io/ Frame 8ED7
Redirect Chain
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
  • https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-632bhOSjupo1vdRoNINUp-sxGbreZvcK_wvnbh0_cg
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-632bhOSjupo1vdRoNINUp-sxGbreZvcK_wvnbh0_cg
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152media
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:03 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7f695244fa1b9abf-MIA
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-632bhOSjupo1vdRoNINUp-sxGbreZvcK_wvnbh0_cg
date
Mon, 14 Aug 2023 12:50:01 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"
csync
sync.adtelligent.com/ Frame 8ED7 		43 B
473 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307682&extuid=3cd234c8-f0a6-446a-8454-6292074b6aa0
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152media
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 12:50:01 GMT
Server
Adtelligent
Etag
3bb610820602cfe1
Content-Length
43
Content-Type
image/gif
PugMaster
image6.pubmatic.com/AdServer/ Frame 01F1 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=49373216&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
273f270699eaa38035b1e5a38f4ad3cdd643d77a57b9d2f65aa959b30d5e75f1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 14 Aug 2023 12:50:00 GMT
content-length
1633
content-type
text/html; charset=UTF-8
um
u-iad04.e-planning.net/ Frame 08FC
Redirect Chain
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D9e327913d98873c4
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=d6b17afb-b9dc-4997-9b71-8ab66aac7c4f-64da22f6-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=d6b17afb-b9dc-4997-9b71-8ab66aac7c4f-64da22f6-5553&partner_url=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3Dd6b17afb-b9...
  • https://u-iad04.e-planning.net/um?uid=d6b17afb-b9dc-4997-9b71-8ab66aac7c4f-64da22f6-5553&dc=0abbcb4eba840e59&fi=9e327913d98873c4
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?uid=d6b17afb-b9dc-4997-9b71-8ab66aac7c4f-64da22f6-5553&dc=0abbcb4eba840e59&fi=9e327913d98873c4
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/29f836b1c2dd7f7b?ct=1&ruidm=1&du=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D181225%26dsp%3D629319%26t%3Diframe%26uid%3D%24UID%26us_privacy%3D1---
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

server
openresty
date
Mon, 14 Aug 2023 12:50:04 GMT
content-type
image/gif

Redirect headers

date
Mon, 14 Aug 2023 12:50:03 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://u-iad04.e-planning.net/um?uid=d6b17afb-b9dc-4997-9b71-8ab66aac7c4f-64da22f6-5553&dc=0abbcb4eba840e59&fi=9e327913d98873c4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
um
u-iad04.e-planning.net/ Frame 08FC
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562965&ev=1&us_privacy=${us_privacy}&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%%VGUID%%%26dc%3D66b7ef4184d94c10%26fi%3D9e327913d98873c4
  • https://u-iad04.e-planning.net/um?uid=5TsF0pv5gg6c&dc=66b7ef4184d94c10&fi=9e327913d98873c4&ev=1&us_privacy=${us_privacy}&pid=562965
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?uid=5TsF0pv5gg6c&dc=66b7ef4184d94c10&fi=9e327913d98873c4&ev=1&us_privacy=${us_privacy}&pid=562965
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/29f836b1c2dd7f7b?ct=1&ruidm=1&du=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D181225%26dsp%3D629319%26t%3Diframe%26uid%3D%24UID%26us_privacy%3D1---
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

server
openresty
date
Mon, 14 Aug 2023 12:50:01 GMT
content-type
image/gif

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://u-iad04.e-planning.net/um?uid=5TsF0pv5gg6c&dc=66b7ef4184d94c10&fi=9e327913d98873c4&ev=1&us_privacy=${us_privacy}&pid=562965
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6f79b8d6bf-rnvd6
expires
-1
um
u-iad04.e-planning.net/ Frame 08FC
Redirect Chain
  • https://sync.admanmedia.com/pbs.gif?redir=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D9937b3fd6e9a979a%26fi%3D9e327913d98873c4%26uid%3D%5BUID%5D
  • https://u-iad04.e-planning.net/um?dc=9937b3fd6e9a979a&fi=9e327913d98873c4&uid=ca97df06-6c9e-4029-8a33-8a416c993787
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?dc=9937b3fd6e9a979a&fi=9e327913d98873c4&uid=ca97df06-6c9e-4029-8a33-8a416c993787
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/29f836b1c2dd7f7b?ct=1&ruidm=1&du=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D181225%26dsp%3D629319%26t%3Diframe%26uid%3D%24UID%26us_privacy%3D1---
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

server
openresty
date
Mon, 14 Aug 2023 12:50:03 GMT
content-type
image/gif

Redirect headers

Location
https://u-iad04.e-planning.net/um?dc=9937b3fd6e9a979a&fi=9e327913d98873c4&uid=ca97df06-6c9e-4029-8a33-8a416c993787
Date
Mon, 14 Aug 2023 12:50:01 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
retargetly_030920.js
s.e-planning.net/esb/4/1/3fb8/7bb4893a30d21aef/ Frame 08FC 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/7bb4893a30d21aef/retargetly_030920.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/29f836b1c2dd7f7b?ct=1&ruidm=1&du=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D181225%26dsp%3D629319%26t%3Diframe%26uid%3D%24UID%26us_privacy%3D1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.241 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
18cbfcb608af5885f7916274b60578d32006c90e8fce3d98dbcc89a646707608

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:01 GMT
content-encoding
gzip
last-modified
Thu, 03 Sep 2020 18:45:03 GMT
server
openresty
etag
W/"5f5139af-857"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Sat, 12 Aug 2028 12:50:01 GMT
um
u-iad04.e-planning.net/ Frame 08FC
Redirect Chain
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D9e327913d98873c4%26uid%3D%24%7BUID%7D
  • https://u-iad04.e-planning.net/um?dc=ff96d1aa62deeebd&fi=9e327913d98873c4&uid=9595f591-1166-416d-8ca9-5f043d65e208
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?dc=ff96d1aa62deeebd&fi=9e327913d98873c4&uid=9595f591-1166-416d-8ca9-5f043d65e208
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/29f836b1c2dd7f7b?ct=1&ruidm=1&du=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D181225%26dsp%3D629319%26t%3Diframe%26uid%3D%24UID%26us_privacy%3D1---
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

server
openresty
date
Mon, 14 Aug 2023 12:50:03 GMT
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:01 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://u-iad04.e-planning.net/um?dc=ff96d1aa62deeebd&fi=9e327913d98873c4&uid=9595f591-1166-416d-8ca9-5f043d65e208
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
145
lotame20220615.js
s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/ Frame 08FC 		566 B
520 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/29f836b1c2dd7f7b?ct=1&ruidm=1&du=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D181225%26dsp%3D629319%26t%3Diframe%26uid%3D%24UID%26us_privacy%3D1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.241 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:01 GMT
content-encoding
gzip
last-modified
Wed, 15 Jun 2022 16:21:31 GMT
server
openresty
etag
W/"62aa070b-236"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Sat, 12 Aug 2028 12:50:01 GMT
um
u-iad04.e-planning.net/ Frame 08FC
Redirect Chain
  • https://prebid-match.dotomi.com/match/bounce/current?networkId=72582&version=1&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Dfbb23d0ef33aad5d%26fi%3D9e327913d98873c4%26uid%3D
  • https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=3ca7e329a6212338&is_secure=true&networkId=72582&version=1&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Dfbb23d0ef33aad5d%26fi...
  • https://u-iad04.e-planning.net/um?dc=fbb23d0ef33aad5d&fi=9e327913d98873c4&uid=AAAMuSdE6J2fxgMJd9xkAAAAAAA&expiration=1692103803
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?dc=fbb23d0ef33aad5d&fi=9e327913d98873c4&uid=AAAMuSdE6J2fxgMJd9xkAAAAAAA&expiration=1692103803
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/29f836b1c2dd7f7b?ct=1&ruidm=1&du=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D181225%26dsp%3D629319%26t%3Diframe%26uid%3D%24UID%26us_privacy%3D1---
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

server
openresty
date
Mon, 14 Aug 2023 12:50:04 GMT
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:03 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://u-iad04.e-planning.net/um?dc=fbb23d0ef33aad5d&fi=9e327913d98873c4&uid=AAAMuSdE6J2fxgMJd9xkAAAAAAA&expiration=1692103803
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
/
sync.richaudience.com/1a12a024f8f9561c49164bbaf87ed164/ Frame 08FC
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3D9e327913d98873c4
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F&rd=1
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fsync.richaudience.com%2F1a12a024f8f9561c49164bbaf87ed164%2F%3Fuid%3D[sas_uid]&gdpr=0&gdpr_consent=&nwid=2441/
  • https://sync.smartadserver.com/getuid?url=https://sync.richaudience.com/1a12a024f8f9561c49164bbaf87ed164/?uid=[sas_uid]&gdpr=0&gdpr_consent=&nwid=2441/&cklb=1
  • https://sync.richaudience.com/1a12a024f8f9561c49164bbaf87ed164/?uid=8978801468337922557
0
0
um
u-iad04.e-planning.net/ Frame 08FC
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D9e327913d98873c4%26uid%3D%24UID
  • https://u-iad04.e-planning.net/um?dc=8103fa85295fbe60&fi=9e327913d98873c4&uid=6125384915149995829
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?dc=8103fa85295fbe60&fi=9e327913d98873c4&uid=6125384915149995829
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/29f836b1c2dd7f7b?ct=1&ruidm=1&du=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D181225%26dsp%3D629319%26t%3Diframe%26uid%3D%24UID%26us_privacy%3D1---
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

server
openresty
date
Mon, 14 Aug 2023 12:50:03 GMT
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:01 GMT
an-x-request-uuid
bcfb28ab-cbe3-4cf1-b6b6-dc5297f31bd1
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://u-iad04.e-planning.net/um?dc=8103fa85295fbe60&fi=9e327913d98873c4&uid=6125384915149995829
x-proxy-origin
38.132.118.69; 38.132.118.69; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
um
u-iad04.e-planning.net/ Frame 08FC
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3D9e327913d98873c4%26uid%3D%5BUID%5D
  • https://u-iad04.e-planning.net/um?dc=e52415579699e09f&fi=9e327913d98873c4&uid=273e4370-6533-4b38-9af5-edc3c5d51bd0
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?dc=e52415579699e09f&fi=9e327913d98873c4&uid=273e4370-6533-4b38-9af5-edc3c5d51bd0
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/29f836b1c2dd7f7b?ct=1&ruidm=1&du=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D181225%26dsp%3D629319%26t%3Diframe%26uid%3D%24UID%26us_privacy%3D1---
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

server
openresty
date
Mon, 14 Aug 2023 12:50:03 GMT
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:01 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-82
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://u-iad04.e-planning.net/um?dc=e52415579699e09f&fi=9e327913d98873c4&uid=273e4370-6533-4b38-9af5-edc3c5d51bd0
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
um
u-iad04.e-planning.net/ Frame 08FC
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D9e327913d98873c4%26uid%3D%24UID&partner=eplanning
  • https://u-iad04.e-planning.net/um?dc=e64f73568d2b3c34&fi=9e327913d98873c4&uid=ua-232b251a-73f7-38d2-b385-866b557f8a46
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?dc=e64f73568d2b3c34&fi=9e327913d98873c4&uid=ua-232b251a-73f7-38d2-b385-866b557f8a46
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/29f836b1c2dd7f7b?ct=1&ruidm=1&du=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D181225%26dsp%3D629319%26t%3Diframe%26uid%3D%24UID%26us_privacy%3D1---
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

server
openresty
date
Mon, 14 Aug 2023 12:50:03 GMT
content-type
image/gif

Redirect headers

location
https://u-iad04.e-planning.net/um?dc=e64f73568d2b3c34&fi=9e327913d98873c4&uid=ua-232b251a-73f7-38d2-b385-866b557f8a46
pragma
no-cache
date
Mon, 14 Aug 2023 12:50:01 GMT
cache-control
no-store
content-length
0
expires
0
um
sync.e-planning.net/ Frame 08FC
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=H7IJBRjH
  • https://sync.e-planning.net/um?uid=2e7556fa-d433-4e40-9dcf-8adfe374e481&dc=769fefa8321c94fb&iss=1
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?uid=2e7556fa-d433-4e40-9dcf-8adfe374e481&dc=769fefa8321c94fb&iss=1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/29f836b1c2dd7f7b?ct=1&ruidm=1&du=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D181225%26dsp%3D629319%26t%3Diframe%26uid%3D%24UID%26us_privacy%3D1---
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

server
openresty
date
Mon, 14 Aug 2023 12:50:03 GMT
content-type
image/gif

Redirect headers

location
https://sync.e-planning.net/um?uid=2e7556fa-d433-4e40-9dcf-8adfe374e481&dc=769fefa8321c94fb&iss=1
date
Mon, 14 Aug 2023 12:50:01 GMT
content-length
0
um
u-iad04.e-planning.net/ Frame 08FC
Redirect Chain
  • https://cs.krushmedia.com/ec2cf90fdaaf74e7d94341d9392b3202.gif?redir=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Df343cd610dc2b771%26fi%3D9e327913d98873c4%26uid%3D%5BUID%5D
  • https://u-iad04.e-planning.net/um?dc=f343cd610dc2b771&fi=9e327913d98873c4&uid=e619a086-6237-43e7-a4c9-07e5deaedcb9
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?dc=f343cd610dc2b771&fi=9e327913d98873c4&uid=e619a086-6237-43e7-a4c9-07e5deaedcb9
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/29f836b1c2dd7f7b?ct=1&ruidm=1&du=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D181225%26dsp%3D629319%26t%3Diframe%26uid%3D%24UID%26us_privacy%3D1---
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

server
openresty
date
Mon, 14 Aug 2023 12:50:03 GMT
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 14 Aug 2023 12:50:01 GMT
Server
nginx
Transfer-Encoding
chunked
Location
https://u-iad04.e-planning.net/um?dc=f343cd610dc2b771&fi=9e327913d98873c4&uid=e619a086-6237-43e7-a4c9-07e5deaedcb9
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
um
u-iad04.e-planning.net/ Frame 08FC
Redirect Chain
  • https://cookies.nextmillmedia.com/sync?type=image&gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%5BNMUID%5D%26dc%...
  • https://u-iad04.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=9e327913d98873c4
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=9e327913d98873c4
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/29f836b1c2dd7f7b?ct=1&ruidm=1&du=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D181225%26dsp%3D629319%26t%3Diframe%26uid%3D%24UID%26us_privacy%3D1---
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Redirect headers

location
https://u-iad04.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=9e327913d98873c4
date
Mon, 14 Aug 2023 12:50:02 GMT
server
fasthttp
content-length
0
usync.js
eus.rubiconproject.com/ Frame A9F5 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.126.114.69 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-114-69.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
79174ee77b6396cce4fcb7cb25caa2eef27936e6d5dc920a88ea4dfe47e179cb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 12:50:00 GMT
Content-Encoding
gzip
Last-Modified
Mon, 14 Aug 2023 09:42:34 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=75187
Connection
keep-alive
Content-Length
10116
Expires
Tue, 15 Aug 2023 09:43:07 GMT
usync.js
eus.rubiconproject.com/ Frame 3CDC 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.126.114.69 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-114-69.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
79174ee77b6396cce4fcb7cb25caa2eef27936e6d5dc920a88ea4dfe47e179cb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 12:50:00 GMT
Content-Encoding
gzip
Last-Modified
Mon, 14 Aug 2023 09:42:34 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=75187
Connection
keep-alive
Content-Length
10116
Expires
Tue, 15 Aug 2023 09:43:07 GMT
auction
tlx.3lift.com/web/ Frame 7FD6 		49 B
707 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/web/auction?inv_code=NYPost_Sidebar_native_header&referrer=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&rev=bbfe464&fe=0&ft=1&cb=4146567284
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-e09f10f-a7b8af42.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.84.197.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-197-253.compute-1.amazonaws.com
Software
/
Resource Hash
ac4a42477700e88184ef3ce714317abc76a40dd857d518e108a676dbe80300b8
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:01 GMT
accept-ch
sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink
content-type
application/javascript; charset=utf-8
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate
content-length
49
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame EFF5 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152media
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
e93c41730f20fd857747def9273d960ec3e39cb2a711d805e59111af7d13b733

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1529
Content-Type
text/html
Date
Mon, 14 Aug 2023 12:50:01 GMT
Expires
0
Keep-Alive
timeout=1, max=500
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
log
c21lg-d.media.net/ Frame B810 		35 B
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&origin=1&pvgid=data-c&ovsid=n8eA2U0eoMngGxj7BLGV9mL4XzbmfNbR&cs=15&vsid=3350189961523764000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU3I8M1G&prvid=2033%2C2030%2C2073%2C273%2C2027%2C159%2C2026%2C117%2C238%2C239%2C97%2C99%2C59%2C3012%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C171%2C173%2C294%2C251%2C178%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C459%2C77%2C184%2C261%2C141%2C262%2C461%2C188%2C222%2C345%2C225%2C226%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.36.23 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-36-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 14 Aug 2023 12:50:01 GMT
cache-control
max-age=0, no-cache, no-store
expires
Mon, 14 Aug 2023 12:50:01 GMT
content-length
35
content-type
image/gif
vendors-node_modules_spotim_common-components_dist_index_js-node_modules_spotim_topics_dist_t-5d9d60-bundle.js
static-cdn.spot.im/production/notifications/tags/v1.21.1/ 		268 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/notifications/tags/v1.21.1/vendors-node_modules_spotim_common-components_dist_index_js-node_modules_spotim_topics_dist_t-5d9d60-bundle.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.66 , United States, ASN (),
Reverse DNS
server-18-173-219-66.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9cd17af00b58e83bcf70fa97448e21bc6def92af0c00dfa7349aeb3200c40b8a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
UbnPTV0wPFMvbnR1dp.RoEnH2TU1jhsc
content-encoding
br
via
1.1 6d137176634825df2648120ac1bcc782.cloudfront.net (CloudFront)
date
Mon, 14 Aug 2023 06:56:52 GMT
last-modified
Wed, 19 Jul 2023 05:10:34 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P1
age
21189
x-amz-server-side-encryption
AES256
etag
W/"65b6fded5f4ad8a82780bdb8f6a581a9"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-replication-status
COMPLETED
x-amz-cf-id
8YcdqH2nQNO1NuxrR_uPezH8LfoNMTVONEIiqHm4AqL9_6vewrwXvA==
src_components_NotificationItem_NotificationDescription_NotificationDescription_tsx-src_compo-c938d2-bundle.js
static-cdn.spot.im/production/notifications/tags/v1.21.1/ 		66 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/notifications/tags/v1.21.1/src_components_NotificationItem_NotificationDescription_NotificationDescription_tsx-src_compo-c938d2-bundle.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.66 , United States, ASN (),
Reverse DNS
server-18-173-219-66.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
95bd5b5dee2a2c169bd5cb212bd61511ca275fedd9f69b722ccdb8262e24d0e9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
u3xrZMYOGHG9DWXxtvCM34Tixod8gT3z
content-encoding
br
via
1.1 6d137176634825df2648120ac1bcc782.cloudfront.net (CloudFront)
date
Mon, 14 Aug 2023 07:12:21 GMT
last-modified
Wed, 19 Jul 2023 05:10:34 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P1
age
20261
x-amz-server-side-encryption
AES256
etag
W/"9ce63849dce3f0ee23726076e67b3665"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-replication-status
COMPLETED
x-amz-cf-id
N-zCaNyuBetTutc8zkkZho84Iy-_1farQ8SZSxsMQj-QPFzvSxVoJg==
src_next_features_BootStickyNotifications_index_tsx-bundle.js
static-cdn.spot.im/production/notifications/tags/v1.21.1/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/notifications/tags/v1.21.1/src_next_features_BootStickyNotifications_index_tsx-bundle.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.66 , United States, ASN (),
Reverse DNS
server-18-173-219-66.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
925ff22e8102a4cf1e8da410b3ebb080113af14ffe3696fa30759c739ea7c34b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
CPa4QOpzqTLLkxFbFbiiMt72XeNLnrwh
content-encoding
br
via
1.1 6d137176634825df2648120ac1bcc782.cloudfront.net (CloudFront)
date
Mon, 14 Aug 2023 08:29:41 GMT
last-modified
Wed, 19 Jul 2023 05:10:34 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P1
age
15625
x-amz-server-side-encryption
AES256
etag
W/"af1e8b7faec6a4cf03e589f835257087"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-replication-status
COMPLETED
x-amz-cf-id
C5b3iOpeuteb4YDws2Sjju3Kcm-2E8AexGU31eeUsAZUakZB2oHA-g==
styles.css
static-cdn.spot.im/production/notifications/tags/v1.21.1/ 		236 KB
16 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/notifications/tags/v1.21.1/styles.css
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.8.1/launcher/initial-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.66 , United States, ASN (),
Reverse DNS
server-18-173-219-66.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aebfbd73cbd1afd26ec17543eac2676adec9ac54d8c4829b866fccbfe08644f9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
hc.B.IblVf1KV21XPZf4XUTkfoNV9omU
content-encoding
br
via
1.1 da8cb5b9fb94d7de03d8eaa20297debc.cloudfront.net (CloudFront)
date
Mon, 14 Aug 2023 10:15:24 GMT
x-amz-cf-pop
JFK52-P1
age
9278
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 19 Jul 2023 05:10:34 GMT
server
AmazonS3
etag
W/"bf74349e97c40cbfe8f34f91c415ca12"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-amz-cf-id
wBGV0E2iAUcA5SU1u5FFXonDMMh4tlYtikm4V5N-56Ri9ll-bxHgIg==
activeview
pagead2.googlesyndication.com/pcs/ Frame 067A 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstRAKgicqClN3jNtUooPOoMy0QA0XnBP4btiNlJ3YsUH4lDJgIVwAVJcw7Oc7yHDuttUr1sw232bZe49QPckQwpXOGfE1lip3CJ-CVdZCSP7SXcEZHu&sig=Cg0ArKJSzDnT40BouVAQEAE&id=lidar2&mcvt=1246&p=556,0,563,1&mtos=1246,1246,1246,1246,1246&tos=1246,0,0,0,0&v=20230809&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2584993449&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692017399051&rpt=1298&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-e09f10f-a7b8af42.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame CF6D
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=eplanning_east&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/29f836b1c2dd7f7b?ct=1&ruidm=1&du=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D181225%26dsp%3D629319%26t%3Diframe%26uid%3D%24UID%26us_privacy%3D1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.126.114.69 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-114-69.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 14 Aug 2023 12:50:01 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 14 Aug 2023 12:50:01 GMT
location
https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
server
AkamaiGHost
sync
ads.servenobid.com/ Frame 31AA
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LLAVGYIH-G-GET7
  • https://ads.servenobid.com/sync?pid=323&uid=LLAVGYIH-G-GET7
0
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=323&uid=LLAVGYIH-G-GET7
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
H2
Server
52.22.181.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-181-173.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:03 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ads.servenobid.com/sync?pid=323&uid=LLAVGYIH-G-GET7
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
03d4828e33e22cf7b4098c5a68746480
Expires
0
PugMaster
image6.pubmatic.com/AdServer/ Frame A8B5 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=16757692&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
393f3e4e25a29357699d565a3c7e2c9b1f12444a9fe8e0515658c5fb67b5b8d7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Mon, 14 Aug 2023 12:50:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
events
api.permutive.com/v2.0/batch/ 		201 B
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=8716c0bf-3e57-4603-9c05-89d10477c922
Requested by
Host: 0cf17917-395b-4f25-91cc-db3bdd6044b0.edge.permutive.app
URL: https://0cf17917-395b-4f25-91cc-db3bdd6044b0.edge.permutive.app/f34a8612-9c89-4e7a-adeb-71a2902d9634-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
f8bc24d4390c8efd649eed177cfd405db39e5d790e17a73c4b3e995ea0a40dcc

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 14 Aug 2023 12:50:02 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://nypost.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141
grumi.js
rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/ Frame 32A4 		420 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:cc00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0d681e7b8bf69feb54dac29be9c220ba245295feacde9814666573be9a699327

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:32:57 GMT
x-amz-version-id
vyAbbW1m0_KpEepyNEQMpIzowutTMjGr
content-encoding
br
last-modified
Mon, 14 Aug 2023 11:56:50 GMT
server
AmazonS3
via
1.1 d98647edce17345f3d148190339e9d8c.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P6
etag
W/"8fa0717e4dc1174cbcea5b63c019cce2"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
age
1026
x-amz-cf-id
SsDHz0b9wgYk06LY6BdnNWbkiSqRSaf0AA30OvsQDBb702oA-DJ3Dw==
grumi.js
rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/ Frame 4655 		420 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:cc00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0d681e7b8bf69feb54dac29be9c220ba245295feacde9814666573be9a699327

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:32:57 GMT
x-amz-version-id
vyAbbW1m0_KpEepyNEQMpIzowutTMjGr
content-encoding
br
last-modified
Mon, 14 Aug 2023 11:56:50 GMT
server
AmazonS3
via
1.1 d98647edce17345f3d148190339e9d8c.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P6
etag
W/"8fa0717e4dc1174cbcea5b63c019cce2"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
age
1026
x-amz-cf-id
aWJKzMe5ekTIbXOw_eBH0LtDZuRBIJ3ARPEErOUM2DhY-lKSLyraFQ==
pixel
googleads.g.doubleclick.net/xbbe/ Frame 8075 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ3FExD_0j0Y6_fayQEwAQ&v=APEucNXfJ__NwFlAFnSoFuHaJ9OOrMPyg0BMbuXdRAQhk2d8fk9lLZwwUkaLmv_YY3obT3yM-IqeoVnEwsnQxOLgb0eritgP8Q
Requested by
Host: 0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com
URL: https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 14 Aug 2023 12:50:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
player.js
player.aniview.com/script/6.1/ 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/player.js?v=1&type=s&pid=5e0e296628a061270b21ccab
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1402:b800:78d::2c79 Atlanta, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
3584ea9df907fa30b588127fd09db4b8f309a68dc181c4357a62830dff8943d3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:02 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycduqhVdLzFTo0UDXKe5p8GOTsQ-fq8G0kBSOIp-aNNzsZXJzhJUiNuFfEJr9KVZmYtUuENnyt9c3aOPf8O-aKl0Fyg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
13567
last-modified
Thu, 10 Aug 2023 14:53:46 GMT
server
UploadServer
etag
"15646370e3dcd407cd5c4d9161d821b5"
vary
Accept-Encoding
x-goog-generation
1691679226313793
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=Ep3yPA==, md5=FWRjcOPc1AfNXE2RYdghtQ==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
13567
accept-ranges
bytes
expires
Mon, 14 Aug 2023 13:00:02 GMT
track
track1.aniview.com/ 		0
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?pid=5e0e296628a061270b21ccab&cid=6052025c979e457a0861de0a&e=playerLoaded&cb=1692017402327&r=https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.206.193.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-193-111.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:02 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/ 		0
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?pid=5e0e296628a061270b21ccab&cid=634e65320022fb473b34ce15&e=playerLoaded&cb=1692017402339&r=https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.206.193.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-193-111.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:02 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 7B88 		640 B
262 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ3FExD_0j0YtbrPzQEwAQ&v=APEucNXZTA4iTRxY2xwKcS8BgvJj-jYMQF4K8Ui-o40dEJ899l76Bsf7jZSKxWHgH5Eh4yhSSDUhwA6vxclZqNydL90kUbJWkw
Requested by
Host: 0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com
URL: https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 14 Aug 2023 12:50:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame C2DE 		482 B
213 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ3FExD_0j0Y6_fayQEwAQ&v=APEucNX_4qPsaqD6xjgLd9L33a5ECzXCAJ14IKt-s-21nKNH-Hm-LIs9VuGTglVKBKJPRkV3JETzJ33F_vQQqxPwKAmbW8Iqew
Requested by
Host: 0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com
URL: https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7599e0a5ce1ba2a12f036e998e19e60b6e982178e4363d4630ab3a91ca73bf62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
193
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 14 Aug 2023 12:50:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame A17B 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5323871958048&version=m202307240101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A17B 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5323871958048&version=m202307240101&ct=76&x=1&cor=324828734998716200
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame A17B 		77 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DYLm7i9K95qyXFZa4qlOB0b4duEwqOG0v7diJXd6gMRSZqd7rdN6PPlSrX-FNUl_G0QhTas0jFRoSChQ0M8hVLB0NTSg&cry=1&dbm_d=AKAmf-BUMxBa3FOmL1eppszbAG2Kd067pN8cNv_SX1sAeacxwMXtMRWoj7qtRxZWwBGy3l5_fBH8oY9BuEgh2XdU-V4WAZG5f47nAfGHdFET3jcQZbStMcwkEekoi2o3Q1L-VSyTI9cQCTEjx064Cvp5WYu8BQulcE3LVIO2VdWUsJXB5Cs2k1XYVlEf2bAlRFJhBi71CdjHJOg6dqFmfR-FqUSsqetfJ_Lj6RG1Zd67WVm73WX0flYnmIwViqklKQHN7N4ebvDYh29eeR6aUJvJb33WL7TP5quBJkrVvj7-BRFq5qY4ObPCrxvAXqKDpNmzBNeZ08r_f09a3VFb0TcvnyVQ8d1V8CPtqZo6QlvoMUpmlKnwSqcH0agGWc42TJAZsydCZvlXZYIeT0wAZGq4wxJy4rJ-eH_9-vmiHPOEp8MzBpMWULHDZ4d0LF2Il1scFFauK0CG4NzVo59RkUR_tl2aPy_gF81z3hC6rxppPeTrkYGjsoHnHYjtRG0sNnIhch8bQeAhWAkMB0mM1Zn9fMot42kouPU8aePLp_S6HICi-hfMOkv5dlUXNjSUYdxtN0eNwvIY31iVZclQmTtQY8s2OwJJp1IB0_y_woCcM8GbS7GsfbTSrRzp9lUqI_VZXz5hAxCJFe3ruVVgF-Kd4wMV5gVsMZ51BYJEL3EJQekmojex7idDbGtL907Mg_4OHzokbyBfFd4Mseh-UxmjP9Ia9EXHIjV6ATc_kRZf8jeCexv-5AFdOnVs7TtinpVWZCfysDyUwjfJiiMOhmTPO37BqNvtUnufd21-u62q2SNjqEmycHqPoYRc14UkhZyrQX1T5zfUgejkkLxVgR06T-g8HYI2ApbiHQ8Tm7z_fwzLzKmTQ75uxdo8tAtBRPo8AJB-ifcBrWXo4BGQovyz0VPkOmB2uKzhXf4-DHSaT2lznGOFWt2IVcU1rCcvr20IzfZrBG9M6SkvzTJRlsH1X29S_vIMbAjv4YNdlX1LUZ0uF3QFI6JV8UD2EiFr3KrMsdqIu1jU8_6tntFRUmxUoi8LNB3n17OVe8AAMnPpjhBKriIw5Fmmiz5VqmAn_moFHGRgLIdoSq__Apju1gMKleywXjgK6nzAI1zxv6ZbHSS-JSlV94N-eK246LQpESyli4J7iodmUI__SpGz8jpuyY-lBg0uWe4EDKDQOwIKXJcUoquVP317G5XSp0MkDf8fGBAs9BWfctSHCISFCbaGONusEsVb7Cu9bpiJkGYXmxh6EHrN7E4pAvceNNslACqFN88Z7gKMhQg5Q6JHLN7lmtz3RMVZmEpSWxGws7lURJz2QtzytBWzvsPdrll8HX8twzSDe1aIJ2fv4AdxAhURc77i1adKFdsrHrB3FpY95F6wM0JOLQ7RYClkC3NfmU_FvhorbQ6q0OUxSMCGLcqY-HK_uTBKGOls5-doqNdZlnjNG1-UAgI_4rAYInnwnb9GfDkfunjrZV7aJ8KEbB2JZH57gB6tf3XmYqwKtGdwiEDaKNimzMH8Klt6uCNatOhiV39PgrV2vORKPQRd-zp3qap8nQt9o06A0xxoQkBQXw2nufhEoCjcEcU5CFs9VyVcMcPGl-hSA5ejUk75UIJvm7rT-Y-MmHTphGna278NYMCZafETnNHLVU9eeuhOXc95wXcTynC0BHN3ASq67tvsLan7ZwW7vU1IIRSlQLsMdsvK9_T9Jg6s7Wdk6VI8N67MLBZDc8CSNHA8swhz6ZaErVnYO9StfxZ_-PhVRUAH-ptQCmo2HyixFT20qIm83opEle6KqZH1QaxMZb3yNFHFbqiSMO0ogZtvonY5QkifYSzWHATgADzAXTGLMhB0ShaULbmbUvzPR_RyQyl24nlwn7BQ-vMgDzqYhM1rMd_0dX_rB7GF_vPeAZkOCC821sKTxUFtAjZ1FI10h8rd_tUz2ltWBwbTF5b29WkQbvDfb9P4ZNlah35EnmFlrezvoVhZ4z1Q6xpeBxMviT3yF9N5b_DGsyymyajJUrkw7dHEYLcOs59zNnQT5o_2Q4S8A_-Qy7DXuPmkctpNqgrFUtuFmgOxi9rHi2G95R1L_mKFPSSr03DCpRpbMOJqzkj0Xr3etHEcqJYO3ozy4bipVkak4BSpxzCHY7r3bwJH-F15rQGARYjSZWbBDfjwA9LuOEPPKhJUmdzuILzgrDu12LZKClJAfUQjdwerMpFwYhk5DHhgaAaVvlcXdx4EcHBW8e-MHlDqKkPYVnQC1TXG11ivONG6ZjYmmINiNrBhd0hu-YKLESAMmQYxI2Ik9Jufw9bUTSJhTC0R-MKUHtb973zQtB6AT4h2jx8nxX51YOZqv-kjzZGrBzNF4wFjqWTtgWelcD2d2uuDIWvkKmwKym6dMDM2sutyvXew6bvSaWNwfdKQol6Ze0rD7zT_d8gxkPMg1IQTSapC1mPxZ7iiT97a0b23jOTwNowH2UEMpHWIrhsBe4qxXjLv42ToRDcO4DsFKUljYcEedL-MCOUF5qsT2GA6s2SEJhfOyLmM1HmD0ldVjpT1kTpZk36VQzMRYnNE-qnkq3pNYseFBU4g7c-ShJpj2sZxQY_K499z_7ne3m64MWLO4Th9lULpZTT4Nld3oznS2Y_VSlDYHfE7NJTgfrOfOdzRtq200Ye7KczBJsNbAVH58fFslm5sY3MyF_n-h4Ea0PQB4629cLlFTZ5s30bYGZHNXYXmOi7yGxhhIv8jKLx643B_r5AtTx6djdYP6Jebecu0hPrY5XQL0TzumTzFxD0krUuP0DTnbfVaioS9y1hA5WxKQC1oshXikZb2PEU4a4RwDPcU4tNepC_Mx6SV86zXJhwNHzMP4g6uA__FB77s6xO06n88vZttvw90UalCbuk5i-KP0x-BQ-jy_DbmL18y1iohvbCukPQYiOyWzUfgKZO9d-4Qbv2f4wuthexkcomA8H91eOeH-Pq4fxHItgAPPhTSPcLZacUyHXRGq7vcAXR6axzlC5cuSyF1II1N8MR3shBcI98sZ4_LZmgwzZ30ZaZ6yXFphSmT_dVGfLCbOAEC8k9SfB-gfJeyKxMwD-uOk1pXz1lBVBpZLDwYOhwHLs0Jf0QFJpsQFg70dFeTdy-VZu9HeYprPReQoJYCqFnIgZrNOTjJ8mRYtwZg_Mk0RmX1ERdJnBvct1RUQBKursalPqCnjh1bizBbHMZsfco6-KA2VAiPdUZBkbEUBn5tkM6RUdyneF8974CrWAysPeYKsK3tkogALkwDRfMf9t7t21c1ChujstoB-B-CBpvpRXa3X0dQMSNOpNyosWTiMZwooOF1BHJe69Y5bU4DtPKBSey0i7bt2ZD4N3sDfdPeG9Ik34kF9Gbu_A_1S8tZFJYDQNosQDQdbQLT3AElOHfcrOf1Ev7-kKLAN0Cz63KrQCRWhzSn7cdzJl94oOSR21UaTNQ0Xo09d4t7TpH--J2at34gR9J44eDtn86fJQyqt33shdT3AvwhzTqbmMCfeIkCF02KRb3Nyg-cF5Oz1V_OqC-4KPkvaA4YuRqoH94KKRY1if6xpZisC01MoKN2Alo3-Gvz3HGOkSQCHW20IhIy05HucQRm4JSyWKJ4xlXvLA&cid=CAQSTQBpAlJWSXk1hpRRU9THdP74DO6vW1iiu4zvhCOvsLE8fJAeESVTP_XYHQa4XH1DkPsWhTbJpvDpPHCYbx8t9vhrjZYA-dNxN0ZppGuGGAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&ds=l&xdt=1&iif=1&cor=324828734998716200&adk=2991528825&idt=208&cac=0&dtd=593
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-e09f10f-a7b8af42.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e57d7d6928fa7aecf78fc6ceccce1f518cfee8be09875e44fb1660b1367691df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:03 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36813
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 4EF7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssc4eWGQ7vXlnTs-wwOAh2tv-kn3bC7in0ZVww2WJ7H0itKF15ge52DFvsO5NYvTjR63qvcPja0FonIS9c81ZeGh4wB52VjcTLQscFA9P5hT85llCDTKAmL2CY1IsnHNOCWVQs7ARrtqXpV1knXD4KO91v11-P0KFjJLd4OHp3hN8UpsdV5sEaY2_DthNmFQoWJNUgfy46P5W4wCg7D_Fgu90JfhgVTe1KE56vEUCCxMT-B2kILYl2v0IosC4cfswq5EKdYwPxDUlRGyphadM857DFkRRecqeS3ySGoHDQCIewiiHVSQOal3hVPBCyfxQMWGr-E1OkkpDMSpLgl9r6Xft8&sai=AMfl-YTwNOVg683CVjTW31oxSzN8ZMWNeSbK1R8EJsyjeJMTb8ubiTRWMbbxmJW3JViIqaMeJQ6922HSFgIYsgMq4BNq5cvmAWJOiJheMCi1bvcrM6H9-kyXT4k07XhtfPQAR0rR92s88qiuSD1RFRKwhg&sig=Cg0ArKJSzCkZc5_dOCYnEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-e09f10f-a7b8af42.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 14 Aug 2023 12:50:03 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 4E72 		342 B
178 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ3FExD_0j0Y6_fayQEwAQ&v=APEucNUmqZlCbjXlD6fEmfTcV-oqHJJ3OshC6nFDLcnsd-CiFvntuHjULZEk-KL-Olrpg3esgK1OgkWMxdZ8e7EIbi77TuvQsA
Requested by
Host: 0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com
URL: https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5d6b864869c19ea1f500174a8dc3f327fd5fdc7e8f92f569788a6744341e4f27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
158
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 14 Aug 2023 12:50:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7F85 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4279349255271&version=m202307240101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7F85 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4279349255271&version=m202307240101&ct=76&x=1&cor=881002894574673800
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 7F85 		77 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B56NkB9pfEafIJ6rK9v1d0SICQyKo8FPfa2fQRsrDyALJ7m5ciDdfrS9F6jhQhjahtSutf6XcwZMo0YIwU55-Cz85B5g&cry=1&dbm_d=AKAmf-DBeQ4sWQv9z0kHX9wu_hqufEsCOz7eeRa7BrJQPVZGxuPMtRiP7-i9QeczSrxMWtj2AsEO6SYWVdWCIEYxLzx0hVFplXzpeA-25OcE3Hz7ZagWaec2JPDpehc1H7PGNBs6rkbeaOJxtwc3dpVR9i1bSRbj9_TV4W3eK2rgl-SF0erM4KmteBXUi9yMTFhBPk0Sg-VqK8kitwm6D5Dxzz34Kal30eERdqxIpdlTU0PNVntJ3iB-vm38M4V0q4MTAcxg8MvrA5vwEzW_JnWDZ-wXJ9nEoo3ra6unNQVsPfQyxHNPqBV13Gnllklu3Jben5nPuOeg9n2IVI2nayQRUmfb7Psxu7ynRB5hFO4LkXLMPOgKo3oqWYX8xwhOvNElzSVwRRezXKE7PrBNPXzeKJ3AZQkgZVLdQh8lRe4vTlzGYRjiLvMDdPLG74PC55tc2s7h5R4KkBoXJD_yzNfQLsB2fBRG2tQ7qrvZsQFSEocrWVw51uliUs2KlADWb4QMdGb4l6QuHuvpueMoRb9DrDc-C6ddVKNRzTTQj11DhiStnGHobDdqjtzNQjGP__wBrXxPocvARw48f35Khz8-3XHlQVPB-5zhbws89_UHcmkqI3jYtxRg3GRP5OB2upfSBZT0ZNpOErJ6wV8SXcnj90DLRcFswbGiDMlAy3bmX5kMB3Hhh13_OSZiB_tkS9llqWi576rcwyc2xL8vsaIdiQX6y4TfaHvEf7F7SAO5Gbbq7lvkPd6WSJsewFT2ey0zhbbFFb8hVK87B4FOrNBv_2mganrMQ51X0tc6rg_GEbVE1yfkypb7ZVJRoBzc0xGH64GyCNN_3M5DS7N0iEKFf6oaITUeRe_12pdGzqOPA8Xkxy2aac5hyIZZxYKm0_OcWJUyHQKdWpvodJS6sIpGVbxLBwuro7JM0Cfps9S-AI9BvNN0BjTrxr8fspkMPHzMYPOusjZJCZbakYgmFjRSZSzkzLK_GLh3kvT6y5xcsuKf0M5K5dtXZ1yksEQltsdZuJkxBuXKdmExNcqjqsFRofWPbbah7vCDmnsfoqlNCR1eFNUHuVgVRmh1iSAtPbIhys39L81zL8TvryOWJBNHt76PhXd2ACxWYjbA2WurciPuLCVwdeVB31UXVf8UUA4KKM5MwQLYy2VzR4cw0-rrafv6tnytq2vVwfZwar_lG9ktN4QIXOj19oQjaTjwokslQD7iQ0pWD3d18Lct6yhsFQZHCVvrK07G-ARtj5jnU75zhPfgWkRI6oiqW3BhTOmLMCvrKeZz-gk48nCz-Isi2qzDr3oFK3Tqy5rZ6MGzpkuCvcCrHiVH67RrDy1Y-So2hKD71g8chU7gqlGbhrTDnwGB5PCr4acohV-DYEuZzD0i3smeG4XGY5eV0M-VayPcDN1gZcnAO_oMGRmigsr91FK2hgzai-C9orYlg51KWEB-4XL8hUk3dizneShGI3RVpTg0wNfvm1TWz7paxUXkvG7-uNdS39JSsJg16i-02PshrrBo38NyFf4v0Di_ek7cYwNY7MFGKa80PCk3vWTybws-T9k_rYGuN1PvzyhNmYdw6LAFGcBAGNfXpWiezE3oosVtT57b2rmqGEfkFGCemOTvquuYKbsjbhpBpJg1ZkHNGMV67Dbp2jHUc9c3voskETaOsieLXFJB0XrYkSfyWOIUOc0kwO7oNCPQ39C33OeViDRm3o4XkBu0oDN-aSelFMDpCWsgr9dY7RM0umXTLsSJ4OR1HgSbvDLBucrizaoXuZh7gXtWZK9_ij_PRBg0nd2Yo-7KspFnogK9fwygTDJcAJyQ2IBalWdWLWqDfF9qFgtpqAMyxXSJHQSaHnvAdlKafZMFf6xv_h1JdrgIkeZTtGszuUSqxhLmUlZy2Rnk3ATiecTuw-z_mnJCcimAe8itum716M5_-tDsZfqtVHN7IePIGWXG2djEs1cu0uYcYoq-3lu33Xg_Wh5g-af3bgPqEVO_l4X-fMCBXYzGhzjsq183h-siQRWDxq4wzNIlX3IrimhCnspoxLOk7pjj7rCVsp01B7ps8AiJTp8kiBrrusnQmbccwsMftPJ5R5nfeuYuaKEaXEa61ruDOlmiVyB5so-IapAOHI2W1kr4cixtUPD84VZ0z81JOAnQQ2cT41LysQYbe2tJ9dxcvs-sH6Cv2xqQIV7Aa7xMXidD595sxgiXrRsgU9Aq2JztomLBuHUn02pe3vJ-pp1VMg8jucqpxkH1ygiz0O5vRwkBiu1vAP-qaBezy-Ni0dLQRTt6i-H6kAXjDJYe0Lq6yxe1Cr4Ys2jM_eb9FFz4iei_g4qmCZESBo9b0kSSMUUDq_dpVGj_Xs2PeaOtEKtE87MN8AUzTaf4WODcYiFTd5FxZuvCekjh6Ak6Ux7rNTBkITClm65GpNzOXui6TpfnbgcwXzS6y2kDWJnXOhRGacZvzNshMaSHq8EuFwvU9hwZXMwXaPK3JeSA1jAFHfOhEnZVJY39nrmUTN0ulv4ImuIVH5D0_VIyeT90NCBJGzmNLBikZZ4Go08MO0DDW0XlxCFyc288Td4mUeZJp5bklcpcZ4WDWDdUry_xmHWRDJh_ySrZp7XKcdDPXkibh7Fiedn-8eAhCF3Qk68q9uTwulLz8sNobGuHoj4GJowF-bGB13C20_S3526BTMLwbijBNCbwbiv3o9bEHps4rYS7HzFIL2503wc4asBEvQhmmOiL8JIx1LQA-NpLrWeNjy5Eso0shvCGws12rFgDI6KrSsRId2Wj2-ex03WIiL_45hqK1ZSTae7EzaS5LqMDqYo1kf-Uoky4lwR12G_w6Dmgz3dIVttWYGCyWEeHyKlXmtqCSGRJxr5fREDy02rpctr-l5RZc6GlUUKpExYAsWSbSC9rpgIOo-ziaabxl0rPoqNisy603KTS2HKAwXS-JGQLP6rhy3U91PtiO72sWkSpX8smZiTuZXJ-eMdrrvwsTueroO23oc2g2_0xp-LHnSHp_9_2Ln9g7CCq7hAb-0Lfd96Sky0Hwh910Nyt__Wu7ocha4F4x6FWspW2Mw-3X_5Rl7Q6NSx5qtRUVfDqzBYSX56_fxa-qVnD7IPxTlkg0cpLChRqyOJq2KrD6oDTr7XJANRzhXTgzAo-qMBz3cjqu1YSpptEXM_ylgxeCnr6t7nX3sNnxYMRz-vYXys2E8yGinwV04IrE46ZchgSMvzeB0iQ6i3VjugAQq25Rwni7e1O4AXkJ3cBZ0T2U6zm6lVavO6TxNz_1h2euOjIh2RP90ihTwB6TtMEWUqg2DpoHDOn91wrjPIjvbEFPK8MNFOqyV8PoVIbIQO2A_YmWFwvBiw5UsNh30G2WLJ6VMtfyeFYkntcraDOXg-KSEuQrQtVo1Vf0t54aYQr6QwsA3Zclqm305AIwFgikqA6lvvgr0BSBibeawpWoI5pVtCxl0E11-1E3oX8uPwcg9MaEZ0AfYLxNcXHLn3Wwkd2QDqpckkcqZK9no9lQxGQ2Z9Edg5QNChvPq02brEqZmK5oaNUX2514t6nfxTHnaLhn63h_2Go1dmL_dxe32xRfzg0fNs9UqOfkJWmOGRoqQuInFfqbs1aook3tzonIQ&cid=CAQSTQBpAlJWSXk1hpRRU9THdP74DO6vW1iiu4zvhCOvsLE8fJAeESVTP_XYHQa4XH1DkPsWhTbJpvDpPHCYbx8t9vhrjZYA-dNxN0ZppGuGGAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&ds=l&xdt=1&iif=1&cor=881002894574673800&adk=1988966538&idt=215&cac=0&dtd=85
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-e09f10f-a7b8af42.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7f16dc7dcdb9178187f378daf1e34cf972d5b15b5002ab0b0a8dfd703844e1da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:03 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36744
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync-iframe
cs-server-s2s.yellowblue.io/ Frame FCDD 		802 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152media
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
35.169.215.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-215-20.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
4e910ecba81a32520bbafe044335ab6dfb4e18bd8216a72d147f4f408074d286

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://sync.quantumdex.io/
content-length
802
content-type
text/html
date
Mon, 14 Aug 2023 12:50:03 GMT
server
istio-envoy
x-envoy-upstream-service-time
4
/
onetag-sys.com/usync/ Frame 1128 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152media
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
setuid
sync.quantumdex.io/ Frame EE21
Redirect Chain
  • https://sync.1rx.io/usersync2/rmphb?gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D
  • https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
43 B
117 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152media
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
7f6952437edf9abf-MIA
content-length
43
content-type
image/gif
date
Mon, 14 Aug 2023 12:50:03 GMT
server
cloudflare

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Type
text/html
Date
Mon, 14 Aug 2023 12:50:03 GMT
ETag
OPTOUT
Expires
0
Location
https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
Pragma
no-cache
Server
Tengine
Transfer-Encoding
chunked
sync
capi.connatix.com/core/ Frame 8C8F
Redirect Chain
  • https://capi.connatix.com/core/sync?v=313598
  • https://capi.connatix.com/core/sync?v=313598&final=true
5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/sync?v=313598&final=true
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H3
Server
104.18.1.32 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa4963a149a0053c40435d8c21ce786ab19ee89ab2594889b0d4c53bed2c68c5

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:04 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
7f695249ae9631de-MIA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Mon, 14 Aug 2023 12:50:03 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/x-protobuf
location
https://capi.connatix.com:443/core/sync?v=313598&final=true
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
7f695243ad538dc1-MIA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400
ucl
capi.connatix.com/tr/ Frame 8C8F 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/ucl?v=313598
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.1.32 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Mon, 14 Aug 2023 12:50:03 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
7f695243cd658dc1-MIA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400
pls
capi.connatix.com/core/ Frame 8C8F 		284 KB
44 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/pls?v=313598
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.1.32 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
945e21405266956d0127e1166031702b0a30c6996d014a68fa0107d5a2e60b09

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Mon, 14 Aug 2023 12:50:03 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
7f695243dd778dc1-MIA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400
player.css
cds.connatix.com/p/313598/ 		68 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/313598/player.css
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.1.32 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc5cc57b97ed7090094720e46c1afec8dac7d1ae17db4c4648176078dcbe97f2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:03 GMT
x-amz-version-id
ywCC4NUjpeaz7WckernJ89fG16Qm1Svs
content-encoding
br
cf-cache-status
HIT
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 14 Aug 2023 11:35:24 GMT
server
cloudflare
etag
W/"c3c2cde925a7a2d0193570f1e290e2ac"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
text/css
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age
86400
cf-ray
7f695244afd125a1-MIA
access-control-allow-headers
range
expires
Tue, 13 Aug 2024 12:50:03 GMT
omp.min.css
libs.outbrain.com/video/outbrain-media-player/current/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://libs.outbrain.com/video/outbrain-media-player/current/omp.min.css
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.220.189.76 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-189-76.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
9a5ae44d839cbf3b062f5dd29191a15cf0ba4d7683bfb2463a0d7f31c3145c6d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:03 GMT
content-encoding
gzip
last-modified
Tue, 08 Aug 2023 10:46:31 GMT
server
AkamaiNetStorage
etag
"bf196fb8b350aed7214de45ca5129d1f:1691493079.741638"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
1805
expires
Mon, 14 Aug 2023 16:50:03 GMT
252.bundle.js
libs.outbrain.com/video/outbrain-media-player/current/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://libs.outbrain.com/video/outbrain-media-player/current/252.bundle.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.220.189.76 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-189-76.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
9d07fb6a85f0cb749d620cbede61dad7e9965e6479036a410d8e4732707876b2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:03 GMT
content-encoding
gzip
last-modified
Tue, 08 Aug 2023 10:46:31 GMT
server
AkamaiNetStorage
etag
"28f8d3962e5140c9636db11027d0acb5:1691493078.109716"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
1191
expires
Mon, 14 Aug 2023 16:50:03 GMT
json
server3.vidazoo.com/campaigns/5a9ea5a0225f7d0004c70045/612b515fa94087000435798d/ 		24 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://server3.vidazoo.com/campaigns/5a9ea5a0225f7d0004c70045/612b515fa94087000435798d/json
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/vpts.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.225.0.15 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
17389d972cd773e79c2ae5e5518068befc541f5f28944650a1fe0a832c642361

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-type
application/json; charset=UTF-8

Response headers

date
Mon, 14 Aug 2023 12:50:03 GMT
content-encoding
gzip
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nypost.com
cache-control
max-age=0, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
content-length
14398
json
server3.vidazoo.com/campaigns/5a9ea5a0225f7d0004c70045/612b515fa94087000435798d/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://server3.vidazoo.com/campaigns/5a9ea5a0225f7d0004c70045/612b515fa94087000435798d/json
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.225.0.15 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://nypost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
access-control-allow-origin
https://nypost.com
access-control-max-age
86400
cache-control
max-age=0, no-cache, must-revalidate, proxy-revalidate
content-length
0
date
Mon, 14 Aug 2023 12:50:03 GMT
AVmanager.js
player.aniview.com/script/6.1/ Frame 3243 		475 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/aniview.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1402:b800:78d::2c79 Atlanta, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
c7b335cd4f99f54a92a1d88d6548647d52d94a3ceaafd5b36fd1d0a88b63897e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:03 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdssHpomHzUvi_lGPm34lwwIu73Fzn579Mra3sWeN8wPbQrtfTyBA-em2zJzLEx5A3DDgcXmbkCm65oQaYom9e9U8w
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
130353
last-modified
Thu, 10 Aug 2023 14:53:46 GMT
server
UploadServer
etag
"2f3f0a7b8c93d6329e52026450f30184"
vary
Accept-Encoding
x-goog-generation
1691679226027236
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=e6p0/A==, md5=Lz8Ke4yT1jKeUgJkUPMBhA==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
130353
accept-ranges
bytes
expires
Mon, 14 Aug 2023 13:00:03 GMT
hbp_master_270443_10247.js
player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/ Frame 32A4 		469 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
fabac3dd70ca2dc3fe76134e78cc621a9855872bd8e9274b977a6932c0adb3b9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires
Wed, 16 Aug 2023 12:50:03 GMT
date
Mon, 14 Aug 2023 12:50:03 GMT
content-encoding
gzip
last-modified
Tue, 08 Aug 2023 09:07:43 GMT
server
nginx
etag
W/"64d205df-7545c"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
x-proxy-cache
HIT
hbw_master_270443_10247.js
player.spotim.market/prebidlink/g2USO/ Frame 32A4 		261 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.spotim.market/prebidlink/g2USO/hbw_master_270443_10247.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
05f7cf161d99234aa8ef94e08d61e12aebfc291a4c213c66de8ebf4d0377fbfd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires
Wed, 16 Aug 2023 12:50:03 GMT
date
Mon, 14 Aug 2023 12:50:03 GMT
content-encoding
gzip
last-modified
Tue, 08 Aug 2023 14:45:24 GMT
server
nginx
etag
W/"64d25504-413b0"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
x-proxy-cache
HIT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/ Frame 32A4 		400 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js?cb=31076935
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0b4bb74c7f550162d688cef16db8298a8b697ed71082729828f0bfc3b6bbe4dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 08:37:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
15155
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129487
x-xss-protection
0
server
cafe
etag
4885750571797100496
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 13 Aug 2024 08:37:28 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 048C 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D9e327913d98873c4%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/29f836b1c2dd7f7b?ct=1&ruidm=1&du=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D181225%26dsp%3D629319%26t%3Diframe%26uid%3D%24UID%26us_privacy%3D1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.220.188.195 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-188-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=34063
content-encoding
gzip
content-length
5606
content-type
text/html
date
Mon, 14 Aug 2023 12:50:03 GMT
expires
Mon, 14 Aug 2023 22:17:46 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usermatch
ssum.casalemedia.com/ Frame 3F0A 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D9e327913d98873c4%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/29f836b1c2dd7f7b?ct=1&ruidm=1&du=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D181225%26dsp%3D629319%26t%3Diframe%26uid%3D%24UID%26us_privacy%3D1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
a9c57ee861a52608fb584a41d929b404f290e077cbb7b9df516aa491652d65b6

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1529
Content-Type
text/html
Date
Mon, 14 Aug 2023 12:50:03 GMT
Expires
0
Keep-Alive
timeout=1, max=500
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame 88F5 		1 KB
997 B 		Document
General
Check archive.org
Download Go to
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/29f836b1c2dd7f7b?ct=1&ruidm=1&du=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D181225%26dsp%3D629319%26t%3Diframe%26uid%3D%24UID%26us_privacy%3D1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=157680000
cf4age
0
cf4ttl
157680000.000
content-encoding
gzip
content-length
624
content-type
text/html
date
Mon, 14 Aug 2023 12:50:03 GMT
etag
W/"61ddbb71-5f5"
expires
Tue, 04 Jul 2028 12:18:41 GMT
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
server
CFS 0215
x-cf-reqid
2f3e4529a72f506d503131f1169599fd
x-cf-tsc
1688645922
x-cf1
29080:fC.mia1:co:1585621119:cacheN.mia1-v:H
x-cf2
H
x-cf3
M
x-cff
B
hbp_master_270443_13401.js
player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/ Frame 4655 		469 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_13401.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
fabac3dd70ca2dc3fe76134e78cc621a9855872bd8e9274b977a6932c0adb3b9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires
Wed, 16 Aug 2023 12:50:03 GMT
date
Mon, 14 Aug 2023 12:50:03 GMT
content-encoding
gzip
last-modified
Tue, 08 Aug 2023 09:03:36 GMT
server
nginx
etag
W/"64d204e8-7545c"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
x-proxy-cache
HIT
hbw_master_270443_13401.js
player.spotim.market/prebidlink/E180Q/ Frame 4655 		184 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.spotim.market/prebidlink/E180Q/hbw_master_270443_13401.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
e2aae31334bcac08063fee99ef40adb322ad6a09ff2a0952fc9cc1cd2e523a69

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires
Wed, 16 Aug 2023 12:50:03 GMT
date
Mon, 14 Aug 2023 12:50:03 GMT
content-encoding
gzip
last-modified
Tue, 08 Aug 2023 14:51:22 GMT
server
nginx
etag
W/"64d2566a-2debc"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
x-proxy-cache
HIT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/ Frame 4655 		400 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0b4bb74c7f550162d688cef16db8298a8b697ed71082729828f0bfc3b6bbe4dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 07:06:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
20622
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129487
x-xss-protection
0
server
cafe
etag
4885750571797100496
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 13 Aug 2024 07:06:21 GMT
rum
dsum.casalemedia.com/ Frame EFF5
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=4f9f154a1fd921b6&is_secure=true&networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAL-gR0RlSBeAM-RNnfAAAAAAA&expiration=1692103804&is_secure=true
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAL-gR0RlSBeAM-RNnfAAAAAAA&expiration=1692103804&is_secure=true
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Aug 2023 12:50:05 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:04 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAL-gR0RlSBeAM-RNnfAAAAAAA&expiration=1692103804&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
rum
r.casalemedia.com/ Frame EFF5
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
  • https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=d6b17afb-b9dc-4997-9b71-8ab66aac7c4f-64da22f6-5553&gdpr=0&gdpr_consent=
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=d6b17afb-b9dc-4997-9b71-8ab66aac7c4f-64da22f6-5553&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Aug 2023 12:50:04 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:03 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=d6b17afb-b9dc-4997-9b71-8ab66aac7c4f-64da22f6-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
crum
dsum-sec.casalemedia.com/ Frame EFF5
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7015751175867750616&expiration=1693227004
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7015751175867750616&expiration=1693227004
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Aug 2023 12:50:05 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7015751175867750616&expiration=1693227004
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
usersync
sync.springserve.com/ Frame EFF5 		43 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.springserve.com/usersync?aid=1000005&gdpr=&gdpr_consent=&us_privacy=&uuid=ZNoi9Ggn7zBNSI16aEKdmQAADbsAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.50.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-50-168.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 14 Aug 2023 12:50:04 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
crum
dsum-sec.casalemedia.com/ Frame EFF5
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=969188718189332721
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=969188718189332721
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Aug 2023 12:50:05 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=969188718189332721
Date
Mon, 14 Aug 2023 12:50:04 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ZNoi9Ggn7zBNSI16aEKdmQAADbsAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame EFF5 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZNoi9Ggn7zBNSI16aEKdmQAADbsAAAAB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:d83a:9713:23f4:8b03 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:04 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
index
dmp.brand-display.com/cm/api/ Frame EFF5 		0
0
crum
dsum-sec.casalemedia.com/ Frame EFF5
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=b7GxuppY1Qvx1d5
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=b7GxuppY1Qvx1d5
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Aug 2023 12:50:05 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 14 Aug 2023 12:50:04 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-788-g55788f4#dev-temp-decrease-retargeting-updates-batch i-0a15b899c0a19be84@us-east-1d@dxedge-app-us-east-1-prod-asg
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=b7GxuppY1Qvx1d5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
sync.quantumdex.io/ Frame EFF5 		43 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=ZNoi9Ggn7zBNSI16aEKdmQAADbsAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:04 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7f69524a7aba9abf-MIA
content-length
43
content-type
image/gif
usync.js
eus.rubiconproject.com/ Frame CF6D 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.126.114.69 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-114-69.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
79174ee77b6396cce4fcb7cb25caa2eef27936e6d5dc920a88ea4dfe47e179cb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 12:50:03 GMT
Content-Encoding
gzip
Last-Modified
Mon, 14 Aug 2023 09:42:34 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=75184
Connection
keep-alive
Content-Length
10116
Expires
Tue, 15 Aug 2023 09:43:07 GMT
log
hblg.media.net/ 		35 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?logid=kfk&evtid=sre_events&itype=RTD&abte=CONTROL&adt=desktop&cid=8CU3I8M1G&ct=MIAMI&cc=US&ugd=4&pht=8101&pid=&dn=nypost.com&servname=ssp-serving-6446fbb9-5m4rf&svr=1010_326&sc=FL&version=4&vh=1200&vw=1600&vsid=&vid=00001692017393434006462152372511&requrl=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&kwrf=&winner=DFP&isEmpty=false&size=300x600&dfpAdPath=%2F5850%2Fpost.desktop%2Frec_atf%2Fnews%2Fstories&dfpDiv=div-gpt-ad-rec_atf&slotType=Prebid&supcrid=div-gpt-ad-rec_atf&adid=&acid=&pvnm=&dfpbd=&ogbdp=&curr=&bidId=&mnrf=0&mnrfc=0&bdp=&icurr=&dfpcmpId=2707512692&winner=DFP&isEmpty=false&size=300x600&dfpAdPath=%2F5850%2Fpost.desktop%2Frec_btf%2Fnews%2Fstories&dfpDiv=div-gpt-ad-rec_btf&slotType=Prebid&supcrid=div-gpt-ad-rec_btf&adid=&acid=&pvnm=&dfpbd=&ogbdp=&curr=&bidId=&mnrf=0&mnrfc=0&bdp=&icurr=&dfpcmpId=2707512692&winner=DFP&isEmpty=false&size=300x600&dfpAdPath=%2F5850%2Fpost.desktop%2Frec_widget%2Fnews%2Fstories&dfpDiv=div-gpt-ad-rec_widget&slotType=Prebid&supcrid=div-gpt-ad-rec_widget&adid=&acid=&pvnm=&dfpbd=&ogbdp=&curr=&bidId=&mnrf=0&mnrfc=0&bdp=&icurr=&dfpcmpId=2707512692
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.36.23 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-36-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:03 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Mon, 14 Aug 2023 12:50:03 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 06C0 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9752305553431&version=m202307240101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 06C0 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9752305553431&version=m202307240101&ct=76&x=1&cor=8767548886201324000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 06C0 		77 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CQuDGNB9x7sY4Vh4VX0iYKnTbhdn6-PzXmrfYp_98wzYGvQR8WVjZ_Q2KaT3curTstaL03rihaqJFsz9pOdmVIa4eLUw&cry=1&dbm_d=AKAmf-ADs5TS3nXd03GcbJKuYmxlJ7IowCMCDNfq_skLjRasfxqAYWn-9uSf4F6EGhtBQvifRi_YlNfexkNVfs7iA-rAeEKwvSdute6zepmTnyIW8hAOI5qRNBALjuexPifm96jx-lqnzERLkO1LIQTfVtWYE28xOMSefV5SvXb4MID8Gmxk4s_utMp3yKr789a1XovDo2oxa3AnnMuIgiGmV2d_yVHizafZ7Z_CRSwNVgDiGZ4fVy3p8tqqJEsjweonMVNGWFj2FY0hK32uZ_fybhYPPdqfRdmmajiWg5Z7vXIq63I6rFTxcd-pVnOZ2Ph5sFPD95z4GK0lqEbj21EWSEkD6NOGSG5pW49YG_92SH2B_HcscjaidK2prBZyFNymqdlWD7mXTq01XXHgAXRG5xBd6T7FqFSyAlDLnxizo4w1wap5A_8GwRyCV5IHHs25qYA5hGQGTU_lSF8eREhT6rjpxpVNS7T0DbSO239sf_kF6ZHSYSc2mWlijTnAIcyy9v0dKOoDfG1ss6DpFrEdgw8JaNmPmcc_brcoPJ-mDWOP-6WaE1aUzJXpdY-TEjvCVZme-JLqssvFz-V8LyiQb0srmokxt-zEgLQxCGwxmjHerJoZXBTKEC4Tg_Bs8HUNVX7N-smFvMgKSBWeCy74zBJoTNFDlw8Uo0cbt9QyKsaGnWuAgQMbB4W1PQ8PFlrBfG89jOr7RybTizAaiOkCHKCPBdNsJuGPiMstD8Ouk_bWCiolxupfBl7OQdoDAdaotve0utrOYV4mbtFhfsbVCB1WvYaXy9dWVUaUID4zkqe9yUocW7T-UYppjO1o-C98uTBzV-m22FAMC39hxGGr2pPuGCDHppjWVtAW2tVXlhNs8tTga69BilB7t-OJilrAINjE8lkoTCYXcbpj19lCGXIy_kGpwGwPqCKzIdlhGaB7Zc0AIHWzkQot3dFS1-w_2DwKJcKnxZ6ybtZhfVkEDSEk5VKzVpTi2-DxOXKE1dO_zJGf8WWLWfdw7_zmblWXr1XxRh4XXT6OPh7aVUTWXQQutIkVbRG9FI7G1JA8Ok0-__5cDBAqSt5zZjwELLBpydeYQPn72ZG81Q-8URuN9soFgZ38JgRASWX7xE8ROpJkNlxu5iElrmDgS2FPJxZBKbocQhtihVWEz4MVCST04R5HjcexVd0JFkiXUcPzod1hTTUEMAyfXjtuvbaUCiX1KrzfFoJfWPCYwWl5wLEyXI47ecq3bILncaYtmu-sVsgGTxGsryWB_2KFB0pTTObp_-_G2J8l1ivDHHS-qs6SNGz78GSaZWNTAYbRU4nN8lnRZbV5IVg7T5BoubY4W2eUanMYA8mgYPrqBjz6X-u1VfOTqh-58F-5hkkaQdHiNBjbfUiCy4knKxyty9X831imQHBSGIUXZYr85UROSwYuTtJqeQIzwNuwDmEmSPeRpJ7yF4Ckpwn9JzTWHzjlsXmvU6T1KEvpFH8XF-_fl5nXWwbYDoFamgcfUbGooXDQ5gxAtTJUBrCxQr1HfNj8Er-dPcr9eKCUlwhzRG6k4lfT3lJN6P-e6CBdIdVy4YxZTd8JoYcy1FZ0COKzQ-jJvAqT-aaePOtYECQ4vSoXmcB8PzVB0TGQ7f3jGrSrVWQJskruEgxpsPZxBuFA1CdLWwI-dsdaHsVH7vqpeDQa9oGClOACjhKXwfPNPTx-NVlvqtQmMKtHK5IKeFR8dO7pdI9mtPCAirKfTkYy-D_rIcN4FtUKKS7FaiTmqlDW-x_WPzsDGTQ5UtuTJJxWcSBvxfiE50QqjWTa779AV9ETTeo4oLZ6uUuC0Yj7_rQWmzbWSGMhEgaZDoDipCUh0YjzLrQd8xDnCmM3SdloOevyaYHqkO63ouiR-6BfgNJvKuvWArrZR788rPbnxD1s9c8Ze9zx2_KaenesBoUAVRh3FIsnXssqHUsgS7w0uLMKvh0p15JUK9XRPceP2MWOxQ0sz355aUzPrFW1_yBLIXEwm-BXKIb7Usa2LIY7wA98kpU4OyqCVGchjchyD2-AVcrfKQtvbuuVH3D7Rghx37YkVDB5rUou6wSuZa8VoFFrGtCAHYKRSaYRNdsKb8c8rEzZakG42e_ApIGWZQXh0YcEbBFm1LJIHr5WnHZigePuvWHsChXguAdTiSVbzzNXR8vM1Ofnbf_s9ZcAVUu5rA9A3gIevqpa1qKVLpwFt-8RlpA1u9uNWAbeQOftBTyzQVBIhoYC2N-Kmbm-c8qcv5YJlh9iZAIg09IcqROJwoOPG10IaCJUGpY4mtegQEJ2ZkRe6PiuNS2B5ae8AwhMK6XqE6bxPBymCYWB6IUb6Nk1aRKEOUYuiyfMbg2yEGhRAlp9qx1RrNhTcRC4pE1GgNYKZEFe1i5NN6LVQG4Cx8ceO6sp2JNdAwekrm4QjqXmynEfbNpjjXQJttpPP9btqUJOuf4E1e-7ztqoC3yQt6PtmkRiG_nl95b4_pR4zyN11ZjEwurrTXpCcmWBYF00HE_0EaTeRm36xfDQ6DIup1xuj0G-jXqQ-KTBDG2xz74Y7EjjcNx56Fo_IvbrIypY5cqtQz9TsInGsZS9Ev0lT9fbSOxiHeLWIYdw4p6zS2Vgr0Z0ixFwoPLQjowPKJ3Bb5lLEaynGBtyKqazztsO_wEoH7NxhXTc91KtNLEMqFgLMyqJ_hocjyaRZRyUDSgoDUELkFYQpMfyFP7B6mMSfWKaHXOR3dZif53rh4QSe4oXGkRMcZklsQOvYFdS2TBMLQGSjyuQeg9LzvR1izNaCUCJapWMu00b_vU0yb-SWTy5ZfMu7vwa2uDrSuuyqiCFR5gAOwiC_OFWU3QOjftZjZ38mLIrYWn-ZpBTmkJyesAR8KuXQVxhvgB7Emmk12s4tfULH8CNc9xGIAZ_52Ug9t3XRyVNkmTt5E0NB6nWqJi3AFWUNRM3JJsoCDYPmp917xL21m8JYK3dUwakaEGQz6qEUfDTUb2ydxKqI6BVwKbyfOWVDQT6QV2TwpQfrBlUVGov6JfwE685UmGNpB9K8Ej0GgratWC63U02Un9Qln2UCc2Rza1a2XQe2M-tdulUXRaMcK-NAnEz1Yvui2HCel4KQYJcFGBkSTSVQVcG3g4vGJ91AnOrG-NH0mwM7qEUGDTH4mb28KQxk7nuBUbhmw2ikat5QzsSw8FuLxQDGm6Jzp4tKWnZMe74QDIf2EXW7vh9I-kuxqVpREGmZ3BDhBymZF8B8wsALK2nC6R7VwGh6iGssdt_xgkJ7YmfZjMlx7sT0e3sq4cd7aqgATMRSKG4zx0sUZpobi21GvwKU3bOkI_sjBCYzAbYZMAngrHRU_bwja-jO8yrEktSu9mZYq63OytZd6QD2tM0xlI9zSU1SN5F4vMwjnUnDNqu_EUeobWrW7lu4kVro8jEP4FdH-6tQEWGHpmeQKQN-RYUYC8cLljI0WOJV6b0ZvrxCsRwG-pwKWhk6pO1vN_CSdcmd2tuOGixP9Fzm7lqALOYNOLEzwCxnK3mTR0VYcer2iUCEhreu1hbkPqs5jHHL8xTp75R43hyN97vL5nw9e8K6AgNveKP8di6NgtzAeo6It19Lq8OxLU5UvnuacTwrA&cid=CAQSTQBpAlJWSXk1hpRRU9THdP74DO6vW1iiu4zvhCOvsLE8fJAeESVTP_XYHQa4XH1DkPsWhTbJpvDpPHCYbx8t9vhrjZYA-dNxN0ZppGuGGAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&ds=l&xdt=1&iif=1&cor=8767548886201324000&adk=3391746962&idt=127&cac=0&dtd=145
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-e09f10f-a7b8af42.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb27773dd227b67b4ab536a528d276c231e476d85bb8d609ee70694e25a3da8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:04 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36637
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 8075
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN9If2Mz8By4UQ2Yjy2CZQY&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN9If2Mz8By4UQ2Yjy2CZQY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ3FExD_0j0Y6_fayQEwAQ&v=APEucNXfJ__NwFlAFnSoFuHaJ9OOrMPyg0BMbuXdRAQhk2d8fk9lLZwwUkaLmv_YY3obT3yM-IqeoVnEwsnQxOLgb0eritgP8Q
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Aug 2023 12:50:04 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN9If2Mz8By4UQ2Yjy2CZQY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 8075
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZNoi9Ggn7zBNSI16aEKdmQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN9If2Mz8By4UQ2Yjy2CZQY&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN9If2Mz8By4UQ2Yjy2CZQY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ3FExD_0j0Y6_fayQEwAQ&v=APEucNXfJ__NwFlAFnSoFuHaJ9OOrMPyg0BMbuXdRAQhk2d8fk9lLZwwUkaLmv_YY3obT3yM-IqeoVnEwsnQxOLgb0eritgP8Q
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Aug 2023 12:50:05 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN9If2Mz8By4UQ2Yjy2CZQY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 8075
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEDDR-4Rlpgz-EDGr0oZO8e4&google_cver=1
43 B
875 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEDDR-4Rlpgz-EDGr0oZO8e4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ3FExD_0j0Y6_fayQEwAQ&v=APEucNXfJ__NwFlAFnSoFuHaJ9OOrMPyg0BMbuXdRAQhk2d8fk9lLZwwUkaLmv_YY3obT3yM-IqeoVnEwsnQxOLgb0eritgP8Q
Protocol
H2
Server
68.67.160.132 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:05 GMT
an-x-request-uuid
ca37e872-b22d-44f0-8571-478d00d6c3bd
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.69; 38.132.118.69; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEDDR-4Rlpgz-EDGr0oZO8e4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8075
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjEyNTM4NDkxNTE0OTk5NTgyOQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjEyNTM4NDkxNTE0OTk5NTgyOQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ3FExD_0j0Y6_fayQEwAQ&v=APEucNXfJ__NwFlAFnSoFuHaJ9OOrMPyg0BMbuXdRAQhk2d8fk9lLZwwUkaLmv_YY3obT3yM-IqeoVnEwsnQxOLgb0eritgP8Q
Protocol
H3
Server
142.251.41.2 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:04 GMT
an-x-request-uuid
a1dd8aec-fcb2-4031-a3a6-c9b74e8c15db
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjEyNTM4NDkxNTE0OTk5NTgyOQ%3D%3D
x-proxy-origin
38.132.118.69; 38.132.118.69; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A761 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7403416613494&version=m202307240101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A761 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7403416613494&version=m202307240101&ct=76&x=1&cor=5394226090910108000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame A761 		77 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AoH0LkKT9KU34VeZaCWql2Mldcsf2ZFyo9JL0pya2UcTyKgfXARxFuTQcfTt0ptaf2TZL8af7c7eNkHQoGImfJNqBxSg&cry=1&dbm_d=AKAmf-BjedWasEhuSkV-psLiiWD-eVvrLZN2yLcvQyQT6iWLR76Ffu3vDXx-4UQEuFaHMaNVOFBaYe9dGLLLEiR_xAWDlelsbB-0OCBCvIUSlarUbXmU2LYSG-V72tvvM7qXdfl8eLzfVBymnDOxCPjCUPxLakwJixFElxGaZ0W4QBCBksJQ44AfdDpiO3y03Xd08cF3UB-HjMGo_KIwDNgc5h2XI1nTXSKp-QZErSCc0tpK97PhtaWAOvWmEzgytrZTrbA48R4RzYIfwmi4dtS6B4eQCydilwN5qS-4LfIB-KwsuWitO61S8TrAxZvmb7LUwCtTBg7uTcslePi8VREQFUbKksVrJ4kq1WUZ-EXv1uqNY2_g4l2OfvFYUHNuvzQWj1ZHlFflUMSWAhINYcj5BxcClCAyfR_U0yCzvEvYnPK-Wqc9WqUXQJnSJiqaF6UNXIfkc34Qp86iRJJNZuw1IYYH6VUgWauhoUFokMUK1lz2I2EvL8FpaZi7C4Zi_LSnj4k9kKDodWCBq4T35GhBNAAycKvF3c28b7nckXbEpTw9rRpSRII0-93dXG4KMTtSdWDbx7AYcjgj-RnWh1h5BRAi8cTyihouNi2EjQbxAoYFypj2mNvEutmxCGI664IUU1xoBNOuMvQqug7O94dtwHB5rw5cDkHpjw3KgYni8HKlXjAu6gupdFpI4ChKs3_9CpOfAcRSbXxSe97M9AmHekAAU2bhWoCJUjYyrhBnmgFIdSdNhrYGJ72DCAMo4RZiEC9iyWpBEeUV5bTdyNGfzqdmfvgTRdtvfS94hDsQLiZtj098x2tgWDxyWAUwRLtyABJ-kB5nuL-VNM-5Mp-HA_uDEBQRPXKyl8GZT_-S8uKmYA_V9Vcf8Ra2IM_mX3uJfyvJwAGP6ZJI0VSpWiS2_krbjJDlGTfpWk6LgTm2fTUrrrbDi8sys_lpH507rrFH-aFNgkLV0TVsqMDI5AGOpAeaPMBIsWIeW_Ok3Ps0kTh2AURSNEpcwVzIMZrQIntDtAWTqV7P1Ne_BbQxmu161yjy-hKaB0a3r405jjFXztcgT9V-SdeWhq7TQCjmkuUp3nqc1tmL7-iiFIuV7RMLvGg1493qOJCXOxpcH3pSbYW2TjGJC4zKb8_L7iXJ5CjMcFKr_8ew6YomR7vqfrwcPNqCaAthpx3mjCM6_OZP-xgB4_tG9MUOygyPJmtBHrdNaPwpFGPsIN1LbmgiM4uRGBRkfTnRBgnC5Hl1QsgbP3jcFbFgWqoTvjcCi5rvXt0QhIYiqOGHYflG1yZSCmEaVfYLhwwL06Oipg4UDbA3CVBT80PxeNxHTLftBCXD2fXkXohZUUmZ_Ee2yKYlCxa4J78rLL2nJv9kASTTEtsGdRq01iExgQaaQJG1-bHDDeqh5qvRdrwKWfHRRjPm3rrSs945ayjl24Z1bzHKEtjnyUi3Vj-RUNo4uRxqrw36JibB_sqLyz6zqM6SDv1XC0tVEbYtU_OOHBLUw-jyQXr6BE3P-JZUnXT3ffqm44AU2M73RRBWnCEfL_vQfj1MPdZIvVUAfr2DIFsGEqrqXHsw9LZvEiJH-G0UV9Gu5n2BM-a77OfuvNtQtJuW-YVncNy05RlDlyQw4Mx1VMJRYPRV4uwVNejtMpgBcBqbigRqzfOM6UBGU6jp96SAZjCY5UJBEDasjUv098YFhytm5-PUnPZaBZGtkuWtdFurhWDE3VIIYf2Yb_3sIWD2O-enXvQKyNGGZNovauZ4AHAeZZiT5e6nPMYcGWnbkQfqboeF4XbJSX0KQGsjoXeitbW-tyUdtBYEzDMzbM3kFMfdHKPJaOBdzU2HOjtk-Gu_nrug6eHiC5NY21MFkV93srH_Q4rvK0CVCWaBnRbW76wAlQ5ulRIDZ2zVpGlLx4L-kFZGkvtq1BNKElCNoKmqcXrTATLNY18TXgK1MzX7lB6YP0Tyzq-fMW2AZjYxC4UUf-7p7C0xq3hrOr27h2WxcQOyQKUtkESyQVXxQtlbboVQh5I60uQEs46_2mrg0dTIx6KIsO90surGnBnTooYsGyavrm1bSgwHg8XLtxxbjTMMTwOIgnCfc7AmPRq6iqaCaDZqUQzAEZyfbS-Vk8lLEBiGMH1XyBKiWsFFLLn5IKe_MVOPHGjO8uh7BtNbQqhu69MZzaTHACsMqVkOfXjh-ViZPzAea7WhKvNSZUH4y5chOIqf7pKRUiPHEZKaNsTGHzCUAjSJgnZnheg0Zt0zWDl09KZ3gekIVlGNv4zA5qHqMRF8b8m8wLfEVxFO7zRVPArQ9DhbTnxR6CupMZv43sYEVvNEpA94udhhxsPPQyIfK0OlVjFhzDvbEJnPqFEg9dVyz6QExGh0RHyBJwj-8cMKrmyToretvJRF9qjNyQr4dXA39Idbn3brQKxgTrUkPt4ivh2APzHTg3Qk8rhhXkJg9jiQtnsXmd2KQP_bjJJtfihsj2rSg2vC1CbucvMCbcJSVQblXDKVFKarNqe5WDK_7FGj0ZmuFFL0sTGLj5lT0DGuTPpixMvUaGhA6mYa0cGeSzo0PU7PVhot_3mvACg6xkvgNPZXU3BktjiNOGbGU5zAj0gxx5l1gpB6s_mGdGrICb0VfbXAzuD-DuDX-_h1Dz8WLVKJ0oxpwr8hFT4L2IksZ-gVAaYNopZPtR_rk5lZGQvzGCTwwL9Cy_v5y2lFSlX64H9Mf6Kg6o0x9iNvM6egxaN-u_T0miPdeaLj7F7QX57o3ZlcTfA5rpDFvxvufl6iqomILNr4zS91d_HQ5TDedZ4WiS6fnpBMeAQC8BeijwSDwJZfYk_YLE6W6crdarkIJHTaNfEKQCLDngt4bbCg3kgwyZpsjQrGrhkcvNVskecBR-TkshnSIBHyUlUv7-WZqxpPY1CgCY35dRPbACPm60mUEdsp0qhSBOsWRsBj8y7suSCRfNeX4imWZJURQ93hcIdNzDGy9TMpY0rrcRJrVCX9EVu3GrXhhiS_Digjcqqv2VUGbvjbifvQ99wZirPn4NcPT-uw_RXbxS_oitwTCdWkDAs990HWJFKYnutMKIuXWKr_Rfnaftinb9uGE2TUnJidsePz0QcXIaz2UKG5MtT8YPEsipaV1Q4Gu_dSapp0z06Lk93V8lCFOqr8C0T01XPaz6F9d7amxeKOtu_01gYxz9ZD4auhtFevIV6pV6Fti6EVjZDdGcpKnXJlzNYy0A87vMEeq_KsVYoMpHVi2bQIyPruWbkmskyMHGGP44Hm7os2s28VhRlSaWFPBBrskQ1zbcETZgrb8ygx_RFrWIeHfTam1N-JKKvlyANc8P0D3MWsJbJn1H28w63NKiw2JaR8HlKbKnwOIdR_UgUGnW3UqKrcJNWM4k7IzTQgCBV1trg-5cPYTSfpAJhANu8c3mHTlCwZ63qCJK5tQbXe7-P_hIToaMXa65vg6mWqL5NWY79yAHQR_3soDJyBpGiz_xg7Z-dq5zUhyLTCJ1V_rNJrz38NQA4gUpEpsxb8wNyy4Gtmn646bvCXJBQO7vn9OTDOGWJxn5I-nNmPG7Q8I6XqD_pshwf_FG3rDvN7RMAJ0sfqu3wkZXiJJMtl4SpjvnaSjMVWTw&cid=CAQSTQBpAlJWSXk1hpRRU9THdP74DO6vW1iiu4zvhCOvsLE8fJAeESVTP_XYHQa4XH1DkPsWhTbJpvDpPHCYbx8t9vhrjZYA-dNxN0ZppGuGGAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&ds=l&xdt=1&iif=1&cor=5394226090910108000&adk=668463796&idt=227&cac=0&dtd=95
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-e09f10f-a7b8af42.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7590f6a2a361b6b574d8ee724439a131aecd6336d421f5b9e3610f0c6c0975c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:04 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36825
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 7B88
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJPUXmYjtUuOnEaEzHaoiis&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJPUXmYjtUuOnEaEzHaoiis&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ3FExD_0j0YtbrPzQEwAQ&v=APEucNXZTA4iTRxY2xwKcS8BgvJj-jYMQF4K8Ui-o40dEJ899l76Bsf7jZSKxWHgH5Eh4yhSSDUhwA6vxclZqNydL90kUbJWkw
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:04 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJPUXmYjtUuOnEaEzHaoiis&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7B88
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODAyNGE5OTQtNjE4ZS0yYzIwLWYyYzUtYzVhODc2ZGNlZWU1
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODAyNGE5OTQtNjE4ZS0yYzIwLWYyYzUtYzVhODc2ZGNlZWU1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ3FExD_0j0YtbrPzQEwAQ&v=APEucNXZTA4iTRxY2xwKcS8BgvJj-jYMQF4K8Ui-o40dEJ899l76Bsf7jZSKxWHgH5Eh4yhSSDUhwA6vxclZqNydL90kUbJWkw
Protocol
H3
Server
142.251.41.2 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 14 Aug 2023 12:50:04 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODAyNGE5OTQtNjE4ZS0yYzIwLWYyYzUtYzVhODc2ZGNlZWU1
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
um
sync.teads.tv/ Frame 7B88
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEOKj7R-WFinTz5Hc50nymhM&google_cver=1
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEOKj7R-WFinTz5Hc50nymhM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ3FExD_0j0YtbrPzQEwAQ&v=APEucNXZTA4iTRxY2xwKcS8BgvJj-jYMQF4K8Ui-o40dEJ899l76Bsf7jZSKxWHgH5Eh4yhSSDUhwA6vxclZqNydL90kUbJWkw
Protocol
H2
Server
23.205.56.163 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-56-163.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires
Mon, 14 Aug 2023 12:50:05 GMT
pragma
no-cache
date
Mon, 14 Aug 2023 12:50:05 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEOKj7R-WFinTz5Hc50nymhM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7B88
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NzIxOTU2ODUtMjNkZC00NDQ3LWIxYmUtYWNkZTQwYjhhYjQ5
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NzIxOTU2ODUtMjNkZC00NDQ3LWIxYmUtYWNkZTQwYjhhYjQ5
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ3FExD_0j0YtbrPzQEwAQ&v=APEucNXZTA4iTRxY2xwKcS8BgvJj-jYMQF4K8Ui-o40dEJ899l76Bsf7jZSKxWHgH5Eh4yhSSDUhwA6vxclZqNydL90kUbJWkw
Protocol
H3
Server
142.251.41.2 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:05 GMT
server
akka-http/10.2.10
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NzIxOTU2ODUtMjNkZC00NDQ3LWIxYmUtYWNkZTQwYjhhYjQ5
cache-control
max-age=0, no-cache, no-store
content-length
189
expires
Mon, 14 Aug 2023 12:50:05 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 2B9D 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=85504206&p=156758&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
8e8ae2ee446ec9ebd506e168f1abccdfdef8fcbdf4d7d35df50d4d35fe5263ad

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Mon, 14 Aug 2023 12:50:02 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
partners.tremorhub.com/ Frame C2DE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm
  • https://partners.tremorhub.com/sync?UIGL=CAESEOsD1grBzaKpkg9TmAvJxhw&google_cver=1
43 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UIGL=CAESEOsD1grBzaKpkg9TmAvJxhw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ3FExD_0j0Y6_fayQEwAQ&v=APEucNX_4qPsaqD6xjgLd9L33a5ECzXCAJ14IKt-s-21nKNH-Hm-LIs9VuGTglVKBKJPRkV3JETzJ33F_vQQqxPwKAmbW8Iqew
Protocol
H2
Server
2600:1f18:612b:4232:6fb3:e7b4:1fbc:46fc Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Mon, 14 Aug 2023 12:50:05 GMT
server
nginx
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://partners.tremorhub.com/sync?UIGL=CAESEOsD1grBzaKpkg9TmAvJxhw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
283
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
partner
sync.search.spotxchange.com/ Frame C2DE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEN4DB0J97z6c5-irA-NhCRI&google_cver=1
0
0
partner
sync.search.spotxchange.com/ Frame C2DE 		0
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 5852 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=29456877&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1---&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
c5e58768fe1836f437b39056aa5580722055dcafef4ce77b5333daa0f134a3f3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 14 Aug 2023 12:50:03 GMT
content-length
2026
content-type
text/html; charset=UTF-8
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2CFA 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152media
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.220.188.195 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-188-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=34062
content-encoding
gzip
content-length
5606
content-type
text/html
date
Mon, 14 Aug 2023 12:50:04 GMT
expires
Mon, 14 Aug 2023 22:17:46 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync
eb2.3lift.com/ Frame E96E 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152media
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
9cbbe3aac8733766ef223705c40c8e65db3d2441d46334a5437237af1ca43abf

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1071
content-type
text/html; charset=utf-8
date
Mon, 14 Aug 2023 12:50:04 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame 4E72
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS0za1hBOFBORTJ1RmdsclUzYUFyMWh2ZHBqaWY2SVlVRn5B
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS0za1hBOFBORTJ1RmdsclUzYUFyMWh2ZHBqaWY2SVlVRn5B
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ3FExD_0j0Y6_fayQEwAQ&v=APEucNUmqZlCbjXlD6fEmfTcV-oqHJJ3OshC6nFDLcnsd-CiFvntuHjULZEk-KL-Olrpg3esgK1OgkWMxdZ8e7EIbi77TuvQsA
Protocol
H3
Server
142.251.41.2 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS0za1hBOFBORTJ1RmdsclUzYUFyMWh2ZHBqaWY2SVlVRn5B
date
Mon, 14 Aug 2023 12:50:04 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
user-registering
ads.stickyadstv.com/ Frame 4E72
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm&google_dbm
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEDSrhUuB30fRmrXMbefgQn8&google_cver=1
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEDSrhUuB30fRmrXMbefgQn8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ3FExD_0j0Y6_fayQEwAQ&v=APEucNUmqZlCbjXlD6fEmfTcV-oqHJJ3OshC6nFDLcnsd-CiFvntuHjULZEk-KL-Olrpg3esgK1OgkWMxdZ8e7EIbi77TuvQsA
Protocol
HTTP/1.1
Server
63.251.28.233 Secaucus, United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Aug 2023 12:50:05 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1692017405193025-267

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEDSrhUuB30fRmrXMbefgQn8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
317
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4E72
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=11
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=YjhiYjVkYjAzZGFiMmJiZGRkOTkzMzlkMWUxZTNlOTA=&gdpr=0&gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=YjhiYjVkYjAzZGFiMmJiZGRkOTkzMzlkMWUxZTNlOTA=&gdpr=0&gdpr_consent=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ3FExD_0j0Y6_fayQEwAQ&v=APEucNUmqZlCbjXlD6fEmfTcV-oqHJJ3OshC6nFDLcnsd-CiFvntuHjULZEk-KL-Olrpg3esgK1OgkWMxdZ8e7EIbi77TuvQsA
Protocol
H3
Server
142.251.41.2 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 14 Aug 2023 12:50:05 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=YjhiYjVkYjAzZGFiMmJiZGRkOTkzMzlkMWUxZTNlOTA=&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1692017405105072-125
cs
cs-server-s2s.yellowblue.io/ Frame FCDD
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=68531A78-C812-44CF-A2C6-1C611A476111
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=68531A78-C812-44CF-A2C6-1C611A476111
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
35.169.215.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-215-20.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:05 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=68531A78-C812-44CF-A2C6-1C611A476111
date
Mon, 14 Aug 2023 12:50:04 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
115
content-type
text/html; charset=utf-8
cksync.php
contextual.media.net/ Frame FCDD 		61 B
458 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=25&type=ris&ovsid=%7B%7BAPID%7D%7D&redirect=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11585%26id%3D%3Cvsid%3E
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 14 Aug 2023 12:50:04 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Mon, 14 Aug 2023 12:50:04 GMT
setuid
sync.quantumdex.io/ Frame FCDD 		43 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=rise&uid=V83JJ1Ctkp_s
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7f69524cfe919abf-MIA
content-length
43
content-type
image/gif
event-stream
k.p-n.io/ 		0
126 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://k.p-n.io/event-stream
Requested by
Host: cdn.p-n.io
URL: https://cdn.p-n.io/pushly-sdk.min.js?domain_key=lGrO4sEYCy0zUu2DRBSBxuOWIGo8lGqPv8wE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.23.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-23-46.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Mon, 14 Aug 2023 12:50:04 GMT
access-control-allow-headers
*
access-control-max-age
600
access-control-allow-methods
*
PugMaster
image6.pubmatic.com/AdServer/ Frame F743 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=51971038&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
a1426eedf230cdba16b71e71df81e3eb8531706d79101883ea83face89abebba

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 14 Aug 2023 12:50:03 GMT
content-length
1504
content-type
text/html; charset=UTF-8
setuid
elb.the-ozone-project.com/ Frame E226
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=1UfPRnxS&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirectUri=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsharethrough%26gdpr%...
  • https://elb.the-ozone-project.com/setuid?bidder=sharethrough&uid=2e7556fa-d433-4e40-9dcf-8adfe374e481&gdpr=0
0
964 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=sharethrough&uid=2e7556fa-d433-4e40-9dcf-8adfe374e481&gdpr=0
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1---&pubcid=e27f856b-b396-4c82-98f1-d0573477e720&publisherId=OZONENYP0001&siteId=1500000033&cb=1692017396666&bidder=ozone
Protocol
H2
Server
104.18.6.50 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
7f69525038c88daf-MIA
content-length
0
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?bidder=sharethrough&uid=2e7556fa-d433-4e40-9dcf-8adfe374e481&gdpr=0
date
Mon, 14 Aug 2023 12:50:04 GMT
content-length
0
76c8158d-17e2-48cd-a7c0-e551c76122dc
https://nypost.com/ 		365 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://nypost.com/76c8158d-17e2-48cd-a7c0-e551c76122dc
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3778b11054daa02477c738ed3bf2ba3b0ef7c5d57eae266b9f4199fe3c65917e

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Length
373268
Content-Type
text/javascript
pixels
pix.spot.im/api/v1/ 		0
228 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pix.spot.im/api/v1/pixels
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.8.1/launcher/386-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-91.jfk50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 14 Aug 2023 12:50:04 GMT
via
1.1 77c1752e5c6dfb050c6304b9d473a1e2.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P4
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
content-length
0
x-amz-cf-id
D2XMMpasp6d3o3UZAoeZqm16N72MEOnBoUSP4YcXuM7UNF9z0aQ8ow==
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-0DZ7LHF5PZ&gtm=45je3890&_p=1381752064&cid=1624615099.1692017395&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1692017395&sct=1&seg=0&dl=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&dt=Secret%20Service%20tracking%20Onlyfans%2C%20Twitch%2C%20Pinterest%20websites&en=Buffer&_ee=1&ep.event_category=JW%20Player%20Video&ep.event_label=https%3A%2F%2Fcdn.jwplayer.com%2Fmanifests%2FScrNykYo.m3u8&ep.event_action=Buffer&ep.non_interaction=true&_et=3134
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0DZ7LHF5PZ&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::200e Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:04 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
match
events-ssc.33across.com/ Frame DFF7
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=1---&us_privacy=1---&khaos=LLAVGYIH-G-GET7
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LLAVGYIH-G-GET7&us_privacy=1---
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LLAVGYIH-G-GET7&ts=1692017405&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LLAVGYIH-G-GET7&ts=1692017405&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:06 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:04 GMT
referrer-policy
unsafe-url
server
33XP005
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LLAVGYIH-G-GET7&ts=1692017405&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
rum
dsum-sec.casalemedia.com/ Frame 3F0A
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=aGQZVP-FWKlwqApFxMElgCaEdkU
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=aGQZVP-FWKlwqApFxMElgCaEdkU
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D9e327913d98873c4%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Aug 2023 12:50:05 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=aGQZVP-FWKlwqApFxMElgCaEdkU
Date
Mon, 14 Aug 2023 12:50:04 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
rum
dsum-sec.casalemedia.com/ Frame 3F0A
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=yZlHys2fRZ3SnBGbxssOmsbLEZjSnReanpR0BQqd
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=yZlHys2fRZ3SnBGbxssOmsbLEZjSnReanpR0BQqd
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D9e327913d98873c4%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Aug 2023 12:50:05 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:04 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=yZlHys2fRZ3SnBGbxssOmsbLEZjSnReanpR0BQqd
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 3F0A
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
  • https://cm.adgrx.com/bridge.gif?AG_PID=casale
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=17c778fa-3aa1-11ee-969c-688d4aa15bb1
0
0
tp_out
d.adroll.com/cm/index/ Frame 3F0A 		42 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D9e327913d98873c4%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:61c0:2204:dc96:d78f:7c5:6b8d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:05 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.1
content-length
42
vary
Cookie
content-type
image/gif
index
dmp.brand-display.com/cm/api/ Frame 3F0A 		0
0
usersync
sync.springserve.com/ Frame 3F0A 		43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.springserve.com/usersync?aid=1000005&gdpr=&gdpr_consent=&us_privacy=&uuid=ZNoi9Ggn7zBNSI16aEKdmQAADbsAAAAB
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D9e327913d98873c4%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.50.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-50-168.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 14 Aug 2023 12:50:05 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
usermatchredir
ssum-sec.casalemedia.com/ Frame 3F0A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZNoi9Ggn7zBNSI16aEKdmQAADbsAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEPZqk2iPNgWd3K8DEkaAXDU&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEPZqk2iPNgWd3K8DEkaAXDU&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D9e327913d98873c4%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Aug 2023 12:50:07 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEPZqk2iPNgWd3K8DEkaAXDU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
r.casalemedia.com/ Frame 3F0A
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
  • https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=d6b17afb-b9dc-4997-9b71-8ab66aac7c4f-64da22f6-5553&gdpr=0&gdpr_consent=
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=d6b17afb-b9dc-4997-9b71-8ab66aac7c4f-64da22f6-5553&gdpr=0&gdpr_consent=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D9e327913d98873c4%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Aug 2023 12:50:07 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:05 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=d6b17afb-b9dc-4997-9b71-8ab66aac7c4f-64da22f6-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
um
u-iad04.e-planning.net/ Frame 3F0A 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?dc=99e41df815fd80b4&fi=9e327913d98873c4&uid=ZNoi9Ggn7zBNSI16aEKdmQAA%263515
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D9e327913d98873c4%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

server
openresty
date
Mon, 14 Aug 2023 12:50:05 GMT
content-type
image/gif
cs
cs.minutemedia-prebid.com/ Frame 3CDC
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=minute_media&khaos=LLAVGYIH-G-GET7
  • https://cs.minutemedia-prebid.com/cs?aid=21479&id=LLAVGYIH-G-GET7
0
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21479&id=LLAVGYIH-G-GET7
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Protocol
H2
Server
34.194.30.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-30-69.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:05 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://eus.rubiconproject.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cs.minutemedia-prebid.com/cs?aid=21479&id=LLAVGYIH-G-GET7
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
03d4828e33e22cf7b4098c5a68746480
Expires
0
sbt.js
static.vidazoo.com/basev/1.0.811/ 		652 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.vidazoo.com/basev/1.0.811/sbt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:651 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5b57158d599a1ae09543bddaf35fb04d29d3a858de1adc481cd3a8cc16bc873

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:04 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
SRFTEYXH7R9C80MM
age
49060
x-amz-server-side-encryption
AES256
content-length
140385
x-amz-id-2
1cDrRubRKrHXYUDBJuVBPLOT1+iqIIaBTPoy2WQzRloqKdbAhleM8HAQ3hqO2WdPHO7Q/nZEMFY=
last-modified
Tue, 16 May 2023 10:04:26 GMT
server
cloudflare
etag
"e776412f27744cdaa59c65bb87e29598"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7f69524b8d854982-MIA
access-control-allow-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
expires
Tue, 15 Aug 2023 12:50:04 GMT
cs
cs.yellowblue.io/ Frame A9F5
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=rise_engage&khaos=LLAVGYIH-G-GET7
  • https://cs.yellowblue.io/cs?aid=11590&id=LLAVGYIH-G-GET7
0
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11590&id=LLAVGYIH-G-GET7
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Protocol
H2
Server
35.169.215.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-215-20.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:05 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://eus.rubiconproject.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cs.yellowblue.io/cs?aid=11590&id=LLAVGYIH-G-GET7
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
03d4828e33e22cf7b4098c5a68746480
Expires
0
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230809/r20110914/ Frame A17B 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230809/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-e09f10f-a7b8af42.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d44eef42468aa9860e7e4d534a143260ab1d102607635a2f30483d0c039686f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:34:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
8145
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11540
x-xss-protection
0
server
cafe
etag
10407724091878522853
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 28 Aug 2023 10:34:19 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230809/r20110914/elements/html/ Frame A17B 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230809/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-e09f10f-a7b8af42.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:34:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
8145
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4196
x-xss-protection
0
server
cafe
etag
15907914729094346842
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 28 Aug 2023 10:34:19 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame A17B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsspVGOq3z7P3QuPrsi2yhRGShVr6yGHckYhgaMoFgxWifx1GH1ICRbqRYrU0j0XIR1prkam2IKb7muB4WmgqPEUuinvF6QgQiRoUKWlpp9MnV6QaW-cdjaiXsdl59VByUmq3rewYRlEXBEkfHsFJPP6hr8oB3XxHVXNoJTKAhDeJlLRSuwxkoTv3WimDw-cs85QcBBMflUdKXCDShe-_1fTkxnoLPDyAGpREBkux5Z_x_OGdaCLNJCkMloe-NztcnuDvLHjDeffZZXKCwbJOEzoIoIQWoGCJXvnASve4ySjVzbDSYzGDG0FDVTbuz18xmpQpKM2L51wOdF9MevgftAQ0mJe3chTMWMNSKo6WFvcm2OYrRKl8SY6iIbCy-sFlwwKQtDJY_9nwfXeACRjIwCiuyuX6ym6wLGF7wcJRzGoK6355otzBJeNKi-NLPaKFr7dajUkQ9ZX3USrruZLtDPNBnu30vUV3yj7xt4hxk9F-AcZgpNqwApIB4H8uGDwfaPQpG1HeKnM_xz1cct-Fr1OeKVAse9c-WXBodVR2uJcQHCvKPG38psg_F3ZFpiAuqy1Es2DBo8Ykm7CiYutE_bptGvENymBh6SgZ4f3cuwjxc9oDpfXwnl0qS-if4j3SxpnUgyMCkhkjEahcZBZMR9nIfVlArTiQSPbIZDcFXdki8hm_EVTzUnNZxpbexRPOrnKuZunZFIgs7hZSK3Y4u_c4_K5tx9IKZTh8PqLAV9O05ox3QJDh5bOb34LOOjmi2GKsNJonDkThG5ds_KxQmRZ0FSh9DppeK7qU6C6GnPpnHj8Lz46LinmOqxSUE7ncCm9zMeOGa1UXuhH2PYYchNM_IlvicZie7UsZV5c2kJ5bkIppzHqUhlwaxxX2NX-KG5FA2OBsyXSesgEJ1S5Bu_lgyNsrMuWyLlvAAaYIPgF1QUAqy8yLcABpxv22iNJ8CIluLA6Vi4A2qQEE-QOGYnLeejd2bht2cF3Zle5YMRK5kegf8q0vXj7mqakD4tA1HYneHI61aOKgPIk5yo2M_dnJMUjamRxfL8d_3WoQ0lhiY8Sp4z5_05JEYnBk8eefPsM2oLQHjxsPMqfyNTsCq-MbudbPnLFJ0Jsiu8H9lTzHQkK_2DTDpWPHou55pq68iNGo6eUxxP2WLbLMsnEQ77N6vAwjgVhABTwZz1r91buR5JvJlzbfKv1T7bjoy8HwRUHAzNYrqP9D2i0OC4ekevWFF_JPQz6GSaUAJ1XqozdwJkVD6mi1EOETkYjd-eQwV96QLELmqSAs7hAuTqHLmLeihPGFcjlXI2jFImTrh6t3DHT7A&sai=AMfl-YQG_kpoJ2hbZ1VwzfxyzONum1AM8RcEqcYsmyncAvLs7srGwMH87p3Bvy79IMa6ziLIA5R6j6M-9AcsVQrQpeRe9uHFYZe6grYUZl9KN5UVhL5y8Uto280dqiISG6jfb03skMAcU3ZD495OFQFoMA3pXHsZTsUCwJu_SdyzF0mvxm8iclpknXs24TC_ZbKhGGi4HTSIjAi0E90jodOk_1ZNmLyqxmZ-7vcxk_TUzgXMrHGyEm7i1Ec9f1Ae1CLo3zR9JmkDALMgxkvSGADp0U-m6_6njxelCmla8qhKIdkMkgKTo8ZQlAdX4QV_&sig=Cg0ArKJSzBqCnDiTG02gEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=4&cbvp=1&cstd=0&cisv=r20230809.89516&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-e09f10f-a7b8af42.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.35.162 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 14 Aug 2023 12:50:05 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Mon, 14 Aug 2023 12:50:05 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame A17B 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-e09f10f-a7b8af42.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:34:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
8145
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 13 Aug 2024 10:34:19 GMT
8950135653803379998
s0.2mdn.net/simgad/ Frame A17B 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/8950135653803379998
Requested by
Host: 0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com
URL: https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.166 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f6.1e100.net
Software
sffe /
Resource Hash
b3bac03a5bc56738777270044fbb3533821f7d05b1a754be455e684e39a5f1bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:04:05 GMT
x-content-type-options
nosniff
age
9959
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66393
x-xss-protection
0
last-modified
Thu, 23 Feb 2023 21:35:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 13 Aug 2024 10:04:05 GMT
r
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/r?inv_code=NYPost_Sidebar_native_header&aid=9237777348217432929530&rev=bbfe464&domain=nypost.com&ref=https%253A%252F%252Fnypost.com%252F2023%252F04%252F13%252Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%252F&pr=un&rr=auction&cb=11490
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
state
api.permutive.com/v1.0/ 		0
33 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v1.0/state?fetch_unseen=true&k=8716c0bf-3e57-4603-9c05-89d10477c922
Requested by
Host: 0cf17917-395b-4f25-91cc-db3bdd6044b0.edge.permutive.app
URL: https://0cf17917-395b-4f25-91cc-db3bdd6044b0.edge.permutive.app/f34a8612-9c89-4e7a-adeb-71a2902d9634-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Mon, 14 Aug 2023 12:50:05 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
usync.html
eus.rubiconproject.com/ Frame EC11
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=rise_engage&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.126.114.69 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-114-69.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cs-server-s2s.yellowblue.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 14 Aug 2023 12:50:05 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 14 Aug 2023 12:50:04 GMT
location
https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
server
AkamaiGHost
/
onetag-sys.com/usync/ Frame AA76 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://cs-server-s2s.yellowblue.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
8950135653803379998
s0.2mdn.net/simgad/ Frame 7F85 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/8950135653803379998
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-e09f10f-a7b8af42.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.166 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f6.1e100.net
Software
sffe /
Resource Hash
b3bac03a5bc56738777270044fbb3533821f7d05b1a754be455e684e39a5f1bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:04:05 GMT
x-content-type-options
nosniff
age
9960
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66393
x-xss-protection
0
last-modified
Thu, 23 Feb 2023 21:35:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 13 Aug 2024 10:04:05 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230809/r20110914/ Frame 7F85 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230809/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-e09f10f-a7b8af42.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d44eef42468aa9860e7e4d534a143260ab1d102607635a2f30483d0c039686f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:34:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
8146
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11540
x-xss-protection
0
server
cafe
etag
10407724091878522853
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 28 Aug 2023 10:34:19 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230809/r20110914/elements/html/ Frame 7F85 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230809/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-e09f10f-a7b8af42.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:34:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
8146
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4196
x-xss-protection
0
server
cafe
etag
15907914729094346842
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 28 Aug 2023 10:34:19 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 7F85 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu2XaJbRMcDhRnMh9EoCE41YaRGDknU-R_GhckF2dHQEgpW-J0aylCrnw2FBSt804_NWtlWUfDNEWXbTdb5hqP0_T4oANjAzDCHpNPWmUVY-R2sjK8G6rQjDtNUxWfv24re8e3r-Hw-RbrfXsS8DoEfRwwU8z1wdysQuST0SRVFbOBEHhOimprI4mRVx4-0AvKzF0fiiQIYWRJZhWU4C2rOtp7nZJJzk2NCQFKpd1CTnmThbv2y-RmMxiWp4Ubh3bNGKWmD3v4FBvaFnl3Uu2wAI7kzELMr1ZhBlhR0Toq23wZL6rcQrW9ZR84nh7uq9HVjCGY_tWQbqBF5eThhkpouPBREU9nGwTo2SmGLwaQQFw__8AuKId9V7U4Gc40OUzMv2EFPBBwfLej0FhzA3scwPbt8M2lTRsUhN7v4suFMweLRFsqtAPQ-C9z_LWiATDeEstk6XVPLYYU2r-NnfbPA-1PQR6NGfjKcawe1dpzbQxMJ4_ptKHncQ0xn-q0i7AVZtX3HL3Ac8pH64j0F4KKEwei3FgNG_-ksphrgeS5H6RImtFXdfqVpO_gTR9cVW0cw5f93WaT-DSGu1emGNBg3aZ4jd8WCwwJXxNCQ4SczbyEs6lKR68uB2gT3lUVBybw--i0_wIqBE4PDyuSZQzFL624ztVvvnyTJeZKIQJioN7j9EyQ5d7wTXfZFUAEeCmJq2xIjEMYGDe3c0ucKigsb3wHWhNLmaql-l2CYfaBbAnq6K7Wl_h1e_72eP7nn1LPcWuEnmDpEifWoQmXomiYSCYAonYvT0EPDtuwl-ECgKpolVm54xQ42bglAvAuEJc5HGXLY-kqWy3mztStGcC_eH2ARUM-XkRAMUn33whUCSGefZxNlQEHxmE6OgRVKF9yamWMwwiNxkEsnbW7QZTfZ5YHJ6oHckbt1fczPKYFKHVN-YzHsMTUMP6Vyqn6W3Nlvr2LGBK6nt4nPtZgk-tm3lbImkGS0-D7J9-SKPYL0wafsTIrpAqeY1N9tTviE0DtVVqG-9-uofcYw0i43dAC4JKd7PAAZoPrjGdIzAUhoXRKfYiFOU-gtk_lXfiQtQcX2CUuHZlbh0pwZmS02aZ3CIg1tr3Doi-VP0qdYa2_BZNWjjrCqgajfFaiyyndcnOgIQhfbbxJIZheED3TK-JiRMCmDmaJPE98dyCnJQgBqWeGsbbjXD5v5XZ3brc1aHEGbH8N38pvCEFtofEIjRlq12gJ1SaWJYUh_Hp0Dvel0nWpDLod1Hh2QA0WP4KXE_D9BcErQMf3O8kvmhiIU5g4f-JY0-trzrZfoE7OV-Q0ENGU_gMc&sai=AMfl-YSTLgUInCsufSct6rfWGTUEJT5iSvW0rW2qbxBFDZD3IUvpCX4bBNnIoh-yU8gRzwSQRWaNmj8B5z0uNdJtcwTajaJzttD5mybst-Uc5DSNXucnAiLTgIz1zl_PkNOSi9nfD-kcRoo2QHoOFgnSNIm_As0dL9RA5ZAfnprIPsji5umgaEh99o7zhBk8ia9vALCDtyF1oPgXAJDuJmGDmhlh_e8swOOzD7eizaZkg5a2zZAn00Ja-Z8hASKOKVP3S7KWE4f0fYE5r2YPWsgOl4bVlIMLr3cMJdqU5wO8UaBrilsp7Ic8Y0eq86YQ&sig=Cg0ArKJSzCbcB79cnT2EEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=6&cbvp=1&cstd=0&cisv=r20230809.31591&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-e09f10f-a7b8af42.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.35.162 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 14 Aug 2023 12:50:05 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Mon, 14 Aug 2023 12:50:05 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 7F85 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-e09f10f-a7b8af42.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:34:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
8146
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 13 Aug 2024 10:34:19 GMT
setuid
ib.adnxs.com/prebid/ Frame E96E 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=0&gdpr_consent=&uid=689661242672352996219
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.132 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:05 GMT
an-x-request-uuid
d877bf21-91a1-4159-b0fb-f468b9f430ae
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.69; 38.132.118.69; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame E96E 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=689661242672352996219
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.132 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:05 GMT
an-x-request-uuid
07c9c643-dc9d-458e-98ee-cc246aacc9c0
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.69; 38.132.118.69; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
xuid
eb2.3lift.com/ Frame E96E
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://eb2.3lift.com/xuid?mid=3702&xuid=${ADELPHIC_CUID}&dongle=d54f&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3702&xuid=bd84f5ab-78b1-42b1-95ee-05bf6d810cd4&dongle=d54f&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3702&xuid=bd84f5ab-78b1-42b1-95ee-05bf6d810cd4&dongle=d54f&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 14 Aug 2023 12:50:07 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=3702&xuid=bd84f5ab-78b1-42b1-95ee-05bf6d810cd4&dongle=d54f&gdpr=0&gdpr_consent=
Date
Mon, 14 Aug 2023 12:50:06 GMT
Connection
keep-alive
X-CI-RTID
3da0f5c7-2e39-48af-b5a6-02ff772dca62
Content-Length
149
Content-Type
text/html; charset=utf-8
xuid
eb2.3lift.com/ Frame E96E
Redirect Chain
  • https://ad.turn.com/r/cs?pid=49&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=4771&xuid=4086215225291572915&dongle=d407&gdpr=0&gdpr_consent=
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=4771&xuid=4086215225291572915&dongle=d407&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 14 Aug 2023 12:50:07 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=4771&xuid=4086215225291572915&dongle=d407&gdpr=0&gdpr_consent=
pragma
no-cache
date
Mon, 14 Aug 2023 12:50:05 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
/
b1sync.zemanta.com/usersync/bluekai/callback/ Frame E96E
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=JJ-Bcr2ZgPSZovj0FZ9P&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLE...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5JJFC2QTDOIZFU...
0
0
xuid
eb2.3lift.com/ Frame E96E
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=13&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2319&xuid=0-68641954-ff85-58a9-70a8-0a45c4c12580$ip$38.132.118.69&dongle=4430
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2319&xuid=0-68641954-ff85-58a9-70a8-0a45c4c12580$ip$38.132.118.69&dongle=4430
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 14 Aug 2023 12:50:07 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2319&xuid=0-68641954-ff85-58a9-70a8-0a45c4c12580$ip$38.132.118.69&dongle=4430
Date
Mon, 14 Aug 2023 12:50:06 GMT
Connection
keep-alive
Content-Length
139
Content-Type
text/html; charset=utf-8
sync
sync.srv.stackadapt.com/ Frame E96E 		43 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.srv.stackadapt.com/sync?nid=20&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.198.143.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-198-143-1.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 12:50:06 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
sync
sync.srv.stackadapt.com/ Frame E96E 		43 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.srv.stackadapt.com/sync?nid=114&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.198.143.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-198-143-1.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 12:50:06 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
xuid
eb2.3lift.com/ Frame E96E
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=83&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3646&xuid=d6b17afb-b9dc-4997-9b71-8ab66aac7c4f-64da22f6-5553&dongle=1fa5&gdpr=0&gdpr_consent=
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3646&xuid=d6b17afb-b9dc-4997-9b71-8ab66aac7c4f-64da22f6-5553&dongle=1fa5&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 14 Aug 2023 12:50:07 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:05 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://eb2.3lift.com/xuid?mid=3646&xuid=d6b17afb-b9dc-4997-9b71-8ab66aac7c4f-64da22f6-5553&dongle=1fa5&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
757c0557066e95cfd4c7
s.amazon-adsystem.com/x/ Frame E96E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=689661242672352996219
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers
metrics
api.permutive.com/v2.0/internal/ 		2 B
37 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/internal/metrics?k=8716c0bf-3e57-4603-9c05-89d10477c922
Requested by
Host: 0cf17917-395b-4f25-91cc-db3bdd6044b0.edge.permutive.app
URL: https://0cf17917-395b-4f25-91cc-db3bdd6044b0.edge.permutive.app/f34a8612-9c89-4e7a-adeb-71a2902d9634-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 14 Aug 2023 12:50:05 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
content-type
text/plain;charset=utf-8
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22
event-stream
k.p-n.io/ 		0
125 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://k.p-n.io/event-stream
Requested by
Host: cdn.p-n.io
URL: https://cdn.p-n.io/pushly-sdk.min.js?domain_key=lGrO4sEYCy0zUu2DRBSBxuOWIGo8lGqPv8wE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.23.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-23-46.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Mon, 14 Aug 2023 12:50:05 GMT
access-control-allow-headers
*
access-control-max-age
600
access-control-allow-methods
*
cks
cks.connatix.com/
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=190549&cb=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d17%26ev%3dfddb0e4239674cab881846b90d9a1b4b%26pname%3dIndex%26api-tier%3d1%26uid%3d&gdpr=0
  • https://cks.connatix.com/cks?pid=17&ev=fddb0e4239674cab881846b90d9a1b4b&pname=Index&api-tier=1&uid=ZNoi9Ggn7zBNSI16aEKdmQAA%263515
139 B
289 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=17&ev=fddb0e4239674cab881846b90d9a1b4b&pname=Index&api-tier=1&uid=ZNoi9Ggn7zBNSI16aEKdmQAA%263515
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H3
Server
104.18.1.32 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96285d56ec02524ddf8a4d1a45a0a0afbd105282e56303275a0004c6c2fe0752

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:08 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
7f6952627d602887-MIA
alt-svc
h3=":443"; ma=86400

Redirect headers

Pragma
no-cache
Date
Mon, 14 Aug 2023 12:50:05 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cks.connatix.com/cks?pid=17&ev=fddb0e4239674cab881846b90d9a1b4b&pname=Index&api-tier=1&uid=ZNoi9Ggn7zBNSI16aEKdmQAA%263515
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
cks
cks.connatix.com/
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/connatix?redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d15%26ev%3dfddb0e4239674cab881846b90d9a1b4b%26pname%3dBeeswax%26api-tier%3d1%26uid%3d{userid}&gdpr=0
  • https://cks.connatix.com/cks?pid=15&ev=fddb0e4239674cab881846b90d9a1b4b&pname=Beeswax&api-tier=1&uid=AABFCk7JtEYAACVAbz7Dsg&gdpr=0
132 B
247 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=15&ev=fddb0e4239674cab881846b90d9a1b4b&pname=Beeswax&api-tier=1&uid=AABFCk7JtEYAACVAbz7Dsg&gdpr=0
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H3
Server
104.18.1.32 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59a977b16bc5be2dc40ea61d5a5ff8244abcb824bc9fa2c7d81ed1e8bc1a169a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:08 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
7f6952628d752887-MIA
alt-svc
h3=":443"; ma=86400

Redirect headers

location
https://cks.connatix.com/cks?pid=15&ev=fddb0e4239674cab881846b90d9a1b4b&pname=Beeswax&api-tier=1&uid=AABFCk7JtEYAACVAbz7Dsg&gdpr=0
Date
Mon, 14 Aug 2023 12:50:05 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
cks
cks.connatix.com/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gapzaid&ttd_tpi=1&gdpr=0
  • https://cks.connatix.com/cks?pid=19&uid=885e676c-3a70-45fe-acfc-e7ad294a43e8&ttl=1694609405
146 B
254 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=19&uid=885e676c-3a70-45fe-acfc-e7ad294a43e8&ttl=1694609405
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H3
Server
104.18.1.32 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2340482e7f3f5c28febe39596266b4f7e2a91d39e57652b737f6c844ec0c552

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:08 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
7f6952627d692887-MIA
alt-svc
h3=":443"; ma=86400

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:05 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cks.connatix.com/cks?pid=19&uid=885e676c-3a70-45fe-acfc-e7ad294a43e8&ttl=1694609405
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
213
cks
cks.connatix.com/
Redirect Chain
  • https://ad.turn.com/r/cs?pid=67&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d21%26ev%3dfddb0e4239674cab881846b90d9a1b4b%26pname%3dAmobee%26api-tier%3d1%26uid%3D%23USER_ID%23&gdpr=0
  • https://cks.connatix.com/cks?pid=21&ev=fddb0e4239674cab881846b90d9a1b4b&pname=Amobee&api-tier=1&uid=4086215225291572915
129 B
241 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=21&ev=fddb0e4239674cab881846b90d9a1b4b&pname=Amobee&api-tier=1&uid=4086215225291572915
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H3
Server
104.18.1.32 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d2a8b875091b09a99fcf7db07ee04dd3b7059fd3cf80d695517ed8d2fb9306e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:08 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
7f6952627d672887-MIA
alt-svc
h3=":443"; ma=86400

Redirect headers

location
https://cks.connatix.com/cks?pid=21&ev=fddb0e4239674cab881846b90d9a1b4b&pname=Amobee&api-tier=1&uid=4086215225291572915
pragma
no-cache
date
Mon, 14 Aug 2023 12:50:04 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cks
cks.connatix.com/
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d25%26ev%3dfddb0e4239674cab881846b90d9a1b4b%26pname%3dTripleLift%26api-tier%3d1%26uid%3d%24UID&gdpr=0
  • https://cks.connatix.com/cks?pid=25&ev=fddb0e4239674cab881846b90d9a1b4b&pname=TripleLift&api-tier=1&uid=689661242672352996219
131 B
243 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=25&ev=fddb0e4239674cab881846b90d9a1b4b&pname=TripleLift&api-tier=1&uid=689661242672352996219
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H3
Server
104.18.1.32 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a772ae382ed63d0ff9066f79ca6066847deede42ea279bb1a4e7b403e2adeb7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:08 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
7f6952627d662887-MIA
alt-svc
h3=":443"; ma=86400

Redirect headers

location
https://cks.connatix.com/cks?pid=25&ev=fddb0e4239674cab881846b90d9a1b4b&pname=TripleLift&api-tier=1&uid=689661242672352996219
date
Mon, 14 Aug 2023 12:50:05 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cks
cks.connatix.com/
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d6%26ev%3dfddb0e4239674cab881846b90d9a1b4b%26pname%3dAppNexus%26api-tier%3d1%26uid%3d%24UID&gdpr=0
  • https://cks.connatix.com/cks?pid=6&ev=fddb0e4239674cab881846b90d9a1b4b&pname=AppNexus&api-tier=1&uid=6125384915149995829&gdpr=0
128 B
240 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=6&ev=fddb0e4239674cab881846b90d9a1b4b&pname=AppNexus&api-tier=1&uid=6125384915149995829&gdpr=0
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H3
Server
104.18.1.32 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afacfe6ca991f962d8d1b38354172fdf8d2c2a7761b07cf9fc7099c165f2e78c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:08 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
7f6952628d772887-MIA
alt-svc
h3=":443"; ma=86400

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:05 GMT
an-x-request-uuid
3049a48b-63bd-43eb-a212-5cb92bba1662
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cks.connatix.com/cks?pid=6&ev=fddb0e4239674cab881846b90d9a1b4b&pname=AppNexus&api-tier=1&uid=6125384915149995829&gdpr=0
x-proxy-origin
38.132.118.69; 38.132.118.69; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 8A81
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=19564_2&endpoint=us-east&gdpr=0
  • https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east&gdpr=0
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east&gdpr=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.126.114.69 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-114-69.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 14 Aug 2023 12:50:05 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 14 Aug 2023 12:50:05 GMT
location
https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east&gdpr=0
server
AkamaiGHost
/
de.tynt.com/deb/ Frame FD1B
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3a%2f%2fcapi.connatix.com%2fcore%2fus%3fDemandPartner%3d37%26UserId%3dfddb0e4239674cab881846b90d9a1b4b%26DemandPartnerN...
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3a%2f%2fcapi.connatix.com%2fcore%2fus%3fDemandPartner%3d37%26UserId%3dfddb0e4239674cab881846b90d9a1b4b%26DemandPartnerName%3d_3...
2 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3a%2f%2fcapi.connatix.com%2fcore%2fus%3fDemandPartner%3d37%26UserId%3dfddb0e4239674cab881846b90d9a1b4b%26DemandPartnerName%3d_33Across%26tier%3d1%26DemandPartnerUserId%3d33XUSERID33X&gdpr=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip32.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
6162dd71cc216b9acc8dee776de2d410e90c08de94d85965e608da04c4a431fd

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
2207
content-type
text/html
date
Mon, 14 Aug 2023 12:50:05 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Mon, 14 Aug 2023 12:50:04 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3a%2f%2fcapi.connatix.com%2fcore%2fus%3fDemandPartner%3d37%26UserId%3dfddb0e4239674cab881846b90d9a1b4b%26DemandPartnerName%3d_33Across%26tier%3d1%26DemandPartnerUserId%3d33XUSERID33X&gdpr=0
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP016
x-33x-status
8340000A
userSync.js
ads.pubmatic.com/AdServer/js/ Frame 8C8F 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/userSync.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-e09f10f-a7b8af42.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.220.188.195 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-188-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf105a11e980fd6a1810ee3e340f707b21c47353fd7dd00401791678bf904381

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:05 GMT
content-encoding
gzip
last-modified
Tue, 21 Mar 2023 06:09:39 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=140602
accept-ranges
bytes
content-length
2358
expires
Wed, 16 Aug 2023 03:53:27 GMT
cks
cks.connatix.com/
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=561340&daaqp=1&ev=1&rurl=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d13%26ev%3dfddb0e4239674cab881846b90d9a1b4b%26pname%3dPulsePoint%26api-tier%3d1%26uid%3d%...
  • https://cks.connatix.com/cks?pid=13&ev=fddb0e4239674cab881846b90d9a1b4b&pname=PulsePoint&api-tier=1&uid=5TsF0pv5gg6c
122 B
236 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=13&ev=fddb0e4239674cab881846b90d9a1b4b&pname=PulsePoint&api-tier=1&uid=5TsF0pv5gg6c
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H3
Server
104.18.1.32 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca00caa096b2a33320843576a1132c745df4c6aeae3cf74410e562d4a2ff7a5f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:08 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
7f6952628d7a2887-MIA
alt-svc
h3=":443"; ma=86400

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://cks.connatix.com/cks?pid=13&ev=fddb0e4239674cab881846b90d9a1b4b&pname=PulsePoint&api-tier=1&uid=5TsF0pv5gg6c
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6f79b8d6bf-rnvd6
expires
-1
cks
cks.connatix.com/
Redirect Chain
  • https://i.ctnsnet.com/int/cm?exc=24&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d28%26ev%3dfddb0e4239674cab881846b90d9a1b4b%26pname%3dCrimtan%26api-tier%3d1%26uid%3d%5Buser_id%5D&gdpr=0
  • https://cks.connatix.com/cks?pid=28&ev=fddb0e4239674cab881846b90d9a1b4b&pname=Crimtan&api-tier=1&uid=070766d5b6024d57be3bf3175c375e95
142 B
251 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=28&ev=fddb0e4239674cab881846b90d9a1b4b&pname=Crimtan&api-tier=1&uid=070766d5b6024d57be3bf3175c375e95
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H3
Server
104.18.1.32 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51176aace8cc2d70bb4363c340721521ccd6b64d483ad0275af4a1aa075b8dfc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:08 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
7f6952628d782887-MIA
alt-svc
h3=":443"; ma=86400

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:05 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cks.connatix.com/cks?pid=28&ev=fddb0e4239674cab881846b90d9a1b4b&pname=Crimtan&api-tier=1&uid=070766d5b6024d57be3bf3175c375e95
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
cks
cks.connatix.com/
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d18%26ev%3dfddb0e4239674cab881846b90d9a1b4b%26pname%3dLoopMe%26api-tier%3d1%26uid%3D%7Bdevice_id%7D%26pubid%3D11186&gdpr=0
  • https://cks.connatix.com/cks?pid=18&ev=fddb0e4239674cab881846b90d9a1b4b&pname=LoopMe&api-tier=1&uid=d3b0ff90-af00-45c0-8b53-51476465188b&pubid=11186&gdpr=0
146 B
254 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=18&ev=fddb0e4239674cab881846b90d9a1b4b&pname=LoopMe&api-tier=1&uid=d3b0ff90-af00-45c0-8b53-51476465188b&pubid=11186&gdpr=0
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H3
Server
104.18.1.32 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a30bc832f9e95a6611f8642798e66637e5637b6b1f66ad48c2005f2d8dbe33b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:08 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
7f6952628d742887-MIA
alt-svc
h3=":443"; ma=86400

Redirect headers

location
https://cks.connatix.com/cks?pid=18&ev=fddb0e4239674cab881846b90d9a1b4b&pname=LoopMe&api-tier=1&uid=d3b0ff90-af00-45c0-8b53-51476465188b&pubid=11186&gdpr=0
date
Mon, 14 Aug 2023 12:50:05 GMT
server
_
content-length
0
712202.gif
id.rlcdn.com/ 		42 B
60 B 		Script
General
Check archive.org
Download Go to
Full URL
https://id.rlcdn.com/712202.gif?cparams=fddb0e4239674cab881846b90d9a1b4b&gdpr=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:05 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
cks
cks.connatix.com/
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=105&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d9%26ev%3dfddb0e4239674cab881846b90d9a1b4b%26pname%3dCentro%26api-tier%3d1%26uid%3d{userId}&...
  • https://cks.connatix.com/cks?pid=9&ev=fddb0e4239674cab881846b90d9a1b4b&pname=Centro&api-tier=1&uid=d6b17afb-b9dc-4997-9b71-8ab66aac7c4f-64da22f6-5553&gdpr=0
159 B
263 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=9&ev=fddb0e4239674cab881846b90d9a1b4b&pname=Centro&api-tier=1&uid=d6b17afb-b9dc-4997-9b71-8ab66aac7c4f-64da22f6-5553&gdpr=0
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H3
Server
104.18.1.32 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f53c80a725351dcb34aadc916fd1307993af19d79080c8902dba3f5725d56987

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:08 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
7f6952628d732887-MIA
alt-svc
h3=":443"; ma=86400

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:05 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://cks.connatix.com/cks?pid=9&ev=fddb0e4239674cab881846b90d9a1b4b&pname=Centro&api-tier=1&uid=d6b17afb-b9dc-4997-9b71-8ab66aac7c4f-64da22f6-5553&gdpr=0
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
partner
sync.search.spotxchange.com/ 		0
0
cks
cks.connatix.com/
Redirect Chain
  • https://ads.yieldmo.com/pbsync?is=smartnews&redirectUri=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d39%26ev%3dfddb0e4239674cab881846b90d9a1b4b%26pname%3dYieldMo%26api-tier%3d1%26uid%3D%24UID&gdpr=0
  • https://cks.connatix.com/cks?pid=39&ev=fddb0e4239674cab881846b90d9a1b4b&pname=YieldMo&api-tier=1&uid=3miJdzzTTJz59jIHRbNE&gdpr=0
130 B
244 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=39&ev=fddb0e4239674cab881846b90d9a1b4b&pname=YieldMo&api-tier=1&uid=3miJdzzTTJz59jIHRbNE&gdpr=0
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H3
Server
104.18.1.32 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
464ebe51a3d3b0a1d0fa645a63fb49a5689d0819fb19720e6e972127359df587

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:08 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
7f6952628d702887-MIA
alt-svc
h3=":443"; ma=86400

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:05 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://cks.connatix.com/cks?pid=39&ev=fddb0e4239674cab881846b90d9a1b4b&pname=YieldMo&api-tier=1&uid=3miJdzzTTJz59jIHRbNE&gdpr=0
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
cks
cks.connatix.com/
Redirect Chain
  • https://connatix-supply-partners.tremorhub.com/sync?UISCX=fddb0e4239674cab881846b90d9a1b4b&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d5%26ev%3dfddb0e4239674cab881846b90d9a1b4b%26pname%3dTel...
  • https://cks.connatix.com/cks?pid=5&ev=fddb0e4239674cab881846b90d9a1b4b&pname=Telaria&api-tier=1&uid=ce073d04b8f7443b931f017feaf2089e
141 B
249 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=5&ev=fddb0e4239674cab881846b90d9a1b4b&pname=Telaria&api-tier=1&uid=ce073d04b8f7443b931f017feaf2089e
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H3
Server
104.18.1.32 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdc3dd5008414b00c1eafae79784703f8943b59025430b2c934c609bfe22891c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:08 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
7f6952627d6b2887-MIA
alt-svc
h3=":443"; ma=86400

Redirect headers

location
https://cks.connatix.com/cks?pid=5&ev=fddb0e4239674cab881846b90d9a1b4b&pname=Telaria&api-tier=1&uid=ce073d04b8f7443b931f017feaf2089e
date
Mon, 14 Aug 2023 12:50:05 GMT
server
nginx
content-length
0
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
us
capi.connatix.com/core/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3672&_fw_gdpr=0&_fw_gdpr_consent=null&gdpr=0
  • https://capi.connatix.com/core/us?DemandPartner=33&DemandPartnerName=FreeWheel&DemandPartnerUserId=ff903db512675bdfecee7da554e85&_fw_gdpr=0&_fw_gdpr_consent=null&gdpr=0
0
231 B 		Script
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/us?DemandPartner=33&DemandPartnerName=FreeWheel&DemandPartnerUserId=ff903db512675bdfecee7da554e85&_fw_gdpr=0&_fw_gdpr_consent=null&gdpr=0
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H3
Server
104.18.1.32 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:08 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
7f69526248b031de-MIA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400

Redirect headers

Pragma
no-cache
Date
Mon, 14 Aug 2023 12:50:05 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://capi.connatix.com/core/us?DemandPartner=33&DemandPartnerName=FreeWheel&DemandPartnerUserId=ff903db512675bdfecee7da554e85&_fw_gdpr=0&_fw_gdpr_consent=null&gdpr=0
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1692017405678029-318
sync-iframe
cs-server-s2s.yellowblue.io/ Frame CC54 		676 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent={gdpr_consent}&redirect=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d24%26ev%3dfddb0e4239674cab881846b90d9a1b4b%26pname%3dIronSource%26api-tier%3d1%26uid%3d{partnerId}%26direct%3D1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
35.169.215.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-215-20.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
50edc908c356840c9b7a0542c960bfe76ec529c182d698dd49c137b68c8a2498

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
content-length
676
content-type
text/html
date
Mon, 14 Aug 2023 12:50:05 GMT
server
istio-envoy
x-envoy-upstream-service-time
4
cks
cks.connatix.com/
Redirect Chain
  • https://sync.colossusssp.com/1a1c07e870d45c05896c3f9e9973d4b4.gif?puid=fddb0e4239674cab881846b90d9a1b4b&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d34%26ev%3dfddb0e4239674cab881846b90d9a1b4b...
  • https://cks.connatix.com/cks?pid=34&ev=fddb0e4239674cab881846b90d9a1b4b&pname=Colossus&api-tier=1&uid=06bd7121-f814-4f9b-97d4-c7fa7b122477
146 B
254 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=34&ev=fddb0e4239674cab881846b90d9a1b4b&pname=Colossus&api-tier=1&uid=06bd7121-f814-4f9b-97d4-c7fa7b122477
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H3
Server
104.18.1.32 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
528e44f480dc7876814c1741a61e0848ba17d4aac33862afc3eb6544dde3dae2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:08 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
7f6952627d6e2887-MIA
alt-svc
h3=":443"; ma=86400

Redirect headers

Pragma
no-cache
Date
Mon, 14 Aug 2023 12:50:05 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx
Transfer-Encoding
chunked
Location
https://cks.connatix.com/cks?pid=34&ev=fddb0e4239674cab881846b90d9a1b4b&pname=Colossus&api-tier=1&uid=06bd7121-f814-4f9b-97d4-c7fa7b122477
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
cks
cks.connatix.com/
Redirect Chain
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d1%26ev%3dfddb0e4239674cab881846b90d9a1b4b%26pname%3dSundaySky%26api-tier%3d1%26uid%3d%24{ssky_uuid}&gdpr=0
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d1%26ev%3dfddb0e4239674cab881846b90d9a1b4b%26pname%3dSundaySky%26api-tier%3d1%26uid%3d%24{ssky_uuid}&gdpr=0&_...
  • https://cks.connatix.com/cks?pid=1&ev=fddb0e4239674cab881846b90d9a1b4b&pname=SundaySky&api-tier=1&uid=d6.c6d18bf56ac3495a947d70c47ef8dd85
144 B
253 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=1&ev=fddb0e4239674cab881846b90d9a1b4b&pname=SundaySky&api-tier=1&uid=d6.c6d18bf56ac3495a947d70c47ef8dd85
Requested by
Host: blank
URL: about:blank
Protocol
H3
Server
104.18.1.32 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f54d8a75a5931e0089161aeab1724055e53d1b4e187911d764dd69ca19babbf1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:09 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
7f695269febd2887-MIA
alt-svc
h3=":443"; ma=86400

Redirect headers

location
https://cks.connatix.com/cks?pid=1&ev=fddb0e4239674cab881846b90d9a1b4b&pname=SundaySky&api-tier=1&uid=d6.c6d18bf56ac3495a947d70c47ef8dd85
date
Mon, 14 Aug 2023 12:50:08 GMT
x-content-type-options
nosniff
content-length
0
x-frame-options
DENY
x-xss-protection
1; mode=block
cks
cks.connatix.com/
Redirect Chain
  • https://sync.resetdigital.co/csync?pid=connatix&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d35%26ev%3dfddb0e4239674cab881846b90d9a1b4b%26pname%3dResetDigital%26api-tier%3d1%26uid%3D%24USER_I...
  • https://cks.connatix.com/cks?pid=35&ev=fddb0e4239674cab881846b90d9a1b4b&pname=ResetDigital&api-tier=1&uid=00000109DACCAD8C
126 B
240 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=35&ev=fddb0e4239674cab881846b90d9a1b4b&pname=ResetDigital&api-tier=1&uid=00000109DACCAD8C
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H3
Server
104.18.1.32 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73c084e1dc6a9a42ecba9e4107c3fbe171b23a6993f74db4fa3b3fddac992ba7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:08 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
7f6952628d712887-MIA
alt-svc
h3=":443"; ma=86400

Redirect headers

location
https://cks.connatix.com/cks?pid=35&ev=fddb0e4239674cab881846b90d9a1b4b&pname=ResetDigital&api-tier=1&uid=00000109DACCAD8C
date
Mon, 14 Aug 2023 12:50:05 GMT
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
0
content-type
text/html
cks
cks.connatix.com/
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=connatix&cspid=25&append=0&cb=${ADELPHIC_CACHE_BUSTER}&redirect=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d29%26ev%3dfddb0e4239674cab881...
  • https://cks.connatix.com/cks?pid=29&ev=fddb0e4239674cab881846b90d9a1b4b&pname=Adelphic&api-tier=1&uid=bd84f5ab-78b1-42b1-95ee-05bf6d810cd4
146 B
253 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=29&ev=fddb0e4239674cab881846b90d9a1b4b&pname=Adelphic&api-tier=1&uid=bd84f5ab-78b1-42b1-95ee-05bf6d810cd4
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H3
Server
104.18.1.32 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2747aa72f214695477ed5e0e6e5db06d84a911e083a46eb7c7d01edb3fcb36e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:08 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
7f6952627d642887-MIA
alt-svc
h3=":443"; ma=86400

Redirect headers

Location
https://cks.connatix.com/cks?pid=29&ev=fddb0e4239674cab881846b90d9a1b4b&pname=Adelphic&api-tier=1&uid=bd84f5ab-78b1-42b1-95ee-05bf6d810cd4
Date
Mon, 14 Aug 2023 12:50:05 GMT
Connection
keep-alive
X-CI-RTID
c34f9458-0e3e-4bdb-bd0c-040c16ee0a67
Content-Length
177
Content-Type
text/html; charset=utf-8
us
capi.connatix.com/core/
Redirect Chain
  • https://sync.technoratimedia.com/services?srv=cs&source=connatix&uid=fddb0e4239674cab881846b90d9a1b4b&cb=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d26%26ev%3dfddb0e4239674cab881846b90d9a1b4b%26pn...
  • https://cks.connatix.com/cks?pid=26&ev=fddb0e4239674cab881846b90d9a1b4b&pname=Synacor&api-tier=1&uid=2129E09A41B14F3196FBE4892007BDC9&direct=1
  • https://capi.connatix.com/core/us?DemandPartner=26&DemandPartnerUserId=2129E09A41B14F3196FBE4892007BDC9&UserId=&tier=1
0
231 B 		Script
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/us?DemandPartner=26&DemandPartnerUserId=2129E09A41B14F3196FBE4892007BDC9&UserId=&tier=1
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H3
Server
104.18.1.32 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:09 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
7f695267a86f31de-MIA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Mon, 14 Aug 2023 12:50:08 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
location
https://capi.connatix.com/core/us?DemandPartner=26&DemandPartnerUserId=2129E09A41B14F3196FBE4892007BDC9&UserId=&tier=1
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
7f6952627d652887-MIA
alt-svc
h3=":443"; ma=86400
content-length
0
us
capi.connatix.com/core/ Frame 8C8F
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=7cf4c6c4-b915-4cbd-83cc-28c0f662a829&ph=51e220cb-8c97-4a65-b047-91c933b79b78&r=https%3a%2f%2fcapi.connatix.com%2fcore%2fus%3fDemandPartner%3d8%26UserId%3dfddb0e42...
  • https://capi.connatix.com/core/us?DemandPartner=8&UserId=fddb0e4239674cab881846b90d9a1b4b&DemandPartnerName=OpenX&tier=1&DemandPartnerUserId=60710af9-0165-4f6b-a934-3c2d28b54bfb
0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/core/us?DemandPartner=8&UserId=fddb0e4239674cab881846b90d9a1b4b&DemandPartnerName=OpenX&tier=1&DemandPartnerUserId=60710af9-0165-4f6b-a934-3c2d28b54bfb
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H3
Server
104.18.1.32 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:06 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
7f695257fa6731de-MIA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Mon, 14 Aug 2023 12:50:05 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://capi.connatix.com/core/us?DemandPartner=8&UserId=fddb0e4239674cab881846b90d9a1b4b&DemandPartnerName=OpenX&tier=1&DemandPartnerUserId=60710af9-0165-4f6b-a934-3c2d28b54bfb
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cksync
cs.media.net/ Frame 8C8F 		0
0
report
capi.connatix.com/us/google/ Frame 8C8F
Redirect Chain
  • https://capi.connatix.com/us/google/pixel?tier=1&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=connatix&google_hm=ZmRkYjBlNDIzOTY3NGNhYjg4MTg0NmI5MGQ5YTFiNGI&extra1=fddb0e4239674cab881846b90d9a1b4b&gdpr=0&google_redir=https%3a%2f%2fcapi.connatix....
  • https://capi.connatix.com/us/google/report?extra1=fddb0e4239674cab881846b90d9a1b4b&gdpr=0
82 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/us/google/report?extra1=fddb0e4239674cab881846b90d9a1b4b&gdpr=0
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H3
Server
104.18.1.32 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:07 GMT
cf-cache-status
DYNAMIC
server
cloudflare
surrogate-control
no-cache, no-store, must-revalidate, max-age=0
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
7f69525edc7e31de-MIA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:06 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://capi.connatix.com/us/google/report?extra1=fddb0e4239674cab881846b90d9a1b4b&gdpr=0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
4890
prebid.a-mo.net/cchain/2/ Frame 695E
Redirect Chain
  • https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_46728c7c51484919aba18
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F4890%3Fgdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D50478a0...
  • https://prebid.a-mo.net/cchain/2/4890?gdpr=0&gdpr_consent=&gpp=&gpp_sid=&us_privacy=&A=50478a03-0398-43f7-86fc-e8df8347d808&bidder=pubmatic&cbx=aHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZ...
919 B
461 B 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/cchain/2/4890?gdpr=0&gdpr_consent=&gpp=&gpp_sid=&us_privacy=&A=50478a03-0398-43f7-86fc-e8df8347d808&bidder=pubmatic&cbx=aHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9&uid=68531A78-C812-44CF-A2C6-1C611A476111
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.28.129.37 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
5920678648db4b6996fdf65c133bf9edc5825a2525018e77cd1be056e2fdabc6

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-length
429
content-type
text/html; charset=utf-8
date
Mon, 14 Aug 2023 12:50:05 GMT
server
envoy
vary
accept-encoding
x-envoy-upstream-service-time
1

Redirect headers

cache-control
no-store, no-cache, private
date
Mon, 14 Aug 2023 08:34:33 GMT
location
https://prebid.a-mo.net/cchain/2/4890?gdpr=0&gdpr_consent=&gpp=&gpp_sid=&us_privacy=&A=50478a03-0398-43f7-86fc-e8df8347d808&bidder=pubmatic&cbx=aHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9&uid=68531A78-C812-44CF-A2C6-1C611A476111
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
4890
prebid.a-mo.net/cchain/2/ Frame A5B2
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=K2fFfi9hxykwYpMvJDWMLiQ1kywwY5UufGq4dhFk
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F4890%3Fgdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D50478a0...
  • https://prebid.a-mo.net/cchain/2/4890?gdpr=0&gdpr_consent=&gpp=&gpp_sid=&us_privacy=&A=50478a03-0398-43f7-86fc-e8df8347d808&bidder=pubmatic&cbx=aHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZ...
919 B
519 B 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/cchain/2/4890?gdpr=0&gdpr_consent=&gpp=&gpp_sid=&us_privacy=&A=50478a03-0398-43f7-86fc-e8df8347d808&bidder=pubmatic&cbx=aHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9&uid=68531A78-C812-44CF-A2C6-1C611A476111
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.28.129.37 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
5920678648db4b6996fdf65c133bf9edc5825a2525018e77cd1be056e2fdabc6

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-length
429
content-type
text/html; charset=utf-8
date
Mon, 14 Aug 2023 12:50:05 GMT
server
envoy
vary
accept-encoding
x-envoy-upstream-service-time
1

Redirect headers

cache-control
no-store, no-cache, private
date
Mon, 14 Aug 2023 08:35:10 GMT
location
https://prebid.a-mo.net/cchain/2/4890?gdpr=0&gdpr_consent=&gpp=&gpp_sid=&us_privacy=&A=50478a03-0398-43f7-86fc-e8df8347d808&bidder=pubmatic&cbx=aHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9&uid=68531A78-C812-44CF-A2C6-1C611A476111
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
4890
prebid.a-mo.net/cchain/2/ Frame 38D6
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F4890%3Fgdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D50478a0...
  • https://prebid.a-mo.net/cchain/2/4890?gdpr=0&gdpr_consent=&gpp=&gpp_sid=&us_privacy=&A=50478a03-0398-43f7-86fc-e8df8347d808&bidder=pubmatic&cbx=aHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZ...
919 B
464 B 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/cchain/2/4890?gdpr=0&gdpr_consent=&gpp=&gpp_sid=&us_privacy=&A=50478a03-0398-43f7-86fc-e8df8347d808&bidder=pubmatic&cbx=aHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9&uid=68531A78-C812-44CF-A2C6-1C611A476111
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.28.129.37 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
5920678648db4b6996fdf65c133bf9edc5825a2525018e77cd1be056e2fdabc6

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-length
429
content-type
text/html; charset=utf-8
date
Mon, 14 Aug 2023 12:50:05 GMT
server
envoy
vary
accept-encoding
x-envoy-upstream-service-time
0

Redirect headers

cache-control
no-store, no-cache, private
date
Mon, 14 Aug 2023 12:50:05 GMT
location
https://prebid.a-mo.net/cchain/2/4890?gdpr=0&gdpr_consent=&gpp=&gpp_sid=&us_privacy=&A=50478a03-0398-43f7-86fc-e8df8347d808&bidder=pubmatic&cbx=aHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9&uid=68531A78-C812-44CF-A2C6-1C611A476111
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
4890
prebid.a-mo.net/cchain/2/ Frame 2355
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=aGQZVP-FWKlwqApFxMElgCaEdkU&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F4890%3Fgdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D50478a0...
  • https://prebid.a-mo.net/cchain/2/4890?gdpr=0&gdpr_consent=&gpp=&gpp_sid=&us_privacy=&A=50478a03-0398-43f7-86fc-e8df8347d808&bidder=pubmatic&cbx=aHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZ...
919 B
461 B 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/cchain/2/4890?gdpr=0&gdpr_consent=&gpp=&gpp_sid=&us_privacy=&A=50478a03-0398-43f7-86fc-e8df8347d808&bidder=pubmatic&cbx=aHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9&uid=68531A78-C812-44CF-A2C6-1C611A476111
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.28.129.37 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
5920678648db4b6996fdf65c133bf9edc5825a2525018e77cd1be056e2fdabc6

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-length
429
content-type
text/html; charset=utf-8
date
Mon, 14 Aug 2023 12:50:05 GMT
server
envoy
vary
accept-encoding
x-envoy-upstream-service-time
1

Redirect headers

cache-control
no-store, no-cache, private
date
Mon, 14 Aug 2023 12:50:05 GMT
location
https://prebid.a-mo.net/cchain/2/4890?gdpr=0&gdpr_consent=&gpp=&gpp_sid=&us_privacy=&A=50478a03-0398-43f7-86fc-e8df8347d808&bidder=pubmatic&cbx=aHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9&uid=68531A78-C812-44CF-A2C6-1C611A476111
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 7167
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:b7GxuppY1Qvx1d5&gdpr=0&gdpr_consent=
42 B
299 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:b7GxuppY1Qvx1d5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 14 Aug 2023 12:50:04 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Mon, 14 Aug 2023 12:50:04 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:b7GxuppY1Qvx1d5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/v2.0.30-788-g55788f4#dev-temp-decrease-retargeting-updates-batch i-0ab0ff645374717b0@us-east-1d@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
pbmtc.gif
beacon.lynx.cognitivlabs.com/ Frame 63B7
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=4976a760-2c51-4709-ab97-9734bb064b72&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=$...
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=68531A78-C812-44CF-A2C6-1C611A476111
42 B
491 B 		Document
General
Check archive.org
Download Go to
Full URL
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=68531A78-C812-44CF-A2C6-1C611A476111
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.225.185.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-225-185-242.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
42
Content-Type
image/gif
Date
Mon, 14 Aug 2023 12:50:05 GMT
Server
Kestrel

Redirect headers

cache-control
no-store, no-cache, private
date
Mon, 14 Aug 2023 12:50:04 GMT
location
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=68531A78-C812-44CF-A2C6-1C611A476111
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
usersync
usersync.gumgum.com/ Frame BB6A 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=68531A78-C812-44CF-A2C6-1C611A476111
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 14 Aug 2023 12:50:05 GMT
Expires
0
Pragma
no-cache
syncMe
synchroscript.deliveryengine.adswizz.com/ Frame A8B5 		0
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://synchroscript.deliveryengine.adswizz.com/syncMe?partnerDomain=mrtnsvr.com&idType=cookie&partnerUserId=68531A78-C812-44CF-A2C6-1C611A476111&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.167.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-167-103.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 12:50:05 GMT
X-Clacks-Overhead
GNU Terry Pratchett
X-Adswizz-request-id
17eeb690-3aa1-11ee-a41d-02b039773fd7
Connection
keep-alive
Content-Length
0
X-Application-Context
application:production
Instance-id
i-017c2ea39f007a0d9
362358.gif
idsync.rlcdn.com/ Frame A8B5
Redirect Chain
  • https://idsync.rlcdn.com/712188.gif?partner_uid=68531A78-C812-44CF-A2C6-1C611A476111&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEPdxJRs8PtM3FvV6x6ALtUk&google_cver=1
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEPdxJRs8PtM3FvV6x6ALtUk&google_cver=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:08 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:06 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEPdxJRs8PtM3FvV6x6ALtUk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gdpr_consent=
bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=68531A78-C812-44CF-A2C6-1C611A476111/gdpr=0/ Frame A8B5 		49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=68531A78-C812-44CF-A2C6-1C611A476111/gdpr=0/gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.126.51 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-126-51.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:05 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.13.54
content-length
49
expires
0
receive
pixel.tapad.com/idsync/ex/ Frame A8B5 		95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3203&partner_device_id=68531A78-C812-44CF-A2C6-1C611A476111&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:05 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
sync
x.bidswitch.net/ Frame A8B5
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://t.pswec.com/bsw_sync?ssp=pubmatic&bsw_user_id=2ec00d2e-f53c-465e-92d3-2beaa816ca85
  • https://t.pswec.com/ul_cb/bsw_sync?ssp=pubmatic&bsw_user_id=2ec00d2e-f53c-465e-92d3-2beaa816ca85
  • https://x.bidswitch.net/sync?dsp_id=2&user_id=72e3f5f2-3329-4388-a3c9-21dc461f90f0&expires=3&user_group=1&ssp=pubmatic
0
0
Pug
simage2.pubmatic.com/AdServer/ Frame A8B5
Redirect Chain
  • https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMTUmdGw9MTI5NjAw&piggybackCookie=cuid_12bd8522-3aa1-11ee-a1cc-125335d52042&gdpr=0
42 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMTUmdGw9MTI5NjAw&piggybackCookie=cuid_12bd8522-3aa1-11ee-a1cc-125335d52042&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 14 Aug 2023 12:50:06 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMTUmdGw9MTI5NjAw&piggybackCookie=cuid_12bd8522-3aa1-11ee-a1cc-125335d52042&gdpr=0
date
Mon, 14 Aug 2023 12:50:05 GMT
content-type
text/plain
sn.ashx
pmp.mxptint.net/ Frame A8B5
Redirect Chain
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R35CAB_10765A342_12CAFEAE&r=https://pmp.mxptint.net/sn.ashx?ak=1
  • https://pmp.mxptint.net/sn.ashx?ak=1
43 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pmp.mxptint.net/sn.ashx?ak=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
38.68.201.140 Levittown, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=-375022208; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Expires
-1
Pragma
no-cache
Date
Mon, 14 Aug 2023 12:50:07 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=-375022208; includeSubDomains
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://pmp.mxptint.net/sn.ashx?ak=1
date
Mon, 14 Aug 2023 12:50:07 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
image2.pubmatic.com/AdServer/ Frame A8B5
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=d6b17afb-b9dc-4997-9b71-8ab66aac7c4f-64da22f6-5553&gdpr=0&gdpr_consent=
42 B
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=d6b17afb-b9dc-4997-9b71-8ab66aac7c4f-64da22f6-5553&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 14 Aug 2023 08:35:28 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:05 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=d6b17afb-b9dc-4997-9b71-8ab66aac7c4f-64da22f6-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
/
onetag-sys.com/usync/ Frame 672A 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/29f836b1c2dd7f7b?ct=1&ruidm=1&du=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D181225%26dsp%3D629319%26t%3Diframe%26uid%3D%24UID%26us_privacy%3D1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
8950135653803379998
s0.2mdn.net/simgad/ Frame 06C0 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/8950135653803379998
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-e09f10f-a7b8af42.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2006 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b3bac03a5bc56738777270044fbb3533821f7d05b1a754be455e684e39a5f1bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:04:05 GMT
x-content-type-options
nosniff
age
9960
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66393
x-xss-protection
0
last-modified
Thu, 23 Feb 2023 21:35:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 13 Aug 2024 10:04:05 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230809/r20110914/ Frame 06C0 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230809/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-e09f10f-a7b8af42.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d44eef42468aa9860e7e4d534a143260ab1d102607635a2f30483d0c039686f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:34:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
8146
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11540
x-xss-protection
0
server
cafe
etag
10407724091878522853
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 28 Aug 2023 10:34:19 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230809/r20110914/elements/html/ Frame 06C0 		11 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230809/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-e09f10f-a7b8af42.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:34:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
8146
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4196
x-xss-protection
0
server
cafe
etag
15907914729094346842
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 28 Aug 2023 10:34:19 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 06C0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstg7BZtbczcjWtjPgsOc-994Wzl9Fb3Gjn52IORA0jrqtZaY7jXY_kPiD9UM8nlGWCqMYC4KbwAf7xQUPT6200gVyvBwpe1Vw6pKLEM4-zYF5X73dhLT604s4bZsriUFUt1B39EqRh8qMMk50e_9ZOVukv9bRMrrjWRTzOp9swyEPIVbSc1M5I7o25q9VZttk9CLplSD8yfx1OKuNEPcZ6ZszyEmTbYkBMSKMXxU8OvRsOS2VVHIcZpD93oltYYg2Ja2mPfQTfWeq9oYHhhoaSSuqUH15OwxvUPLM-AONlm0TQmqGqnmryTNpV8PPZQmWTqf1oz0h0_Icxv56iemeM4wmJH07KJW8Z4hMi_y4YekT6cBnG1fPr1Cf5uATvyIlpHo7Kjv-2lw-VW3_aOju0vnLrAw2vDv0cZm7dHJQPN_HaE4wgsbCaeffqNR0I_ovCiETLu1BNFqX_rm25n5x-j3Lhh0KKPPztm2kgnxJf8Bow2K277iXLZ6eU0rFyKd1pZ_Z3CUXGwfeIanFwLhPp_HQqmdfZ3X59_p7k7tsWdsnpq64ELP9i8G90c-GzcSX_AVLDd6auW4q7Qd7n1HNr9SMVwyALFcvdTsaj2a7qolvWpFrMdo4tB_XAEot-EixJYERAXpBcQ69QqTOu4TYfvUoKZ7awX8zcTz5v1ijqBrlcJfxpyC56wXzIKbgt7WWve-4ls06f_4J1XWkcwk_ALL3X3XTWQJE1JTlgqSc0Gd3QamOMUysR1fa7288R_Fi_q7A56nSQ3AdCHrHb4GOGB_Q-V1mtOIc9mK-TTWzpbT_xXp_7IuDY-QySIMCGNk6KahCEo0aMjawcfQbyWwcqOiH2nkZAo2z1V3ASCI6fReYjgdlfr3-azsqlIluNmvToYH9dVkHs880jzMdEZ716_0TbmRAY6M26sP8OfYN9up-w7jgMVgl2yauXEnOoAUNn_0YKCLT_VSlrxTNQQg5kR0-BfDJa6ZFcjN6rKGblyXOIaHUmjLqkNqfyePHj_KSAjWbNHMWf-kUf9sf502uO0VnCtjyO9U35H1tewsBmxfdoYfOKQw_ZTQ0YxBbEybOKXZyUB4ysS6OjACTWibG2sAVTnNscnoBdNQtJ9RfUT071Pamn8gkb4V4zLrTpXwdn_nz85XbS2tkCRWDsba2hYnHFXPExjcuuGuswIL3DDrTkw-8NUmgLffJtaTEzMmx_-BAKbMHYofan-99lgbRU5WBpjISEiwoauh6VwQUfy_OGxoXNo9O86LnXELBFX0TJg-jwbkVQuoAbWxyrJWC6eKSR6nIvJQZbyHj2lxJZJ&sai=AMfl-YRSK2mKT_0lFsCwWsjPNgXVKua5pG7HusG_9fK73M8IeVPA-xiOh_OlRCcfREuM-uQBGkQ5seEbrpFHFoXGn98SDeLQiuCkRF1i7p3g1RkIHeJbkArGMhZzT3854HP_9srlXJ9279sIIOFn0s93madRXs5XNLFrXXRcuodjDI1aMKkgh5QJjbaWf5vvnH8BcD01ygkuGj5akXrSDPc_JdbVsybtPRPZfG01hiZO2KkwvILqn53BlLkyYUzS76HiGipwMtmh7Gs5CYhdla1Quri0UmKBw7ix3Joy_3H2WA_uFKbzkR6KUzu9fbLP&sig=Cg0ArKJSzEZdduxhrDqgEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=3&cbvp=1&cstd=1&cisv=r20230809.81838&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-e09f10f-a7b8af42.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.35.162 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 14 Aug 2023 12:50:05 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Mon, 14 Aug 2023 12:50:05 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 06C0 		41 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-e09f10f-a7b8af42.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:34:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
8146
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 13 Aug 2024 10:34:19 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 1E18 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com
URL: https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
7953
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 14 Aug 2023 10:37:32 GMT
etag
48472445140208031
expires
Tue, 15 Aug 2023 10:37:32 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230809/r20110914/ Frame A761 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230809/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-e09f10f-a7b8af42.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d44eef42468aa9860e7e4d534a143260ab1d102607635a2f30483d0c039686f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:34:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
8146
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11540
x-xss-protection
0
server
cafe
etag
10407724091878522853
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 28 Aug 2023 10:34:19 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230809/r20110914/elements/html/ Frame A761 		11 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230809/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-e09f10f-a7b8af42.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:34:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
8146
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4196
x-xss-protection
0
server
cafe
etag
15907914729094346842
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 28 Aug 2023 10:34:19 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame A761 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssbGdpgPQBRciChit3bLu1Sa_lxAyx7B6BPe6OrOuzCxoANuDjOKMJeIBH9qBkqiGswVvzVhbZM2mBNH9z-7wNN6J7vL78aHVIF9RL6z1dHmfrZxqqSV6XXuwr10OqGsLf4VA56BGVy2FYlo0DJetc3J_20ZagOQXBhfpYW_c2uayvodTjdpIVcErQWDhcgOcN_912lWoRrsy6rrQBI3xOCJRM9YMCZHe9HQBEgtyoDAcQtY9yytCyxImdaw0LPsmCuyRcBtpKmEpGvT3kHZumlGYmLcfIX7ZJvGeAFlxFPJxZWQl3BWNv-D5BJ_mdiJxmdT5M4tNTj7aDT2hb7raQGJBZ4xeSDt85s-eUoU7jCplogDcS7iX2zTmAapPV4YK9pjTn-pUB2o2GbcvTeytYFo07eXojID51Um87qoQ8WA5k7Zhv0wKmpNgnFFiojJw-H69yiVtH2PwuK7DXb8uwf17J_8-3buuF_oqjm-57rCsgzBH1KN3w5SCQ8bRrAU-qWhp1wSBoq3BlJLJHf6e78mL7dD-h0LLXSRYlyK0XWgbb4pq8VV8V8zRh5Hp3eN-_r5qXUCJlrAc2RoRVqsHFyGOWfORqS83M4wnTAbclDo7evB49YDUcIicJ4fXAvuLdPn9ggs7gnFe_DBz0rN2aaToVebqZ7jiSjCu_qSa5dVR5io57BQHoSWLdbzWUUe-bI5HWrNAA_dOgW9oincAeytE_tKmTbJfk8BExXV6ZKpET-fgGo3LvleX4FfOLqQHqfjec5vWXuacDyb8eUNFrDTupuSDkZQochJmdAEFSCNKRaz9laAIuKFhUCwYQqiZQRky2K5b0mPT-3gSe_EIY3Se0_I1L3JPVsn1YUfXR7IRt2Kf_BqZqU-kXbWjJjicRQ2LuvAQLhO7VUXuEGBsrzQN2H5sYw4xxN5Qk5l7G1-yIPkr4udO_O650BfHM2Wrh2JyM_atuhrreFUj0qUkc7Gom_cfexJDrD_VS7_IUFuqLuINX9clhZQ8iYm9XhuMh4L9MZdkb3RPxefdYhlWxYkhQUEXJjiSkAyfJWcsJOC6vbbhGhwk9JSnbv3eEaKJjcMsbj0cckwzdXZBSDH8bGrVvEdxurriAHuX48nVolbNU6LkavHqs2AFTLmCMEnwkKD2xv8z4SiE3FW0XVFu9FYY3v0pN40i5LTsdU8_afcUwaJL3CF756DmV8pM6nGz1sLlI_f6AjspjudwvzV4GnC38lPnJk3Ft7umeQaO9FGvBliZn36r8894UQukiZpLk4DqXAr2la4KY34P1whnTSsYCzxr4uVjuM50tOzgdhXbf2qQ&sai=AMfl-YRyGcf6aaWY1ohzPcUQSdajtoDcg7oHr-s2HCsWGgNK8j_oaXGFkWYAbkf8WcsTQjjTnW3Myfp8-Mr7CG8IaiwX5CXtoEyplGpMpV5PSKvRey7VExAxwHl2T45DTftgfsGxPwdRNiun2meX-xE-euZaliCGp1X68mXwUEHe1Y4icsGX7vL_9ZO4FVI4wFuaA-ZkAM2eCzzFtWek9b9ZFEpw62eoYBdGw44qAa69dbjagVRc2b8dQFrRbVmqvXk8TUPn3qj14aN2jxYXPXRww7g31x9iNlUpg0x1cBvYV11HcfW-jrD75fLHLmnu&sig=Cg0ArKJSzAhIBbkGmRCGEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=3&cbvp=1&cstd=0&cisv=r20230809.63372&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-e09f10f-a7b8af42.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.35.162 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 14 Aug 2023 12:50:05 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Mon, 14 Aug 2023 12:50:05 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame A761 		41 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-e09f10f-a7b8af42.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:34:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
8146
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 13 Aug 2024 10:34:19 GMT
6385199223177219897
s0.2mdn.net/simgad/ Frame A761 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/6385199223177219897
Requested by
Host: 0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com
URL: https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2006 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db1981be22673e5790a92b01d69a58e44cde6da72e74dd655c8306ba550e48b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 10 Aug 2023 16:40:59 GMT
x-content-type-options
nosniff
age
331746
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
87089
x-xss-protection
0
last-modified
Wed, 15 Mar 2023 16:55:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 09 Aug 2024 16:40:59 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 6A7E 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com
URL: https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
7953
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 14 Aug 2023 10:37:32 GMT
etag
48472445140208031
expires
Tue, 15 Aug 2023 10:37:32 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 7F85 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5f2f38673f92650aca0a73abea2cdb36fd3e9c8d9ac3ad3adc1c4c212c93908b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/png
PugMaster
image6.pubmatic.com/AdServer/ Frame A8B5 		311 B
685 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=42110864&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
51007da9a4b314714c54327142ca37d1d77cc6386e63342e53e1017d72953e50

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 14 Aug 2023 12:50:04 GMT
content-length
311
content-type
text/html; charset=UTF-8
usync.js
eus.rubiconproject.com/ Frame EC11 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.126.114.69 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-114-69.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
79174ee77b6396cce4fcb7cb25caa2eef27936e6d5dc920a88ea4dfe47e179cb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 12:50:06 GMT
Content-Encoding
gzip
Last-Modified
Mon, 14 Aug 2023 09:42:34 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=75181
Connection
keep-alive
Content-Length
10116
Expires
Tue, 15 Aug 2023 09:43:07 GMT
6_media.bin
vid.connatix.com/pid-8ae371c3-0e93-499d-a72c-f743029599b4/60764267-557e-410f-85cb-f102d92ee134/c7a5dbe6-871a-4dee-b75e-a557904de08d/ Frame 8C8F 		500 B
766 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/pid-8ae371c3-0e93-499d-a72c-f743029599b4/60764267-557e-410f-85cb-f102d92ee134/c7a5dbe6-871a-4dee-b75e-a557904de08d/6_media.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.0.32 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccd674114f5bfac6da7d95223aeb8afc1468211b3f9c5db7b4abbc8f4fd8ebf4

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:06 GMT
content-encoding
br
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 04 Aug 2023 08:54:19 GMT
server
cloudflare
etag
W/"345d7bd7e858f02337b5d0f9ff6f7599"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
*
content-type
application/x-protobuf
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age
86400
cf-ray
7f695254ca3f8df0-MIA
access-control-allow-headers
range
xpid
8ae371c3-0e93-499d-a72c-f743029599b4
expires
Tue, 13 Aug 2024 12:50:06 GMT
insights.bin
ins.connatix.com/437e6cc0dd37dcb2a8e67c567d10eeb7/ Frame 8C8F 		468 B
605 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ins.connatix.com/437e6cc0dd37dcb2a8e67c567d10eeb7/insights.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.0.32 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06e61149224364185510140a22c17735023300f0731d3718f52439ffd7cb4e09

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:06 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 13 Apr 2023 11:53:20 GMT
server
cloudflare
etag
W/"a327df3debdb75ebbace9365a1fb967e"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/x-protobuf
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
vary
Accept-Encoding
cf-ray
7f695254dcac6daa-MIA
alt-svc
h3=":443"; ma=86400
expires
Tue, 13 Aug 2024 12:50:06 GMT
lt.min.js
tags.crwdcntrl.net/lt/c/15238/ Frame 08FC 		58 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-34.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c83ae168153d6d218a83314b17dc5a145e5860f34f1fe9a2863a4b75d7aa5e88

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:15:10 GMT
content-encoding
gzip
via
1.1 c3e66686bc7ab6e675ee9210e15097b6.cloudfront.net (CloudFront)
last-modified
Wed, 31 May 2023 20:08:40 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
age
2097
etag
W/"0c967603b7e4d32b78b7ca772270a5c4"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
e23UOOgzetufzs_zQhOW434ZYBKaIswz-r95AeCQXbhIj565jHX1-w==
PugMaster
image6.pubmatic.com/AdServer/ Frame BEEC 		47 B
226 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=66761936&p=156423&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=1---&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D1---%26bidder_id%3D25%26external_user_id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 14 Aug 2023 12:50:05 GMT
content-length
47
content-type
text/html; charset=UTF-8
truncated
/ 		331 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		740 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7a9054758a4808c97c188f5be469879eef19a2f7cbd9bb0e740cee3199a6c747

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		384 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		782 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5028f77ac0afdac1bb66eaeeef41e77cea0f2487a66cb1df354d8680db1bb64e

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		395 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		449 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f86a1105ed755e9ae9b75708a5b19d5c478212605b9f8d7c98796b451de18c63

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		480 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		577 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
observe.aniview.com/api/adserver/tag/ 		30 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://observe.aniview.com/api/adserver/tag/?AV_SUBID=770&AV_CDIM1=AR_3%23FMS_CP_1&AV_UID=1f540418900875db86133ee7ff09261b&AV_CDIM2=11741-89554-81574&AV_CDIM3=5192484&AV_CDIM4=footer&AV_CCPA=1---&AV_CDIM5=11741-89554-81574%2C12756-0-&AV_CDIM6=undefined&AV_SCHAIN=1.0%2C1!outbrain.com%2C004212d4e187697bc2ce1a454fa06c19d2%2C1%2C%2C%2C&AV_SECURED=1&AV_DNTCHECK=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&AV_PUBLISHERID=58a5addb28a0612d3529bc5e&AV_CHANNELID=5b50b14e28a0613c4969bad3&tgt=0&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=nypost.com&AV_DADPOS=3&AV_GPID=/58a5addb28a0612d3529bc5e/5b50b14e28a0613c4969bad3/nypost.com&d36=6.2.119&responsive=1&sver=4&avtoken=406620&omv=1.0.1&clsid=82397c33-8b72-4724-add7-ecf81adc531d&rando=71&AV_WIDTH=728&AV_HEIGHT=409&AV_CCPA=1---&AV_DNT=0&cb=1692017406626&wfc=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.232.39.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-39-216.compute-1.amazonaws.com
Software
/
Resource Hash
8724e163f7c61a4290b6bf50e9a6680aba5f5eb7b14e21fef82b905f4b1127a1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:06 GMT
x-bamboo-c-skst
1
content-encoding
gzip
x-bamboo-c-skfe
1
x-bamboo-c-s
BYPASS
access-control-max-age
1728000
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
access-control-allow-origin
https://nypost.com
content-type
application/json
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
expires
Wed, 02 Aug 2023 23:03:26 GMT
track
track1.aniview.com/ 		0
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=nypost.com&sn=770&cd1=AR_3%23FMS_CP_1&cd2=11741-89554-81574&cd3=5192484&cd4=footer&cd5=11741-89554-81574%2C12756-0-&cd6=undefined&ic=0&tgt=0&app=&wi=728&he=409&test=&d36=6.2.119&apppkg=&fv=3&proto=https&clsid=82397c33-8b72-4724-add7-ecf81adc531d&rando=71&pid=58a5addb28a0612d3529bc5e&cid=5b50b14e28a0613c4969bad3&stagid=&stplid=&e=inventory&vi=0&cb=1692017406624
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.206.193.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-193-111.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:06 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame 7F22
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=969188718189332721
42 B
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=969188718189332721
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 14 Aug 2023 08:22:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Mon, 14 Aug 2023 12:50:06 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=969188718189332721
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
dcm
s.amazon-adsystem.com/ Frame 2A4B 		43 B
0 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=68531A78-C812-44CF-A2C6-1C611A476111&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 14 Aug 2023 12:50:06 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
EQQSAKR3GNMZ20D47F2J
ImgSync
image8.pubmatic.com/AdServer/ Frame 3F7F
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCRkNrN0p0RVlBQUNWQWJ6N0RzZw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Csyn%2Cpm&bee_sync_current_partner=adx&b...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AABFCk7JtEYAACVAbz7Dsg&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Csyn%252C...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Csyn%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=8978801468337922557&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?ev=AABFCk7JtEYAACVAbz7Dsg&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D8978801468337922557%26gdpr%3D0%26gdpr_consen...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=8978801468337922557&gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=A...
  • https://sync.technoratimedia.com/services?uid=AABFCk7JtEYAACVAbz7Dsg&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D8978801468337922557%26gdpr%3D0%26gdpr%3D0%...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=8978801468337922557&gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=4
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABFCk7JtEYAACVAbz7Dsg&gdpr=0
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.32 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private,max-age=86400
date
Mon, 14 Aug 2023 12:50:07 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Mon, 14 Aug 2023 08:22:48 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 5645
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6125384915149995829&gdpr=0&gdpr_consent=
42 B
0 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6125384915149995829&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 14 Aug 2023 12:50:05 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
44a5223b-1197-461a-9be0-93a22d793308
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Mon, 14 Aug 2023 12:50:06 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6125384915149995829&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
38.132.118.69; 38.132.118.69; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame C396
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=17c778fa-3aa1-11ee-969c-688d4aa15bb1
42 B
0 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=17c778fa-3aa1-11ee-969c-688d4aa15bb1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 14 Aug 2023 12:50:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
0
content-type
image/gif
date
Mon, 14 Aug 2023 12:50:06 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=17c778fa-3aa1-11ee-969c-688d4aa15bb1
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
lga-delivery-7
ecm3
s.amazon-adsystem.com/ Frame 5381 		43 B
0 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID68531A78-C812-44CF-A2C6-1C611A476111
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 14 Aug 2023 12:50:06 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
H422M7AXNGEANNTJBH28
insync
thrtle.com/ Frame 01F1
Redirect Chain
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=68531A78-C812-44CF-A2C6-1C611A476111&gdpr=0&gdpr_consent=
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=68531A78-C812-44CF-A2C6-1C611A476111&vxii_pid=12&vxii_pid1=10067&vxii_rcid=de765c3a-92e4-4cce-bc41-547a1c0e8c53
43 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=68531A78-C812-44CF-A2C6-1C611A476111&vxii_pid=12&vxii_pid1=10067&vxii_rcid=de765c3a-92e4-4cce-bc41-547a1c0e8c53
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
23.23.38.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-23-38-193.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

p3p
CP="NOI OUR BUS UNI COM NAV"
date
Mon, 14 Aug 2023 12:50:08 GMT
content-length
43
content-type
image/gif

Redirect headers

location
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=68531A78-C812-44CF-A2C6-1C611A476111&vxii_pid=12&vxii_pid1=10067&vxii_rcid=de765c3a-92e4-4cce-bc41-547a1c0e8c53
date
Mon, 14 Aug 2023 12:50:06 GMT
content-type
text/html; charset=utf-8
content-length
211
p3p
CP="NOI OUR BUS UNI COM NAV"
sd
us-u.openx.net/w/1.0/ Frame 01F1 		43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=540245193&val=68531A78-C812-44CF-A2C6-1C611A476111&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:06 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
Martin
crb.kargo.com/api/v1/dsync/ Frame 01F1 		43 B
504 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crb.kargo.com/api/v1/dsync/Martin?exid=68531A78-C812-44CF-A2C6-1C611A476111&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.202.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-156-202-94.compute-1.amazonaws.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Aug 2023 12:50:06 GMT
X-Accel-Expires
0
Vary
Origin
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 UTC
sync
sync.bfmio.com/ Frame 01F1 		0
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=187&uid=68531A78-C812-44CF-A2C6-1C611A476111&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.201.165.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-201-165-221.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Connection
keep-alive
Date
Mon, 14 Aug 2023 12:50:06 GMT
ImgSync
image8.pubmatic.com/AdServer/ Frame 01F1
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=bd84f5ab-78b1-42b1-95ee-05bf6d810cd4&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0
15581
rtb.gumgum.com/usync/ Frame 7CE7 		2 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D9e327913d98873c4%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/29f836b1c2dd7f7b?ct=1&ruidm=1&du=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D181225%26dsp%3D629319%26t%3Diframe%26uid%3D%24UID%26us_privacy%3D1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.236.116.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-236-116-166.compute-1.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Mon, 14 Aug 2023 12:50:06 GMT
etag
W/"0d736e2d87c176a3eae9126f5ccae42bb"
server
nginx
timing-allow-origin
*
sync
eb2.3lift.com/ Frame 68DA 		1 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/29f836b1c2dd7f7b?ct=1&ruidm=1&du=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D181225%26dsp%3D629319%26t%3Diframe%26uid%3D%24UID%26us_privacy%3D1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1315
content-type
text/html; charset=utf-8
date
Mon, 14 Aug 2023 12:50:06 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
user-sync
sync.adkernel.com/ Frame D94F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=181225&dsp=629319&t=iframe&uid=ABW-WjS5792nvVMg&us_privacy=1---
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/29f836b1c2dd7f7b?ct=1&ruidm=1&du=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D181225%26dsp%3D629319%26t%3Diframe%26uid%3D%24UID%26us_privacy%3D1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Age
0
Cache-Control
no-store
Connection
close
Content-Length
0
Date
Mon, 14 Aug 2023 12:50:06 GMT
Pragma
no-cache
Server
nginx
cksync.php
contextual.media.net/ Frame CC54 		61 B
458 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=25&type=ris&ovsid=%7B%7BAPID%7D%7D&redirect=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11585%26id%3D%3Cvsid%3E
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent={gdpr_consent}&redirect=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d24%26ev%3dfddb0e4239674cab881846b90d9a1b4b%26pname%3dIronSource%26api-tier%3d1%26uid%3d{partnerId}%26direct%3D1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 14 Aug 2023 12:50:07 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Mon, 14 Aug 2023 12:50:07 GMT
us
capi.connatix.com/core/ Frame CC54
Redirect Chain
  • https://cks.connatix.com/cks?pid=24&ev=fddb0e4239674cab881846b90d9a1b4b&pname=IronSource&api-tier=1&uid=V83JJ1Ctkp_s&direct=1
  • https://capi.connatix.com/core/us?DemandPartner=24&DemandPartnerUserId=V83JJ1Ctkp_s&UserId=&tier=1
0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/core/us?DemandPartner=24&DemandPartnerUserId=V83JJ1Ctkp_s&UserId=&tier=1
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent={gdpr_consent}&redirect=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d24%26ev%3dfddb0e4239674cab881846b90d9a1b4b%26pname%3dIronSource%26api-tier%3d1%26uid%3d{partnerId}%26direct%3D1
Protocol
H3
Server
104.18.1.32 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:07 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
7f69525edc7b31de-MIA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Mon, 14 Aug 2023 12:50:06 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
location
https://capi.connatix.com/core/us?DemandPartner=24&DemandPartnerUserId=V83JJ1Ctkp_s&UserId=&tier=1
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
7f695258499425a1-MIA
alt-svc
h3=":443"; ma=86400
content-length
0
config.json
player.adtelligent.com/exchange_rates/279896/ Frame 4655 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/exchange_rates/279896/config.json?cb=https%3A%2F%2Fnypost.com
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_13401.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
d08a462cc6905c4b94c42daaad21ea311687b42726c59022912a614f2ffb564e

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

expires
Wed, 16 Aug 2023 12:50:06 GMT
date
Mon, 14 Aug 2023 12:50:06 GMT
content-encoding
gzip
last-modified
Sun, 13 Aug 2023 12:02:18 GMT
server
nginx
etag
W/"64d8c64a-857"
content-type
application/json
access-control-allow-origin
https://nypost.com
cache-control
max-age=172800
x-proxy-cache
HIT
apstag.js
c.amazon-adsystem.com/aax2/ Frame 4655 		0
0
grumi.js
rumcdn.geoedge.be/35362513-af22-4abd-a2c3-bcf6c62814c8/ Frame 4655 		0
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame D6A7 		1 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com
URL: https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
7954
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 14 Aug 2023 10:37:32 GMT
etag
48472445140208031
expires
Tue, 15 Aug 2023 10:37:32 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 06C0 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3cd5b87f13a06af310cd255c3f25a0fd0d5bc37de6db7a2e4fdd840e5bfc8b64

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/png
um
sync.e-planning.net/ Frame CF6D
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=eplanning_east&khaos=LLAVGYIH-G-GET7
  • https://sync.e-planning.net/um?uid=LLAVGYIH-G-GET7&dc=9bcc91305985f0db&iss=1
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?uid=LLAVGYIH-G-GET7&dc=9bcc91305985f0db&iss=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

server
openresty
date
Mon, 14 Aug 2023 12:50:08 GMT
content-type
image/gif

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.e-planning.net/um?uid=LLAVGYIH-G-GET7&dc=9bcc91305985f0db&iss=1
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
03d4828e33e22cf7b4098c5a68746480
Expires
0
truncated
/ Frame A17B 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aec372219e477fec213219a0d207b00d233b03cc0bc3e2af3840a67f571b9213

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/png
i.match
a.tribalfusion.com/ Frame AE2F 		43 B
0 		Document
General
Check archive.org
Download Go to
Full URL
https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7f695259cc5d0971-MIA
content-length
43
content-type
image/gif; charset=utf-8
date
Mon, 14 Aug 2023 12:50:07 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302
ImgSync
image8.pubmatic.com/AdServer/ Frame ADBE
Redirect Chain
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=68531A78-C812-44CF-A2C6-1C611A476111&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.32 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private,max-age=86400
date
Mon, 14 Aug 2023 12:50:07 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Mon, 14 Aug 2023 12:50:07 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame C080
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 14 Aug 2023 12:50:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Mon, 14 Aug 2023 12:50:07 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
ImgSync
image8.pubmatic.com/AdServer/ Frame F990
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=6
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=813726672749
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.32 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private,max-age=86400
date
Mon, 14 Aug 2023 12:50:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Mon, 14 Aug 2023 12:50:06 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
ImgSync
image8.pubmatic.com/AdServer/ Frame 65F9
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?piggybackCookie=OPUd1690377d3dc46cb9eb3608873b48e4b&vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA%3D
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.32 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private,max-age=86400
date
Mon, 14 Aug 2023 12:50:07 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Mon, 14 Aug 2023 08:22:48 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
ImgSync
image8.pubmatic.com/AdServer/ Frame 6462
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://sync.mathtag.com/sync/img?mt_exid=74&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fmediamathtest%2F1508%2F%5BMM_UUID%5D%3Fzcc%3D0%26sspret%3D1&rndcb=446321056
  • https://sync.1rx.io/usersync3/mediamathtest/1508/068264da-22f4-4000-ba14-d06cfa582d66?zcc=0&sspret=1
  • https://sync.targeting.unrulymedia.com/csync/RX-8473adf2-1b89-4704-a0af-ee0cafa92d52-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-8473adf2-1b89-4704-a0af-ee0cafa92d52-005
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.32 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private,max-age=86400
date
Mon, 14 Aug 2023 12:50:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Mon, 14 Aug 2023 12:50:07 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
Pug
image2.pubmatic.com/AdServer/ Frame C88A
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=-DHGulrLAIK8IuaC_yLaZA
42 B
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=-DHGulrLAIK8IuaC_yLaZA
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 14 Aug 2023 12:50:07 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
cache-control
no-store
content-length
153
content-type
text/html; charset=utf-8
date
Mon, 14 Aug 2023 12:50:07 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=-DHGulrLAIK8IuaC_yLaZA
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
cm
ipac.ctnsnet.com/int/ Frame 14BC 		43 B
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Mon, 14 Aug 2023 12:50:06 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
ImgSync
image8.pubmatic.com/AdServer/ Frame 6F5F
Redirect Chain
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=5807dd2e-7334-4273-9a87-9d6a8300de61
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.32 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private,max-age=86400
date
Mon, 14 Aug 2023 12:50:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Mon, 14 Aug 2023 12:50:07 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
pub
matching.truffle.bid/sync/ Frame 87DB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.88.86.2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.2.86.88.23.clients.your-server.de
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Date
Mon, 14 Aug 2023 12:50:07 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
cookiesync
core.iprom.net/ Frame 50A8 		43 B
0 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Mon, 14 Aug 2023 12:50:07 GMT
Vary
Accept-Encoding
X-adserver-worker
ragnarok-84f9fd40ff29@version_1.566
X-core-time
1ms
X-server-arch
v2
ImgSync
image8.pubmatic.com/AdServer/ Frame 96F7
Redirect Chain
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7453038071703537949&uid=Q745303807170353...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7453038071703537949
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.32 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private,max-age=86400
date
Mon, 14 Aug 2023 12:50:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Mon, 14 Aug 2023 12:50:07 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
ImgSync
image8.pubmatic.com/AdServer/ Frame AEEF
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:4F94844F4CC4401AB7330777BA793A74&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.32 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private,max-age=86400
date
Mon, 14 Aug 2023 12:50:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Mon, 14 Aug 2023 12:50:07 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
csync
sync.spotim.market/ Frame 0D2D 		43 B
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.spotim.market/csync?t=a&ep=281178&extuid=68531A78-C812-44CF-A2C6-1C611A476111
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Mon, 14 Aug 2023 12:50:07 GMT
Etag
6727deaf8a61a4e5
Server
Adtelligent
/
bpi.rtactivate.com/tag/ Frame 2B9D 		43 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bpi.rtactivate.com/tag/?id=20909&user_id=68531A78-C812-44CF-A2C6-1C611A476111&gdpr=0&gdpr_consent=
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.187.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-187-16.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:07 GMT
server
awselb/2.0
content-length
43
content-type
image/gif
75145
i.liadm.com/s/ Frame 2B9D 		43 B
644 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/75145?bidder_id=195755&bidder_uuid=68531A78-C812-44CF-A2C6-1C611A476111
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.23.70.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-23-70-212.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 12:50:07 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
3
Content-Type
image/gif
qmap
sync.crwdcntrl.net/ Frame 2B9D 		49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=68531A78-C812-44CF-A2C6-1C611A476111&gdpr=0&gdpr_consent=
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.126.51 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-126-51.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:07 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.40.18
content-length
49
expires
0
/
io.narrative.io/ Frame 2B9D
Redirect Chain
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:68531A78-C812-44CF-A2C6-1C611A476111
  • https://io.narrative.io/?io.narrative.guid.v2=18afe3b0-3aa1-11ee-9828-02e4221a2b5f&companyId=673&id=pubmatic_id:68531A78-C812-44CF-A2C6-1C611A476111
0
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://io.narrative.io/?io.narrative.guid.v2=18afe3b0-3aa1-11ee-9828-02e4221a2b5f&companyId=673&id=pubmatic_id:68531A78-C812-44CF-A2C6-1C611A476111
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
HTTP/1.1
Server
54.158.247.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-158-247-65.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 12:50:08 GMT
Cache-Control
no-cache
Server
nginx/1.22.1
Connection
keep-alive

Redirect headers

Location
https://io.narrative.io/?io.narrative.guid.v2=18afe3b0-3aa1-11ee-9828-02e4221a2b5f&companyId=673&id=pubmatic_id:68531A78-C812-44CF-A2C6-1C611A476111
Date
Mon, 14 Aug 2023 12:50:07 GMT
Server
nginx/1.22.1
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 2B9D
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6125384915149995829
0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 2B9D
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:8a39a669-f6cd-41ae-a6c6-5b27ea24ed45&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:8a39a669-f6cd-41ae-a6c6-5b27ea24ed45&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: nypost.com
URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 14 Aug 2023 12:50:08 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:8a39a669-f6cd-41ae-a6c6-5b27ea24ed45&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Mon, 14 Aug 2023 12:50:07 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
usync.js
eus.rubiconproject.com/ Frame 8A81 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.126.114.69 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-114-69.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
79174ee77b6396cce4fcb7cb25caa2eef27936e6d5dc920a88ea4dfe47e179cb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east&gdpr=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 12:50:07 GMT
Content-Encoding
gzip
Last-Modified
Mon, 14 Aug 2023 09:42:34 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=75180
Connection
keep-alive
Content-Length
10116
Expires
Tue, 15 Aug 2023 09:43:07 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 69B4 		1 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com
URL: https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
7955
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 14 Aug 2023 10:37:32 GMT
etag
48472445140208031
expires
Tue, 15 Aug 2023 10:37:32 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame A761 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a229bc73c5e500f4398e2c6010f0fe3ac37ce33951e659a1c5d935c32f1b4d10

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/png
/
bpi.rtactivate.com/tag/ Frame 5852 		43 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bpi.rtactivate.com/tag/?id=20909&user_id=68531A78-C812-44CF-A2C6-1C611A476111&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1---&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.187.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-187-16.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:07 GMT
server
awselb/2.0
content-length
43
content-type
image/gif
75145
i.liadm.com/s/ Frame 5852 		43 B
644 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/75145?bidder_id=195755&bidder_uuid=68531A78-C812-44CF-A2C6-1C611A476111
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1---&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.23.70.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-23-70-212.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 12:50:07 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
3
Content-Type
image/gif
qmap
sync.crwdcntrl.net/ Frame 5852 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=68531A78-C812-44CF-A2C6-1C611A476111&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1---&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.206.138.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-206-138-177.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:07 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.9.246
content-length
49
expires
0
/
io.narrative.io/ Frame 5852
Redirect Chain
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:68531A78-C812-44CF-A2C6-1C611A476111
  • https://io.narrative.io/?io.narrative.guid.v2=18b736b0-3aa1-11ee-a591-0a3986670f6f&companyId=673&id=pubmatic_id:68531A78-C812-44CF-A2C6-1C611A476111
0
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://io.narrative.io/?io.narrative.guid.v2=18b736b0-3aa1-11ee-a591-0a3986670f6f&companyId=673&id=pubmatic_id:68531A78-C812-44CF-A2C6-1C611A476111
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?usp_consent=1---
Protocol
HTTP/1.1
Server
54.158.247.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-158-247-65.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 12:50:08 GMT
Cache-Control
no-cache
Server
nginx/1.22.1
Connection
keep-alive

Redirect headers

Location
https://io.narrative.io/?io.narrative.guid.v2=18b736b0-3aa1-11ee-a591-0a3986670f6f&companyId=673&id=pubmatic_id:68531A78-C812-44CF-A2C6-1C611A476111
Date
Mon, 14 Aug 2023 12:50:07 GMT
Server
nginx/1.22.1
Connection
keep-alive
Content-Length
0
i.match
a.tribalfusion.com/ Frame 2581 		43 B
0 		Document
General
Check archive.org
Download Go to
Full URL
https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1---&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7f69525bad440341-MIA
content-length
43
content-type
image/gif; charset=utf-8
date
Mon, 14 Aug 2023 12:50:07 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302
ImgSync
image8.pubmatic.com/AdServer/ Frame 72EB
Redirect Chain
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=68531A78-C812-44CF-A2C6-1C611A476111&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1---&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.32 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private,max-age=86400
date
Mon, 14 Aug 2023 12:50:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Mon, 14 Aug 2023 12:50:07 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame EB05
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
93 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1---&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 14 Aug 2023 12:50:07 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Mon, 14 Aug 2023 12:50:07 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
ImgSync
image8.pubmatic.com/AdServer/ Frame 5DD5
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=6
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=813726672749
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1---&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.32 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private,max-age=86400
date
Mon, 14 Aug 2023 12:50:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Mon, 14 Aug 2023 12:50:07 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
ImgSync
image8.pubmatic.com/AdServer/ Frame 5421
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?piggybackCookie=OPUa9d32a8716fc4cd59006943d3734bedb&vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA%3D
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1---&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.32 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private,max-age=86400
date
Mon, 14 Aug 2023 12:50:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Mon, 14 Aug 2023 12:50:06 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
ImgSync
image8.pubmatic.com/AdServer/ Frame 7799
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://sync.mathtag.com/sync/img?mt_exid=74&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fmediamathtest%2F1508%2F%5BMM_UUID%5D%3Fzcc%3D0%26sspret%3D1&rndcb=7562058531
  • https://sync.1rx.io/usersync3/mediamathtest/1508/068264da-22f4-4000-ba14-d06cfa582d66?zcc=0&sspret=1
  • https://sync.targeting.unrulymedia.com/csync/RX-8473adf2-1b89-4704-a0af-ee0cafa92d52-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-8473adf2-1b89-4704-a0af-ee0cafa92d52-005
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1---&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.32 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private,max-age=86400
date
Mon, 14 Aug 2023 12:50:07 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Mon, 14 Aug 2023 12:50:07 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
Pug
image2.pubmatic.com/AdServer/ Frame 9EDD
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=CCqSsgrGBoOSKSzh_yLaZA
42 B
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=CCqSsgrGBoOSKSzh_yLaZA
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1---&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 14 Aug 2023 12:50:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
cache-control
no-store
content-length
153
content-type
text/html; charset=utf-8
date
Mon, 14 Aug 2023 12:50:07 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=CCqSsgrGBoOSKSzh_yLaZA
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
cm
ipac.ctnsnet.com/int/ Frame 2EE3 		43 B
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1---&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Mon, 14 Aug 2023 12:50:07 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
Pug
simage2.pubmatic.com/AdServer/ Frame 5852
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6125384915149995829
0
0
ImgSync
image8.pubmatic.com/AdServer/ Frame 873E
Redirect Chain
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=cad42cac-631a-45c5-8985-91c07a63aac8
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1---&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.32 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private,max-age=86400
date
Mon, 14 Aug 2023 12:50:07 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Mon, 14 Aug 2023 12:50:07 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
sync
ads.servenobid.com/ Frame 0197 		0
357 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/sync?pid=316&uid=68531A78-C812-44CF-A2C6-1C611A476111
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1---&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.181.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-181-173.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
amp-access-control-allow-source-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
0
content-type
text/html;charset=ISO-8859-1
date
Mon, 14 Aug 2023 12:50:07 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame A17B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsspVGOq3z7P3QuPrsi2yhRGShVr6yGHckYhgaMoFgxWifx1GH1ICRbqRYrU0j0XIR1prkam2IKb7muB4WmgqPEUuinvF6QgQiRoUKWlpp9MnV6QaW-cdjaiXsdl59VByUmq3rewYRlEXBEkfHsFJPP6hr8oB3XxHVXNoJTKAhDeJlLRSuwxkoTv3WimDw-cs85QcBBMflUdKXCDShe-_1fTkxnoLPDyAGpREBkux5Z_x_OGdaCLNJCkMloe-NztcnuDvLHjDeffZZXKCwbJOEzoIoIQWoGCJXvnASve4ySjVzbDSYzGDG0FDVTbuz18xmpQpKM2L51wOdF9MevgftAQ0mJe3chTMWMNSKo6WFvcm2OYrRKl8SY6iIbCy-sFlwwKQtDJY_9nwfXeACRjIwCiuyuX6ym6wLGF7wcJRzGoK6355otzBJeNKi-NLPaKFr7dajUkQ9ZX3USrruZLtDPNBnu30vUV3yj7xt4hxk9F-AcZgpNqwApIB4H8uGDwfaPQpG1HeKnM_xz1cct-Fr1OeKVAse9c-WXBodVR2uJcQHCvKPG38psg_F3ZFpiAuqy1Es2DBo8Ykm7CiYutE_bptGvENymBh6SgZ4f3cuwjxc9oDpfXwnl0qS-if4j3SxpnUgyMCkhkjEahcZBZMR9nIfVlArTiQSPbIZDcFXdki8hm_EVTzUnNZxpbexRPOrnKuZunZFIgs7hZSK3Y4u_c4_K5tx9IKZTh8PqLAV9O05ox3QJDh5bOb34LOOjmi2GKsNJonDkThG5ds_KxQmRZ0FSh9DppeK7qU6C6GnPpnHj8Lz46LinmOqxSUE7ncCm9zMeOGa1UXuhH2PYYchNM_IlvicZie7UsZV5c2kJ5bkIppzHqUhlwaxxX2NX-KG5FA2OBsyXSesgEJ1S5Bu_lgyNsrMuWyLlvAAaYIPgF1QUAqy8yLcABpxv22iNJ8CIluLA6Vi4A2qQEE-QOGYnLeejd2bht2cF3Zle5YMRK5kegf8q0vXj7mqakD4tA1HYneHI61aOKgPIk5yo2M_dnJMUjamRxfL8d_3WoQ0lhiY8Sp4z5_05JEYnBk8eefPsM2oLQHjxsPMqfyNTsCq-MbudbPnLFJ0Jsiu8H9lTzHQkK_2DTDpWPHou55pq68iNGo6eUxxP2WLbLMsnEQ77N6vAwjgVhABTwZz1r91buR5JvJlzbfKv1T7bjoy8HwRUHAzNYrqP9D2i0OC4ekevWFF_JPQz6GSaUAJ1XqozdwJkVD6mi1EOETkYjd-eQwV96QLELmqSAs7hAuTqHLmLeihPGFcjlXI2jFImTrh6t3DHT7A&sai=AMfl-YQG_kpoJ2hbZ1VwzfxyzONum1AM8RcEqcYsmyncAvLs7srGwMH87p3Bvy79IMa6ziLIA5R6j6M-9AcsVQrQpeRe9uHFYZe6grYUZl9KN5UVhL5y8Uto280dqiISG6jfb03skMAcU3ZD495OFQFoMA3pXHsZTsUCwJu_SdyzF0mvxm8iclpknXs24TC_ZbKhGGi4HTSIjAi0E90jodOk_1ZNmLyqxmZ-7vcxk_TUzgXMrHGyEm7i1Ec9f1Ae1CLo3zR9JmkDALMgxkvSGADp0U-m6_6njxelCmla8qhKIdkMkgKTo8ZQlAdX4QV_&sig=Cg0ArKJSzBqCnDiTG02gEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2387&vt=11&dtpt=2383&dett=2&cstd=0&cisv=r20230809.89516&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-e09f10f-a7b8af42.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.35.162 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:07 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 14 Aug 2023 12:50:07 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 7F85 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu2XaJbRMcDhRnMh9EoCE41YaRGDknU-R_GhckF2dHQEgpW-J0aylCrnw2FBSt804_NWtlWUfDNEWXbTdb5hqP0_T4oANjAzDCHpNPWmUVY-R2sjK8G6rQjDtNUxWfv24re8e3r-Hw-RbrfXsS8DoEfRwwU8z1wdysQuST0SRVFbOBEHhOimprI4mRVx4-0AvKzF0fiiQIYWRJZhWU4C2rOtp7nZJJzk2NCQFKpd1CTnmThbv2y-RmMxiWp4Ubh3bNGKWmD3v4FBvaFnl3Uu2wAI7kzELMr1ZhBlhR0Toq23wZL6rcQrW9ZR84nh7uq9HVjCGY_tWQbqBF5eThhkpouPBREU9nGwTo2SmGLwaQQFw__8AuKId9V7U4Gc40OUzMv2EFPBBwfLej0FhzA3scwPbt8M2lTRsUhN7v4suFMweLRFsqtAPQ-C9z_LWiATDeEstk6XVPLYYU2r-NnfbPA-1PQR6NGfjKcawe1dpzbQxMJ4_ptKHncQ0xn-q0i7AVZtX3HL3Ac8pH64j0F4KKEwei3FgNG_-ksphrgeS5H6RImtFXdfqVpO_gTR9cVW0cw5f93WaT-DSGu1emGNBg3aZ4jd8WCwwJXxNCQ4SczbyEs6lKR68uB2gT3lUVBybw--i0_wIqBE4PDyuSZQzFL624ztVvvnyTJeZKIQJioN7j9EyQ5d7wTXfZFUAEeCmJq2xIjEMYGDe3c0ucKigsb3wHWhNLmaql-l2CYfaBbAnq6K7Wl_h1e_72eP7nn1LPcWuEnmDpEifWoQmXomiYSCYAonYvT0EPDtuwl-ECgKpolVm54xQ42bglAvAuEJc5HGXLY-kqWy3mztStGcC_eH2ARUM-XkRAMUn33whUCSGefZxNlQEHxmE6OgRVKF9yamWMwwiNxkEsnbW7QZTfZ5YHJ6oHckbt1fczPKYFKHVN-YzHsMTUMP6Vyqn6W3Nlvr2LGBK6nt4nPtZgk-tm3lbImkGS0-D7J9-SKPYL0wafsTIrpAqeY1N9tTviE0DtVVqG-9-uofcYw0i43dAC4JKd7PAAZoPrjGdIzAUhoXRKfYiFOU-gtk_lXfiQtQcX2CUuHZlbh0pwZmS02aZ3CIg1tr3Doi-VP0qdYa2_BZNWjjrCqgajfFaiyyndcnOgIQhfbbxJIZheED3TK-JiRMCmDmaJPE98dyCnJQgBqWeGsbbjXD5v5XZ3brc1aHEGbH8N38pvCEFtofEIjRlq12gJ1SaWJYUh_Hp0Dvel0nWpDLod1Hh2QA0WP4KXE_D9BcErQMf3O8kvmhiIU5g4f-JY0-trzrZfoE7OV-Q0ENGU_gMc&sai=AMfl-YSTLgUInCsufSct6rfWGTUEJT5iSvW0rW2qbxBFDZD3IUvpCX4bBNnIoh-yU8gRzwSQRWaNmj8B5z0uNdJtcwTajaJzttD5mybst-Uc5DSNXucnAiLTgIz1zl_PkNOSi9nfD-kcRoo2QHoOFgnSNIm_As0dL9RA5ZAfnprIPsji5umgaEh99o7zhBk8ia9vALCDtyF1oPgXAJDuJmGDmhlh_e8swOOzD7eizaZkg5a2zZAn00Ja-Z8hASKOKVP3S7KWE4f0fYE5r2YPWsgOl4bVlIMLr3cMJdqU5wO8UaBrilsp7Ic8Y0eq86YQ&sig=Cg0ArKJSzCbcB79cnT2EEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2250&vt=11&dtpt=2244&dett=2&cstd=0&cisv=r20230809.31591&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-e09f10f-a7b8af42.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.35.162 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:07 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 14 Aug 2023 12:50:07 GMT
cframe.js
assets.a-mo.net/js/ Frame A5B2 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.a-mo.net/js/cframe.js
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/cchain/2/4890?gdpr=0&gdpr_consent=&gpp=&gpp_sid=&us_privacy=&A=50478a03-0398-43f7-86fc-e8df8347d808&bidder=pubmatic&cbx=aHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9&uid=68531A78-C812-44CF-A2C6-1C611A476111
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6813:9e13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1d0e50c440571cffce4c7aea610d6cbee0f2a15f1058aef12b225e3e246e404

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:07 GMT
via
1.1 b3fa6483b226ef7cc87d8bab653f621c.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-cf-pop
MIA3-C3
age
316
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Mon, 27 Mar 2023 18:10:34 GMT
server
cloudflare
etag
W/"60125fcf1fcf576eebb45554f83ada73"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cf-ray
7f69525c980e4c08-MIA
x-amz-cf-id
joib9pQddwsA2OdoC069S9biud_e10CCby79dXvTwbo2pibKaeLPKQ==
expires
Mon, 14 Aug 2023 13:50:07 GMT
cframe.js
assets.a-mo.net/js/ Frame 38D6 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.a-mo.net/js/cframe.js
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/cchain/2/4890?gdpr=0&gdpr_consent=&gpp=&gpp_sid=&us_privacy=&A=50478a03-0398-43f7-86fc-e8df8347d808&bidder=pubmatic&cbx=aHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9&uid=68531A78-C812-44CF-A2C6-1C611A476111
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6813:9e13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1d0e50c440571cffce4c7aea610d6cbee0f2a15f1058aef12b225e3e246e404

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:07 GMT
via
1.1 b3fa6483b226ef7cc87d8bab653f621c.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-cf-pop
MIA3-C3
age
316
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Mon, 27 Mar 2023 18:10:34 GMT
server
cloudflare
etag
W/"60125fcf1fcf576eebb45554f83ada73"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cf-ray
7f69525c98114c08-MIA
x-amz-cf-id
joib9pQddwsA2OdoC069S9biud_e10CCby79dXvTwbo2pibKaeLPKQ==
expires
Mon, 14 Aug 2023 13:50:07 GMT
cframe.js
assets.a-mo.net/js/ Frame 695E 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.a-mo.net/js/cframe.js
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/cchain/2/4890?gdpr=0&gdpr_consent=&gpp=&gpp_sid=&us_privacy=&A=50478a03-0398-43f7-86fc-e8df8347d808&bidder=pubmatic&cbx=aHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9&uid=68531A78-C812-44CF-A2C6-1C611A476111
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6813:9e13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1d0e50c440571cffce4c7aea610d6cbee0f2a15f1058aef12b225e3e246e404

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:07 GMT
via
1.1 b3fa6483b226ef7cc87d8bab653f621c.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-cf-pop
MIA3-C3
age
316
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Mon, 27 Mar 2023 18:10:34 GMT
server
cloudflare
etag
W/"60125fcf1fcf576eebb45554f83ada73"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cf-ray
7f69525c98134c08-MIA
x-amz-cf-id
joib9pQddwsA2OdoC069S9biud_e10CCby79dXvTwbo2pibKaeLPKQ==
expires
Mon, 14 Aug 2023 13:50:07 GMT
cframe.js
assets.a-mo.net/js/ Frame 2355 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.a-mo.net/js/cframe.js
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/cchain/2/4890?gdpr=0&gdpr_consent=&gpp=&gpp_sid=&us_privacy=&A=50478a03-0398-43f7-86fc-e8df8347d808&bidder=pubmatic&cbx=aHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9&uid=68531A78-C812-44CF-A2C6-1C611A476111
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6813:9e13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1d0e50c440571cffce4c7aea610d6cbee0f2a15f1058aef12b225e3e246e404

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:07 GMT
via
1.1 b3fa6483b226ef7cc87d8bab653f621c.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-cf-pop
MIA3-C3
age
316
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Mon, 27 Mar 2023 18:10:34 GMT
server
cloudflare
etag
W/"60125fcf1fcf576eebb45554f83ada73"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cf-ray
7f69525c98164c08-MIA
x-amz-cf-id
joib9pQddwsA2OdoC069S9biud_e10CCby79dXvTwbo2pibKaeLPKQ==
expires
Mon, 14 Aug 2023 13:50:07 GMT
get
mv.outbrain.com/Multivac/api/ 		6 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&idx=101&rand=86369&widgetJSId=FMS_CP_1&va=true&et=true&format=vjapi&rtbEnabled=true&lsd=3ebbb7b7-7e3b-46d4-93bf-dc08b9e67ea7&lsdt=1692017397393&t=ZjViYTljZDZmZDYxNDE3ZDFjYmZkZDc3YzMwYmViNzk=&fId=110&feedVersion=2&fAB=11741-89554&px=271&py=3575&vpd=2375&settingLevel=TEMPLATE&servePc=true&maxNumAds=2&num=2&maxNumOrganicRecs=0&secondaryVideoReq=true&videolinearity=2&plcmt=4&fAB=11741-89554&feedIdx=1&appName=false&appCategory=false&appStoreUrl=false&playerLocation=aboveWidget&layeredTestInfo=11741-89554-81574,12756-0-&recMode=odb_video&videoWidth=728&videoHeight=409&pauseOutOfView=false&placementType=4&videoPlaybackMethod=2&isRequestInView=false&pubInState=0&seid=0516ccbb-2895-e51b-0000-0189f41886c6%7C2138%7C1&settings=true&recs=true&key=NANOWDGT01&adblck=false&abwl=false&ab=0&wl=0&umv=1&wdr-cosc=1&activeTab=true&version=2010414&sig=NCKxbSGa&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpa=1---&ccpaStat=1&chs=1&ogn=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.30.132 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6b98f3eec96ea7d3619f429615bbc0f9465a5ba47308a765e348f5666990e2d8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-cache-hits
0
date
Mon, 14 Aug 2023 12:50:07 GMT
content-encoding
br
via
1.1 varnish
traffic-path
NYDC1, IAD, USA_EAST1
x-cache
MISS
p3p
policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
x-traceid
7f718f59f33add0c18dc5cee530bdab8
content-length
2947
x-served-by
cache-iad-kiad7000075-IAD
pragma
no-cache
x-timer
S1692017408.575040,VS0,VE311
vary
Accept-Encoding, User-Agent
content-type
text/x-json; charset=UTF-8
cache-control
no-cache
accept-ranges
bytes
expires
Thu, 01 Jan 1970 00:00:00 GMT
AVmanager.js
player.aniview.com/script/6.1/ Frame BB42 		475 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/player.js?v=1&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1402:b800:78d::2c79 Atlanta, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
c7b335cd4f99f54a92a1d88d6548647d52d94a3ceaafd5b36fd1d0a88b63897e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:07 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdssHpomHzUvi_lGPm34lwwIu73Fzn579Mra3sWeN8wPbQrtfTyBA-em2zJzLEx5A3DDgcXmbkCm65oQaYom9e9U8w
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
130353
last-modified
Thu, 10 Aug 2023 14:53:46 GMT
server
UploadServer
etag
"2f3f0a7b8c93d6329e52026450f30184"
vary
Accept-Encoding
x-goog-generation
1691679226027236
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=e6p0/A==, md5=Lz8Ke4yT1jKeUgJkUPMBhA==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
130353
accept-ranges
bytes
expires
Mon, 14 Aug 2023 13:00:07 GMT
AVmanager.js
player.aniview.com/script/6.1/ Frame 63CC 		475 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/player.js?v=1&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1402:b800:78d::2c79 Atlanta, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:07 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdssHpomHzUvi_lGPm34lwwIu73Fzn579Mra3sWeN8wPbQrtfTyBA-em2zJzLEx5A3DDgcXmbkCm65oQaYom9e9U8w
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
130353
last-modified
Thu, 10 Aug 2023 14:53:46 GMT
server
UploadServer
etag
"2f3f0a7b8c93d6329e52026450f30184"
vary
Accept-Encoding
x-goog-generation
1691679226027236
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=e6p0/A==, md5=Lz8Ke4yT1jKeUgJkUPMBhA==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
130353
accept-ranges
bytes
expires
Mon, 14 Aug 2023 13:00:07 GMT
pub
matching.truffle.bid/sync/ Frame 8C89 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.88.86.2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.2.86.88.23.clients.your-server.de
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Date
Mon, 14 Aug 2023 12:50:07 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
cookiesync
core.iprom.net/ Frame 59DE 		43 B
0 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Mon, 14 Aug 2023 12:50:08 GMT
Vary
Accept-Encoding
X-adserver-worker
avatar-fc0bd71db410@version_1.566
X-core-time
0ms
X-server-arch
v2
ImgSync
image8.pubmatic.com/AdServer/ Frame A3F4
Redirect Chain
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7453038071703537949P
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.32 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private,max-age=86400
date
Mon, 14 Aug 2023 12:50:07 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Mon, 14 Aug 2023 12:50:07 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
ImgSync
image8.pubmatic.com/AdServer/ Frame A486
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:4F94844F4CC4401AB7330777BA793A74&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.32 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private,max-age=86400
date
Mon, 14 Aug 2023 12:50:07 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Mon, 14 Aug 2023 12:50:07 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame F743
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:8a39a669-f6cd-41ae-a6c6-5b27ea24ed45&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
0
0
usersync
usersync.gumgum.com/ Frame D9C2 		35 B
0 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=68531A78-C812-44CF-A2C6-1C611A476111
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 14 Aug 2023 12:50:07 GMT
Expires
0
Pragma
no-cache
pixel
cm.g.doubleclick.net/ Frame F743
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=68531A78-C812-44CF-A2C6-1C611A476111
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=YWEwdmc3Nkg0b2tSUTY5NVlid2t2cGc5QQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
0
0
g.pixel
aa.agkn.com/adscores/ Frame F743 		43 B
656 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212308278&puid=68531A78-C812-44CF-A2C6-1C611A476111
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?usp_consent=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-37.jfk50.r.cloudfront.net
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:07 GMT
via
1.1 84eb14fd35e56c52f969c1decfba148c.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
JFK50-P3
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
x-amz-cf-id
GOZUNOi5pLIIshjfwix-P255qP1bg9JxU-49vmbw1R7XMLjrCq2h_Q==
expires
0
info2
uipglob.semasio.net/pubmatic/1/ Frame F743
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=68531A78-C812-44CF-A2C6-1C611A476111&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=68531A78-C812-44CF-A2C6-1C611A476111&sInitiator=external&gdpr=0&gdpr_consent=
0
0
generic
match.adsrvr.org/track/cmf/ Frame F743
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=68531A78-C812-44CF-A2C6-1C611A476111&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
0
0
setuid
elb.the-ozone-project.com/ Frame E226
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-ozone&gdpr=0&gdpr_consent=
  • https://elb.the-ozone-project.com/setuid?bidder=rubicon&uid=LLAVGYIH-G-GET7&gdpr=0
0
0
PugMaster
image6.pubmatic.com/AdServer/ Frame F743 		47 B
0 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=28900838&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 14 Aug 2023 12:50:07 GMT
content-length
47
content-type
text/html; charset=UTF-8
usync.html
eus.rubiconproject.com/ Frame DD4B
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=rise_engage&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
281 B
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent={gdpr_consent}&redirect=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d24%26ev%3dfddb0e4239674cab881846b90d9a1b4b%26pname%3dIronSource%26api-tier%3d1%26uid%3d{partnerId}%26direct%3D1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.126.114.69 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-114-69.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Referer
https://cs-server-s2s.yellowblue.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 14 Aug 2023 12:50:08 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 14 Aug 2023 12:50:07 GMT
location
https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
server
AkamaiGHost
/
onetag-sys.com/usync/ Frame ACAF 		2 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent={gdpr_consent}&redirect=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d24%26ev%3dfddb0e4239674cab881846b90d9a1b4b%26pname%3dIronSource%26api-tier%3d1%26uid%3d{partnerId}%26direct%3D1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://cs-server-s2s.yellowblue.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
bidswitch
sync-dmp.mobtrakk.com/match/ Frame 7CE7
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_86675a2e-1fa3-4d4a-8df3-7774f2fc0697&gdpr=&gdpr_consent=&us_privacy=
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=${user_id}&gdpr=&consent=&usp=&ssp=gumgum2&bsw=2ec00d2e-f53c-465e-92d3-2beaa816ca85
0
0
usersync
usersync.gumgum.com/ Frame 7CE7
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRd...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
0
0
142
match.deepintent.com/usersync/ Frame 7CE7 		0
0
sync
ssbsync.smartadserver.com/api/ Frame 7CE7 		0
0
um
sync.e-planning.net/ Frame 7CE7 		0
0
xuid
eb2.3lift.com/ Frame 68DA
Redirect Chain
  • https://cms.quantserve.com/pixel/p-VtN-a_yLd-GB-.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?gdpr=0&mid=5316&dongle=fa68&xuid=bRJKq2kUSPx2Fxz6YkAD-2JAHPl2Fhr7Oh9cm08-
0
0
current
triplelift-match.dotomi.com/match/bounce/ Frame 68DA
Redirect Chain
  • https://triplelift-match.dotomi.com/match/bounce/current?networkId=74572&version=1&gdpr=0&gdpr_consent=
  • https://triplelift-match.dotomi.com/match/bounce/current?DotomiTest=5f4a25781db9103b&is_secure=true&networkId=74572&version=1&gdpr=0&gdpr_consent=
0
0
trl
match.prod.bidr.io/cookie-sync/ Frame 68DA 		0
0
img
sync.mathtag.com/sync/ Frame 68DA 		0
0
RVF22VSl
sync-tm.everesttech.net/upi/pid/ Frame 68DA 		0
0
sync
rtb.mfadsrvr.com/ Frame 68DA 		0
0
triplelift
um.simpli.fi/ Frame 68DA 		0
0
cm-notify
us.creativecdn.com/ Frame 68DA 		0
0
CookieSyncTripleLift
rtb.adentifi.com/ Frame 68DA 		0
0
ping_match.gif
pm.w55c.net/ Frame 68DA 		0
0
um
sync.e-planning.net/ Frame 68DA 		0
0
/
ghb.spotim.market/geo/ Frame 4655 		0
0
tracking
ghb.spotim.market/adunit/ Frame 4655 		0
0
j.html
p.jcontentcdn.com/prebidlink/19583/ Frame 5904 		1 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://p.jcontentcdn.com/prebidlink/19583/j.html?i=11595
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=172800
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 14 Aug 2023 12:50:07 GMT
etag
W/"620bee41-43d"
expires
Wed, 16 Aug 2023 12:50:07 GMT
last-modified
Tue, 15 Feb 2022 18:17:37 GMT
server
nginx
cm
us-u.openx.net/w/1.0/ Frame 8101
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1692017405586.5&ri=70&ru=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fcm%3Fid%3Dc6a5ba0d-ce02-41bd-a1ea-842c68bd5108%26ph%3D8f5ed5d4-642c-4222-968a-d709c...
  • https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D...
1 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3a%2f%2fcapi.connatix.com%2fcore%2fus%3fDemandPartner%3d37%26UserId%3dfddb0e4239674cab881846b90d9a1b4b%26DemandPartnerName%3d_33Across%26tier%3d1%26DemandPartnerUserId%3d33XUSERID33X&gdpr=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash

Request headers

Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3a%2f%2fcapi.connatix.com%2fcore%2fus%3fDemandPartner%3d37%26UserId%3dfddb0e4239674cab881846b90d9a1b4b%26DemandPartnerName%3d_33Across%26tier%3d1%26DemandPartnerUserId%3d33XUSERID33X&gdpr=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
725
content-type
text/html
date
Mon, 14 Aug 2023 12:50:08 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Mon, 14 Aug 2023 12:50:07 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP006
x-33x-status
40000000008200000A
us
capi.connatix.com/core/ Frame FD1B
Redirect Chain
  • https://ssc-cms.33across.com/ps/?_=1692017405586.&ri=0015a00002y7TWTAA2&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3a%2f%2fcapi.connatix.com%2fcore%2fus%3fDemandPartner%3d37%26UserId%3dfddb...
  • https://capi.connatix.com/core/us?DemandPartner=37&UserId=fddb0e4239674cab881846b90d9a1b4b&DemandPartnerName=_33Across&tier=1&DemandPartnerUserId=212236466587534
0
0
/
ssc-cms.33across.com/ps/ Frame FD1B
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=f0v35ew&ttd_tpi=1&us_privacy=
  • https://ssc-cms.33across.com/ps/?ri=102&ru=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fbidder_id%3D102%26ttl%3D1694609408%26external_user_id%3D885e676c-3a70-45fe-acfc-e7ad294a43e8
0
0
usermatchredir
ssum-sec.casalemedia.com/ Frame FD1B
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1692017405586.3&ri=2&ru=https%3A%2F%2Fssum-sec.casalemedia.com%2Fusermatchredir%3Fs%3D191740%26us_privacy%3D%24%7BUS_PRIVACY%7D%26cb%3Dhttps%253A%252...
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191740&us_privacy=&cb=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D2%26external_user_id%3D
0
0
/
ssc-cms.33across.com/ps/ Frame FD1B
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=104&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D45%26xu%3D%7BuserId%7D
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=45&xu=d6b17afb-b9dc-4997-9b71-8ab66aac7c4f-64da22f6-5553
0
0
/
ssc-cms.33across.com/ps/ Frame FD1B
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=33across&us_privacy=
  • https://ssc-cms.33across.com/ps/?xi=120&xu=aGQZVP-FWKlwqApFxMElgCaEdkU
0
0
getuid
ib.adnxs.com/ Frame FD1B
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1692017405586.7&ri=90&ru=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253...
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D90%26external_user_id%3D%24UID
0
0
config.json
player.adtelligent.com/exchange_rates/279896/ Frame 32A4 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/exchange_rates/279896/config.json?cb=https%3A%2F%2Fnypost.com
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
d08a462cc6905c4b94c42daaad21ea311687b42726c59022912a614f2ffb564e

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

expires
Wed, 16 Aug 2023 12:50:08 GMT
date
Mon, 14 Aug 2023 12:50:08 GMT
content-encoding
gzip
last-modified
Sun, 13 Aug 2023 12:02:18 GMT
server
nginx
etag
W/"64d8c64a-857"
content-type
application/json
access-control-allow-origin
https://nypost.com
cache-control
max-age=172800
x-proxy-cache
HIT
apstag.js
c.amazon-adsystem.com/aax2/ Frame 32A4 		0
0
grumi.js
rumcdn.geoedge.be/35362513-af22-4abd-a2c3-bcf6c62814c8/ Frame 32A4 		0
0
view
googleads4.g.doubleclick.net/pcs/ Frame 06C0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstg7BZtbczcjWtjPgsOc-994Wzl9Fb3Gjn52IORA0jrqtZaY7jXY_kPiD9UM8nlGWCqMYC4KbwAf7xQUPT6200gVyvBwpe1Vw6pKLEM4-zYF5X73dhLT604s4bZsriUFUt1B39EqRh8qMMk50e_9ZOVukv9bRMrrjWRTzOp9swyEPIVbSc1M5I7o25q9VZttk9CLplSD8yfx1OKuNEPcZ6ZszyEmTbYkBMSKMXxU8OvRsOS2VVHIcZpD93oltYYg2Ja2mPfQTfWeq9oYHhhoaSSuqUH15OwxvUPLM-AONlm0TQmqGqnmryTNpV8PPZQmWTqf1oz0h0_Icxv56iemeM4wmJH07KJW8Z4hMi_y4YekT6cBnG1fPr1Cf5uATvyIlpHo7Kjv-2lw-VW3_aOju0vnLrAw2vDv0cZm7dHJQPN_HaE4wgsbCaeffqNR0I_ovCiETLu1BNFqX_rm25n5x-j3Lhh0KKPPztm2kgnxJf8Bow2K277iXLZ6eU0rFyKd1pZ_Z3CUXGwfeIanFwLhPp_HQqmdfZ3X59_p7k7tsWdsnpq64ELP9i8G90c-GzcSX_AVLDd6auW4q7Qd7n1HNr9SMVwyALFcvdTsaj2a7qolvWpFrMdo4tB_XAEot-EixJYERAXpBcQ69QqTOu4TYfvUoKZ7awX8zcTz5v1ijqBrlcJfxpyC56wXzIKbgt7WWve-4ls06f_4J1XWkcwk_ALL3X3XTWQJE1JTlgqSc0Gd3QamOMUysR1fa7288R_Fi_q7A56nSQ3AdCHrHb4GOGB_Q-V1mtOIc9mK-TTWzpbT_xXp_7IuDY-QySIMCGNk6KahCEo0aMjawcfQbyWwcqOiH2nkZAo2z1V3ASCI6fReYjgdlfr3-azsqlIluNmvToYH9dVkHs880jzMdEZ716_0TbmRAY6M26sP8OfYN9up-w7jgMVgl2yauXEnOoAUNn_0YKCLT_VSlrxTNQQg5kR0-BfDJa6ZFcjN6rKGblyXOIaHUmjLqkNqfyePHj_KSAjWbNHMWf-kUf9sf502uO0VnCtjyO9U35H1tewsBmxfdoYfOKQw_ZTQ0YxBbEybOKXZyUB4ysS6OjACTWibG2sAVTnNscnoBdNQtJ9RfUT071Pamn8gkb4V4zLrTpXwdn_nz85XbS2tkCRWDsba2hYnHFXPExjcuuGuswIL3DDrTkw-8NUmgLffJtaTEzMmx_-BAKbMHYofan-99lgbRU5WBpjISEiwoauh6VwQUfy_OGxoXNo9O86LnXELBFX0TJg-jwbkVQuoAbWxyrJWC6eKSR6nIvJQZbyHj2lxJZJ&sai=AMfl-YRSK2mKT_0lFsCwWsjPNgXVKua5pG7HusG_9fK73M8IeVPA-xiOh_OlRCcfREuM-uQBGkQ5seEbrpFHFoXGn98SDeLQiuCkRF1i7p3g1RkIHeJbkArGMhZzT3854HP_9srlXJ9279sIIOFn0s93madRXs5XNLFrXXRcuodjDI1aMKkgh5QJjbaWf5vvnH8BcD01ygkuGj5akXrSDPc_JdbVsybtPRPZfG01hiZO2KkwvILqn53BlLkyYUzS76HiGipwMtmh7Gs5CYhdla1Quri0UmKBw7ix3Joy_3H2WA_uFKbzkR6KUzu9fbLP&sig=Cg0ArKJSzEZdduxhrDqgEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2398&vt=11&dtpt=2395&dett=2&cstd=1&cisv=r20230809.81838&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-e09f10f-a7b8af42.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.35.162 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:08 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 14 Aug 2023 12:50:08 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 2B9D 		47 B
0 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=27108150&p=156758&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 14 Aug 2023 12:50:07 GMT
content-length
47
content-type
text/html; charset=UTF-8
view
googleads4.g.doubleclick.net/pcs/ Frame A761 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssbGdpgPQBRciChit3bLu1Sa_lxAyx7B6BPe6OrOuzCxoANuDjOKMJeIBH9qBkqiGswVvzVhbZM2mBNH9z-7wNN6J7vL78aHVIF9RL6z1dHmfrZxqqSV6XXuwr10OqGsLf4VA56BGVy2FYlo0DJetc3J_20ZagOQXBhfpYW_c2uayvodTjdpIVcErQWDhcgOcN_912lWoRrsy6rrQBI3xOCJRM9YMCZHe9HQBEgtyoDAcQtY9yytCyxImdaw0LPsmCuyRcBtpKmEpGvT3kHZumlGYmLcfIX7ZJvGeAFlxFPJxZWQl3BWNv-D5BJ_mdiJxmdT5M4tNTj7aDT2hb7raQGJBZ4xeSDt85s-eUoU7jCplogDcS7iX2zTmAapPV4YK9pjTn-pUB2o2GbcvTeytYFo07eXojID51Um87qoQ8WA5k7Zhv0wKmpNgnFFiojJw-H69yiVtH2PwuK7DXb8uwf17J_8-3buuF_oqjm-57rCsgzBH1KN3w5SCQ8bRrAU-qWhp1wSBoq3BlJLJHf6e78mL7dD-h0LLXSRYlyK0XWgbb4pq8VV8V8zRh5Hp3eN-_r5qXUCJlrAc2RoRVqsHFyGOWfORqS83M4wnTAbclDo7evB49YDUcIicJ4fXAvuLdPn9ggs7gnFe_DBz0rN2aaToVebqZ7jiSjCu_qSa5dVR5io57BQHoSWLdbzWUUe-bI5HWrNAA_dOgW9oincAeytE_tKmTbJfk8BExXV6ZKpET-fgGo3LvleX4FfOLqQHqfjec5vWXuacDyb8eUNFrDTupuSDkZQochJmdAEFSCNKRaz9laAIuKFhUCwYQqiZQRky2K5b0mPT-3gSe_EIY3Se0_I1L3JPVsn1YUfXR7IRt2Kf_BqZqU-kXbWjJjicRQ2LuvAQLhO7VUXuEGBsrzQN2H5sYw4xxN5Qk5l7G1-yIPkr4udO_O650BfHM2Wrh2JyM_atuhrreFUj0qUkc7Gom_cfexJDrD_VS7_IUFuqLuINX9clhZQ8iYm9XhuMh4L9MZdkb3RPxefdYhlWxYkhQUEXJjiSkAyfJWcsJOC6vbbhGhwk9JSnbv3eEaKJjcMsbj0cckwzdXZBSDH8bGrVvEdxurriAHuX48nVolbNU6LkavHqs2AFTLmCMEnwkKD2xv8z4SiE3FW0XVFu9FYY3v0pN40i5LTsdU8_afcUwaJL3CF756DmV8pM6nGz1sLlI_f6AjspjudwvzV4GnC38lPnJk3Ft7umeQaO9FGvBliZn36r8894UQukiZpLk4DqXAr2la4KY34P1whnTSsYCzxr4uVjuM50tOzgdhXbf2qQ&sai=AMfl-YRyGcf6aaWY1ohzPcUQSdajtoDcg7oHr-s2HCsWGgNK8j_oaXGFkWYAbkf8WcsTQjjTnW3Myfp8-Mr7CG8IaiwX5CXtoEyplGpMpV5PSKvRey7VExAxwHl2T45DTftgfsGxPwdRNiun2meX-xE-euZaliCGp1X68mXwUEHe1Y4icsGX7vL_9ZO4FVI4wFuaA-ZkAM2eCzzFtWek9b9ZFEpw62eoYBdGw44qAa69dbjagVRc2b8dQFrRbVmqvXk8TUPn3qj14aN2jxYXPXRww7g31x9iNlUpg0x1cBvYV11HcfW-jrD75fLHLmnu&sig=Cg0ArKJSzAhIBbkGmRCGEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2425&vt=11&dtpt=2422&dett=2&cstd=0&cisv=r20230809.63372&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-e09f10f-a7b8af42.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.35.162 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:08 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 14 Aug 2023 12:50:08 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 2CFA 		47 B
0 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=77287071&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 14 Aug 2023 12:50:07 GMT
content-length
47
content-type
text/html; charset=UTF-8
SPug
simage4.pubmatic.com/AdServer/ Frame A8B5 		0
0
ucl
capi.connatix.com/tr/ Frame 8C8F 		0
0
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 8C8F 		0
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		85 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d851d82b509976a447ad00c9acd8604d49a1655937f5ef17b1c10ce27f19e98d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:08 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28673
x-xss-protection
0
server
cafe
etag
155 / 19583 / 31076944 / config-hash: 9566803040182507923
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 14 Aug 2023 12:50:08 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 8C8F 		0
0
elements.ui.488cf483a75f74c120ac.js
cds.connatix.com/p/313598/ Frame 8C8F 		0
0
usersync
usersync.gumgum.com/ Frame E2FD
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZNoi9cCo8X8AAGiFsigAAAAA
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZNoi9cCo8X8AAGiFsigAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D9e327913d98873c4%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 14 Aug 2023 12:50:09 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Mon, 14 Aug 2023 12:50:09 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZNoi9cCo8X8AAGiFsigAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
1
X-SO-Cluster-ID
0
X-SO-HostName
m-ad349.dc4p.scaleout.jp
X-SO-IP
38.132.118.69
X-SO-Key
ZNoi9cCo8X8AAGiFsigAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"38.132.118.69","key":"ZNoi9cCo8X8AAGiFsigAAAAA","privacy_sensitive":false,"uid":"ZNoi9cCo8X8AAGiFsigAAAAA","upstream_id":"m-ad349"}
X-SO-LB-Hostname
m-tgng21.dc4p.scaleout.jp
X-SO-UID
ZNoi9cCo8X8AAGiFsigAAAAA
X-SO-Upstream-ID
m-ad349
gumgum
cs.admanmedia.com/sync/ Frame FF52 		0
0
usermatchredir
ssum-sec.casalemedia.com/ Frame 8540 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D9e327913d98873c4%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 14 Aug 2023 12:50:09 GMT
Expires
0
Keep-Alive
timeout=1, max=500
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
usync.html
eus.rubiconproject.com/ Frame 3A8C
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D9e327913d98873c4%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.126.114.69 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-114-69.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 14 Aug 2023 12:50:08 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 14 Aug 2023 12:50:08 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
pixel
cm.g.doubleclick.net/ Frame 735A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV84NjY3NWEyZS0xZmEzLTRkNGEtOGRmMy03Nzc0ZjJmYzA2OTc=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D9e327913d98873c4%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Mon, 14 Aug 2023 12:50:08 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D919 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D9e327913d98873c4%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.220.188.195 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-188-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=34058
content-encoding
gzip
content-length
5606
content-type
text/html
date
Mon, 14 Aug 2023 12:50:08 GMT
expires
Mon, 14 Aug 2023 22:17:46 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
ghb.spotim.market/geo/ Frame 32A4 		0
0
tracking
ghb.spotim.market/adunit/ Frame 32A4 		0
0
j.html
p.astarcdn.com/prebidlink/19583/ Frame 16A8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://p.astarcdn.com/prebidlink/19583/j.html?i=12909
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=172800
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 14 Aug 2023 12:50:08 GMT
etag
W/"620bee41-43d"
expires
Wed, 16 Aug 2023 12:50:08 GMT
last-modified
Tue, 15 Feb 2022 18:17:37 GMT
server
nginx
usync.js
eus.rubiconproject.com/ Frame DD4B 		0
0
setuid
prebid-server.rubiconproject.com/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid...
  • https://prebid-server.rubiconproject.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&account=&f=i&uid=6125384915149995829
86 B
931 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&account=&f=i&uid=6125384915149995829
Requested by
Host: blank
URL: about:blank
Protocol
HTTP/1.1
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/png
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-encoding
gzip
transfer-encoding
chunked
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:08 GMT
an-x-request-uuid
743edcdd-802d-4721-a385-75e78b141d45
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://prebid-server.rubiconproject.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&account=&f=i&uid=6125384915149995829
x-proxy-origin
38.132.118.69; 38.132.118.69; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
dpixel
cms.quantserve.com/ Frame 1E18 		0
0
sn.ashx
aep.mxptint.net/ Frame 1E18 		0
0
gp_match
um.simpli.fi/ Frame 1E18 		0
0
sync
sync.srv.stackadapt.com/ Frame 1E18 		0
0
sync
ssbsync.smartadserver.com/api/ Frame 1E18 		0
0
adx.gif
beacon.lynx.cognitivlabs.com/ Frame 1E18 		0
0
sync
t.adx.opera.com/pub/ Frame 1E18 		0
0
attr
cm.g.doubleclick.net/pixel/ Frame 1E18 		0
0
match
events-ssc.33across.com/ Frame 8101 		0
0
g.pixel
aa.agkn.com/adscores/ Frame 8101 		0
0
/
bpi.rtactivate.com/tag/ Frame 8101 		0
0
37274
stags.bluekai.com/site/ Frame 8101 		0
0
709996.gif
id.rlcdn.com/ Frame 8101 		0
0
hbpix
idpix.media6degrees.com/orbserv/ Frame 8101 		0
0
pixel.gif
aorta.clickagy.com/ Frame 8101 		0
0
dds
rtb.openx.net/sync/ Frame 8101 		0
0
generic
sync.ipredictive.com/d/sync/cookie/ Frame 8101 		0
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 8101 		0
0
receive
pixel.tapad.com/idsync/ex/ Frame 8101 		0
0
current
dclk-match.dotomi.com/match/bounce/ Frame 6A7E 		0
0
i.match
a.tribalfusion.com/ Frame 6A7E 		0
0
sn.ashx
aep.mxptint.net/ Frame 6A7E 		0
0
dds
rtb.openx.net/sync/ Frame 6A7E 		0
0
cma
dsum-sec.casalemedia.com/ Frame 6A7E 		0
0
cm
ius.ctnsnet.com/int/ Frame 6A7E 		0
0
CAESEEuE3AmcZstaYxgk2OwnL44
an.yandex.ru/mapuid/google/ Frame 6A7E 		0
0
attr
cm.g.doubleclick.net/pixel/ Frame 6A7E 		0
0
match
c1.adform.net/serving/cookie/ Frame 78EA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=68531A78-C812-44CF-A2C6-1C611A476111&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.43 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Mon, 14 Aug 2023 12:50:09 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
usersync
usersync.gumgum.com/ Frame C9E1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=68531A78-C812-44CF-A2C6-1C611A476111
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 14 Aug 2023 12:50:08 GMT
Expires
0
Pragma
no-cache
420486.gif
idsync.rlcdn.com/ Frame A8B5 		0
0
pwt.js
ads.pubmatic.com/AdServer/js/pwt/160065/3904/ Frame 3243 		0
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E0CC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1692017406828-939026011029-001222-002-004076%26biddername%3D1%26key%3D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.220.188.195 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-188-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=34058
content-encoding
gzip
content-length
5606
content-type
text/html
date
Mon, 14 Aug 2023 12:50:08 GMT
expires
Mon, 14 Aug 2023 22:17:46 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cookiesyncendpoint
sync.aniview.com/ Frame E65A
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3655&_fw_gdpr=0&_fw_gdpr_consent=
  • https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=a8558a898a7f1d459a56776b82e5d936&_fw_gdpr=0&_fw_gdpr_consent=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=a8558a898a7f1d459a56776b82e5d936&_fw_gdpr=0&_fw_gdpr_consent=
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.208.125.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-125-34.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
0
date
Mon, 14 Aug 2023 12:50:09 GMT

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Date
Mon, 14 Aug 2023 12:50:09 GMT
Location
https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=a8558a898a7f1d459a56776b82e5d936&_fw_gdpr=0&_fw_gdpr_consent=
Pragma
no-cache
Server
nginx
x-sticky-vk
1692017409051016-312
auto-user-sync
ads.stickyadstv.com/ Frame 3ED1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/auto-user-sync?px=1953&_fw_gdpr=0&_fw_gdpr_consent=
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.233 Secaucus, United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Date
Mon, 14 Aug 2023 12:50:09 GMT
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
x-sticky-vk
1692017409051020-269
adxcm.aspx
inv-nets.admixer.net/ Frame 4EF0
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=0&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1692017406828-939026011029-001222-002-004076%26bid...
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-8473adf2-1b89-4704-a0af-ee0cafa92d52-005&rndcb=7723099221
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dadcon...
0
0
usync.html
eus.rubiconproject.com/ Frame DDDE
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=aniview&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.126.114.69 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-114-69.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 14 Aug 2023 12:50:09 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 14 Aug 2023 12:50:08 GMT
location
https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
server
AkamaiGHost
cookiesyncendpoint
sync.aniview.com/ Frame 11E1
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58543/occ?gdpr=0&gdpr_consent=
  • https://sync.aniview.com/cookiesyncendpoint?biddername=78&key=y-ka0IJ91E2uEn8mIOLyAuUA.dc8QajnFTWDzb2vs-~A&gdpr=0
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?biddername=78&key=y-ka0IJ91E2uEn8mIOLyAuUA.dc8QajnFTWDzb2vs-~A&gdpr=0
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.208.125.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-125-34.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
0
date
Mon, 14 Aug 2023 12:50:09 GMT

Redirect headers

age
0
content-length
0
date
Mon, 14 Aug 2023 12:50:09 GMT
location
https://sync.aniview.com/cookiesyncendpoint?biddername=78&key=y-ka0IJ91E2uEn8mIOLyAuUA.dc8QajnFTWDzb2vs-~A&gdpr=0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.75
strict-transport-security
max-age=31536000
cookiesyncendpoint
sync.aniview.com/ Frame 05C0
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=ec4c2ec9-18b8-454e-98be-3ee1e6bfea65&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1692017406828-939026011029-001222-002-004076...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1692017406828-939026011029-001222-002-004076&biddername=23&key=f0c9e2f4-a0c8-4698-b246-2a0c386809b7
0
0
cookiesyncendpoint
sync.aniview.com/ Frame C444
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562704&ev=1&us_privacy=1---&rurl=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1692017406828-939026011029-001222-002-004076%26biddername%3D10%2...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1692017406828-939026011029-001222-002-004076&biddername=10&pid=59c9148628a0612da3689288&key=5TsF0pv5gg6c&ev=1&us_privacy=1---&pid=562704
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1692017406828-939026011029-001222-002-004076&biddername=10&pid=59c9148628a0612da3689288&key=5TsF0pv5gg6c&ev=1&us_privacy=1---&pid=562704
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.208.125.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-125-34.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
0
date
Mon, 14 Aug 2023 12:50:09 GMT

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cache-control
private, max-age=0, no-cache, no-store
content-language
en-US
cw-server
bh-deployment-6f79b8d6bf-rnvd6
expires
-1
location
https://sync.aniview.com/cookiesyncendpoint?auid=1692017406828-939026011029-001222-002-004076&biddername=10&pid=59c9148628a0612da3689288&key=5TsF0pv5gg6c&ev=1&us_privacy=1---&pid=562704
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(10.0.14)
strict-transport-security
max-age=15768000
sync
vid.vidoomy.com/ Frame 45C5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://vid.vidoomy.com/sync?gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1692017406828-939026011029-001222-002-004076%26biddername%3D133%26pid%3D59c9148628a0612da3689288%26key%3D%7B%7BVID%7D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
gzip
content-type
text/html
date
Mon, 14 Aug 2023 12:50:09 GMT
etag
W/"64abbb76-c2af"
last-modified
Mon, 10 Jul 2023 08:04:06 GMT
server
CDN77-Turbo
vary
Accept-Encoding
x-77-cache
MISS
x-77-nzt
AVm7sQ+D1YWh
x-77-nzt-ray
49be14088aa3e94a0123da64bc381308
x-77-pop
newyorkUSNY
x-cache
MISS
0
prebid.a-mo.net/cchain/ Frame 5F39 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1692017406828-939026011029-001222-002-004076%26biddername%3D105%26pid%3D59c9148628a0612da3689288%26key%3D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.28.129.37 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-length
429
content-type
text/html; charset=utf-8
date
Mon, 14 Aug 2023 12:50:08 GMT
server
envoy
vary
accept-encoding
x-envoy-upstream-service-time
1
cookiesyncendpoint
sync.aniview.com/ Frame 1FC8
Redirect Chain
  • https://csync.loopme.me/?pubid=11455&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1692017406828-939026011029-001222-002-004076%26biddername%3D56%26pid%...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1692017406828-939026011029-001222-002-004076&biddername=56&pid=59c9148628a0612da3689288&key=d3b0ff90-af00-45c0-8b53-51476465188b&gdpr_consent=null&g...
0
0
cookiesyncendpoint
sync.aniview.com/ Frame 1190
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=1581&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1692017406828-939026011029-001222-002-004076%26biddername%3D22%26key%3D%7BPUB_USE...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1692017406828-939026011029-001222-002-004076&biddername=22&key=9ee49186-746a-4a99-b9ae-326ad01ba3bd
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1692017406828-939026011029-001222-002-004076&biddername=22&key=9ee49186-746a-4a99-b9ae-326ad01ba3bd
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.208.125.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-125-34.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
0
date
Mon, 14 Aug 2023 12:50:09 GMT

Redirect headers

access-control-allow-origin
*
content-length
0
content-type
text/plain
date
Mon, 14 Aug 2023 12:50:09 GMT
location
https://sync.aniview.com/cookiesyncendpoint?auid=1692017406828-939026011029-001222-002-004076&biddername=22&key=9ee49186-746a-4a99-b9ae-326ad01ba3bd
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cookiesyncendpoint
sync.aniview.com/ Frame F9F0
Redirect Chain
  • https://ap.lijit.com/pixel?us_privacy=1---&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1692017406828-939026011029-001222-002-004076%26biddername%3D18%26k...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1692017406828-939026011029-001222-002-004076&biddername=18&key=HJkhbLZHRtsgZLtNTqiinddP
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1692017406828-939026011029-001222-002-004076&biddername=18&key=HJkhbLZHRtsgZLtNTqiinddP
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.208.125.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-125-34.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
0
date
Mon, 14 Aug 2023 12:50:09 GMT

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Content-Length
0
Date
Mon, 14 Aug 2023 12:50:09 GMT
Location
https://sync.aniview.com/cookiesyncendpoint?auid=1692017406828-939026011029-001222-002-004076&biddername=18&key=HJkhbLZHRtsgZLtNTqiinddP
X-Sovrn-Pod
ad_ap3ewr1
cookiesyncendpoint
sync.aniview.com/ Frame 2112
Redirect Chain
  • https://sync.technoratimedia.com/services?srv=cs&pid=70&uid=1692017406828-939026011029-001222-002-004076&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1692017406828-939026011029-0...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1692017406828-939026011029-001222-002-004076&biddername=3&key=2129E09A41B14F3196FBE4892007BDC9
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1692017406828-939026011029-001222-002-004076&biddername=3&key=2129E09A41B14F3196FBE4892007BDC9
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.208.125.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-125-34.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
0
date
Mon, 14 Aug 2023 12:50:09 GMT

Redirect headers

access-control-allow-credentials
true
access-control-allow-methods
POST,GET,HEAD,OPTIONS
access-control-allow-origin
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
age
0
content-length
0
content-type
text/plain; charset=utf-8
date
Mon, 14 Aug 2023 12:50:08 GMT
location
https://sync.aniview.com/cookiesyncendpoint?auid=1692017406828-939026011029-001222-002-004076&biddername=3&key=2129E09A41B14F3196FBE4892007BDC9
server
nginx
via
1.1 varnish
x-varnish
735467415
cookiesyncendpoint
sync.aniview.com/ Frame 07A2
Redirect Chain
  • https://ssp.disqus.com/redirectuser/?partner=aniview&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1692017406828-939026011029-001222-002-004076%26biddername%3D52%26key%3DBUYERUID
  • https://sync.aniview.com/cookiesyncendpoint?auid=1692017406828-939026011029-001222-002-004076&biddername=52&key=ua-232b251a-73f7-38d2-b385-866b557f8a46
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1692017406828-939026011029-001222-002-004076&biddername=52&key=ua-232b251a-73f7-38d2-b385-866b557f8a46
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.208.125.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-125-34.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
0
date
Mon, 14 Aug 2023 12:50:09 GMT

Redirect headers

cache-control
no-store
content-length
0
date
Mon, 14 Aug 2023 12:50:09 GMT
expires
0
location
https://sync.aniview.com/cookiesyncendpoint?auid=1692017406828-939026011029-001222-002-004076&biddername=52&key=ua-232b251a-73f7-38d2-b385-866b557f8a46
pragma
no-cache
fa9f4b3548d146d8b0584acce84c4fec.gif
cs.admanmedia.com/ Frame F171 		0
0
avpb7.51.0.js
player.aniview.com/script/6.1/libs/prebid/ Frame 3243 		0
0
avpb7.51.0a1.js
player.aniview.com/script/6.1/libs/prebid/ Frame 3243 		0
0
avpb7.51.0a0.js
player.aniview.com/script/6.1/libs/prebid/ Frame 3243 		0
0
outbrain.js
static.vidazoo.com/basev/skins/outbrain/ 		71 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.vidazoo.com/basev/skins/outbrain/outbrain.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:651 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f006dec88c65732acad8ea71a9bcc6be450a360567eccc8174da37df54c6038

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:09 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
Z52QMYE1CK4J0P8P
age
19126
content-length
19996
x-amz-id-2
YWnoMVeFzsMdrbaMi2sBsWN+ZTr8z7CW0XNRWj0EgRzlEkW9agCD17tEXls/cKzJEjy6yxhOb28=
last-modified
Mon, 06 Apr 2020 12:23:25 GMT
server
cloudflare
etag
"27c03d08ed4bfb0b9084b79ce358e325"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7f6952672f6c6dcb-MIA
access-control-allow-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
expires
Tue, 15 Aug 2023 12:50:09 GMT
match
events-ssc.33across.com/ Frame C10F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://events-ssc.33across.com/match?liv=h&us_privacy=1---&bidder_id=25&external_user_id=68531A78-C812-44CF-A2C6-1C611A476111
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=1---&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D1---%26bidder_id%3D25%26external_user_id%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png
date
Mon, 14 Aug 2023 12:50:09 GMT
via
1.1 google
activeview
pagead2.googlesyndication.com/pcs/ Frame A761 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 067A 		0
0
/
pl.connatix.com/ Frame 8C8F 		0
0
csi
csi.gstatic.com/ Frame 0C37 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 06C0 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 4EF7 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 7F85 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame A17B 		0
0
iev
csm.va.us.criteo.net/ Frame 3F7D 		0
0
track
track1.aniview.com/ Frame 3243 		0
0
rum
elb.the-ozone-project.com/cdn-cgi/ Frame E226 		0
0
blank.mp4
static.vidazoo.com/basev/ 		891 B
1 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://static.vidazoo.com/basev/blank.mp4
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:651 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c957adaf4326a8636ad68fc78acb194b96b34bbeba09daf6b36c74975ac37d21

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 14 Aug 2023 12:50:09 GMT
cf-cache-status
HIT
x-amz-request-id
ATW2ME7ASD8QSDWY
age
22902
Content-Range
bytes 0-890/891
Content-Length
891
x-amz-id-2
QRRVsilrB3oFimakV4H+3VW5qPfYiuPuiXVL3Yooborr7Bo1wTjq8VYV/Ijk3eMwUcBw5pXgaNY=
last-modified
Mon, 06 Apr 2020 12:07:11 GMT
server
cloudflare
etag
"86ec3fbb73842f6c776555cfb7f1950d"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
cache-control
public, max-age=86400
cf-ray
7f69526a2a496dcb-MIA
access-control-allow-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
expires
Tue, 15 Aug 2023 12:50:09 GMT
async
api-2-0.spot.im/v1.0.0/conversation/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/conversation/async
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-22.jfk50.r.cloudfront.net
Software
fasthttp /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-access-token,x-post-id,x-spot-id,x-spotim-device-uuid,x-spotim-device-v2,x-spotim-page-view-id
Access-Control-Request-Method
POST
Origin
https://nypost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://nypost.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age
86400
content-length
0
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
date
Mon, 14 Aug 2023 12:50:09 GMT
server
fasthttp
strict-transport-security
max-age=31536000
via
1.1 5a7c529ef93438ca768c3432355a6e72.cloudfront.net (CloudFront)
x-amz-cf-id
jMiIIHtWEmZRnOQ_I2ZuDEFWWfihE53Qbzz2-cAkab_4QBnDFdJIqA==
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
NYP%20Site%20Wide
api-2-0.spot.im/v1.0.0/reactions/config/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/reactions/config/NYP%20Site%20Wide
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-22.jfk50.r.cloudfront.net
Software
fasthttp /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-access-token,x-post-id,x-spot-id,x-spotim-device-uuid,x-spotim-device-v2,x-spotim-page-view-id
Access-Control-Request-Method
GET
Origin
https://nypost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://nypost.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age
86400
content-length
0
date
Mon, 14 Aug 2023 12:50:09 GMT
server
fasthttp
via
1.1 5a7c529ef93438ca768c3432355a6e72.cloudfront.net (CloudFront)
x-amz-cf-id
mdwXVnbm0OZ_3oAR7qe0rEpVmrZi-mqVUJBa8xs4uCUaFi46zwLcwg==
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
async
api-2-0.spot.im/v1.0.0/conversation/ 		3 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/conversation/async
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.8.1/launcher/480-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-22.jfk50.r.cloudfront.net
Software
fasthttp /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

x-spotim-device-uuid
a3319bef-f26a-424c-8ba0-adaa5e0ce096
x-post-id
26570027
accept-language
en-US,en;q=0.9
x-spotim-device-v2
d_8JwWcnb1rY86BqPJ9YtT
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/json
Accept
application/json
x-spot-id
sp_Sx8YukwE
x-spotim-page-view-id
9221dbf5-e9ec-44c1-b0d4-bb1aa758a98a
Referer
x-access-token
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6IiIsInZlcmlmaWVkIjpmYWxzZSwidXNlcl9pZCI6InVfa2JHakNidEdISXNjIiwiZGlzcGxheV9uYW1lIjoiUmVkQ29ja3RhaWwiLCJ1c2VyX25hbWUiOiJSZWRDb2NrdGFpbCIsInJlZ2lzdGVyZWQiOmZhbHNlLCJpbWFnZV9pZCI6IiNSZWQtQ29ja3RhaWwiLCJyb2xlcyI6W10sInNzb19kYXRhIjpudWxsLCJwcm92aWRlcnMiOm51bGwsInJlcHV0YXRpb24iOnt9LCJzcG90X2lkIjoic3BfU3g4WXVrd0UiLCJsYXN0X2NoZWNrIjoxNjkyMDE3Mzk4LCJ2ZXJzaW9uIjoyLCJ4LXNwb3RpbS10b2tlbiI6IjAxMjMwODE0NWRKWDAwLjBhYWI0MDk1NzAzMzg0NTczNGRlY2MyZmU5MTNlZTgyNGQ2ZWZiMGRmNTZlNTI5MzQxNDNlNTA4MzNmNjJjMjYiLCJwZXJtaXNzaW9ucyI6bnVsbCwic3BvdGltLWRldmljZS12MiI6ImRfOEp3V2NuYjFyWTg2QnFQSjlZdFQiLCJuZXR3b3JrIjp7Im5ldHdvcmtfaWQiOiJuZXRfbnlwb3N0IiwibmV0d29ya19uYW1lIjoiTllQb3N0IiwibmV0d29ya19pbWFnZV9pZCI6Ik5ZUG9zdCIsIm5ldHdvcmtfY29sb3IiOiIjQ0MzMzMzIn0sInNwb3RfbmFtZSI6IiIsImRvbWFpbiI6IiIsInJvbGVzX251bWJlciI6MCwidGVtcF91c2VyIjpmYWxzZSwiZXhwIjoxNzIwNDM5Mzk4LCJzdWIiOiJ1X2tiR2pDYnRHSElzYyJ9.5Jcs78xQbo06Bo6LVlcfOO9evTO49Bfow2cswiwWfcQ

Response headers

date
Mon, 14 Aug 2023 12:50:10 GMT
via
1.1 6e202b767e6bdee837ba15ada7e3120e.cloudfront.net (CloudFront)
x-spotim-device-uuid
a3319bef-f26a-424c-8ba0-adaa5e0ce096
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
strict-transport-security
max-age=31536000
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-spotim-networkid
net_nypost
content-length
3
x-spotim-token
012308145dJX00.0aab40957033845734decc2fe913ee824d6efb0df56e52934143e50833f62c26
x-request-id
1a517a22-3aa1-11ee-92dc-ea0f9d15c58d
x-guid
a3319bef-f26a-424c-8ba0-adaa5e0ce096
server
fasthttp
x-spotim-device-v2
d_8JwWcnb1rY86BqPJ9YtT
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://nypost.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url
x-amz-cf-id
d9BQr9PGCcewCG8NtsrSx9_K4X_XzKpDb3LK2gq-qvZANooBRme2EQ==
NYP%20Site%20Wide
api-2-0.spot.im/v1.0.0/reactions/config/ 		683 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/reactions/config/NYP%20Site%20Wide
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.8.1/launcher/480-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-22.jfk50.r.cloudfront.net
Software
fasthttp /
Resource Hash
e66a68b3981921066be641298688cbd8c9fe45ae59bab0fc3f6ce54b77c8f589

Request headers

x-spotim-device-uuid
a3319bef-f26a-424c-8ba0-adaa5e0ce096
x-post-id
26570027
accept-language
en-US,en;q=0.9
x-spotim-device-v2
d_8JwWcnb1rY86BqPJ9YtT
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/json
Accept
application/json
x-spot-id
sp_Sx8YukwE
x-spotim-page-view-id
9221dbf5-e9ec-44c1-b0d4-bb1aa758a98a
Referer
x-access-token
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6IiIsInZlcmlmaWVkIjpmYWxzZSwidXNlcl9pZCI6InVfa2JHakNidEdISXNjIiwiZGlzcGxheV9uYW1lIjoiUmVkQ29ja3RhaWwiLCJ1c2VyX25hbWUiOiJSZWRDb2NrdGFpbCIsInJlZ2lzdGVyZWQiOmZhbHNlLCJpbWFnZV9pZCI6IiNSZWQtQ29ja3RhaWwiLCJyb2xlcyI6W10sInNzb19kYXRhIjpudWxsLCJwcm92aWRlcnMiOm51bGwsInJlcHV0YXRpb24iOnt9LCJzcG90X2lkIjoic3BfU3g4WXVrd0UiLCJsYXN0X2NoZWNrIjoxNjkyMDE3Mzk4LCJ2ZXJzaW9uIjoyLCJ4LXNwb3RpbS10b2tlbiI6IjAxMjMwODE0NWRKWDAwLjBhYWI0MDk1NzAzMzg0NTczNGRlY2MyZmU5MTNlZTgyNGQ2ZWZiMGRmNTZlNTI5MzQxNDNlNTA4MzNmNjJjMjYiLCJwZXJtaXNzaW9ucyI6bnVsbCwic3BvdGltLWRldmljZS12MiI6ImRfOEp3V2NuYjFyWTg2QnFQSjlZdFQiLCJuZXR3b3JrIjp7Im5ldHdvcmtfaWQiOiJuZXRfbnlwb3N0IiwibmV0d29ya19uYW1lIjoiTllQb3N0IiwibmV0d29ya19pbWFnZV9pZCI6Ik5ZUG9zdCIsIm5ldHdvcmtfY29sb3IiOiIjQ0MzMzMzIn0sInNwb3RfbmFtZSI6IiIsImRvbWFpbiI6IiIsInJvbGVzX251bWJlciI6MCwidGVtcF91c2VyIjpmYWxzZSwiZXhwIjoxNzIwNDM5Mzk4LCJzdWIiOiJ1X2tiR2pDYnRHSElzYyJ9.5Jcs78xQbo06Bo6LVlcfOO9evTO49Bfow2cswiwWfcQ

Response headers

date
Mon, 14 Aug 2023 12:16:54 GMT
content-encoding
gzip
via
1.1 6e202b767e6bdee837ba15ada7e3120e.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P5
age
1996
x-cache
Hit from cloudfront
x-request-id
74949695-3a9c-11ee-a051-e2395fcaf5cd
server
fasthttp
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nypost.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
vary
Accept-Encoding
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url
x-amz-cf-id
Wt45w8gineBTZfXeYGXbCTRwoi2902ZZCl-FciXD-8TupYbtOF74_A==
manifest-audio_eng=112056-video_eng=222542-2.ts
videos-cloudfront-usp.jwpsrv.com/64dacae7_576bd9c3b7b35a25372702f4516e53696b433eca/site/XDErnc08/media/ScrNykYo/version/z3PQF4p5/manifest.ism/ 		203 KB
204 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://videos-cloudfront-usp.jwpsrv.com/64dacae7_576bd9c3b7b35a25372702f4516e53696b433eca/site/XDErnc08/media/ScrNykYo/version/z3PQF4p5/manifest.ism/manifest-audio_eng=112056-video_eng=222542-2.ts
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.27.1/provider.hlsjs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:a00:2:cecb:23c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
94cc218cdfe87dc4c784f1a3bc3097d102fbf5a1c58a07e42006ff3c7d2cf834

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 14:09:06 GMT
via
1.1 42cdf90926c91454b0e8865bb13f3962.cloudfront.net (CloudFront)
x-usp-info1
t=1970-01-01T00:00:04Z lookahead=2
x-amz-cf-pop
JFK50-P6
age
81663
x-cache
Hit from cloudfront
content-length
207928
server
Apache
etag
"usp-533EF37F"
content-type
video/MP2T
access-control-allow-origin
*
access-control-expose-headers
server,range,date,x-cdn-forward
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
link
<manifest-audio_eng=112056-video_eng=222542-3.ts>; rel="next"
access-control-allow-headers
origin, range, x-cdn-forward
x-amz-cf-id
qbr8W-aWkuufSL-p9BSKHTGgHxMy2z3BDNigfMF7NXPLUpo8GP8Oqw==
read
api-2-0.spot.im/v1.0.0/conversation/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/conversation/read
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-22.jfk50.r.cloudfront.net
Software
fasthttp /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-access-token,x-post-id,x-spot-id,x-spotim-device-uuid,x-spotim-device-v2,x-spotim-page-view-id
Access-Control-Request-Method
POST
Origin
https://nypost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://nypost.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age
86400
content-length
0
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
date
Mon, 14 Aug 2023 12:50:09 GMT
server
fasthttp
strict-transport-security
max-age=31536000
via
1.1 5a7c529ef93438ca768c3432355a6e72.cloudfront.net (CloudFront)
x-amz-cf-id
OQaiPbSE6g_VCdYXjWqLm2tbWIbn_6725McnjLsLF8Yny0K9uqfy4Q==
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
read
api-2-0.spot.im/v1.0.0/conversation/ 		5 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/conversation/read
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.8.1/launcher/480-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-22.jfk50.r.cloudfront.net
Software
fasthttp /
Resource Hash
5d932873e864e38ca42a4151759b54a827a20b021c6593f816562c9cb94fe69c
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

x-spotim-device-uuid
a3319bef-f26a-424c-8ba0-adaa5e0ce096
x-post-id
26570027
accept-language
en-US,en;q=0.9
x-spotim-device-v2
d_8JwWcnb1rY86BqPJ9YtT
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/json
Accept
application/json
x-spot-id
sp_Sx8YukwE
x-spotim-page-view-id
9221dbf5-e9ec-44c1-b0d4-bb1aa758a98a
Referer
x-access-token
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6IiIsInZlcmlmaWVkIjpmYWxzZSwidXNlcl9pZCI6InVfa2JHakNidEdISXNjIiwiZGlzcGxheV9uYW1lIjoiUmVkQ29ja3RhaWwiLCJ1c2VyX25hbWUiOiJSZWRDb2NrdGFpbCIsInJlZ2lzdGVyZWQiOmZhbHNlLCJpbWFnZV9pZCI6IiNSZWQtQ29ja3RhaWwiLCJyb2xlcyI6W10sInNzb19kYXRhIjpudWxsLCJwcm92aWRlcnMiOm51bGwsInJlcHV0YXRpb24iOnt9LCJzcG90X2lkIjoic3BfU3g4WXVrd0UiLCJsYXN0X2NoZWNrIjoxNjkyMDE3Mzk4LCJ2ZXJzaW9uIjoyLCJ4LXNwb3RpbS10b2tlbiI6IjAxMjMwODE0NWRKWDAwLjBhYWI0MDk1NzAzMzg0NTczNGRlY2MyZmU5MTNlZTgyNGQ2ZWZiMGRmNTZlNTI5MzQxNDNlNTA4MzNmNjJjMjYiLCJwZXJtaXNzaW9ucyI6bnVsbCwic3BvdGltLWRldmljZS12MiI6ImRfOEp3V2NuYjFyWTg2QnFQSjlZdFQiLCJuZXR3b3JrIjp7Im5ldHdvcmtfaWQiOiJuZXRfbnlwb3N0IiwibmV0d29ya19uYW1lIjoiTllQb3N0IiwibmV0d29ya19pbWFnZV9pZCI6Ik5ZUG9zdCIsIm5ldHdvcmtfY29sb3IiOiIjQ0MzMzMzIn0sInNwb3RfbmFtZSI6IiIsImRvbWFpbiI6IiIsInJvbGVzX251bWJlciI6MCwidGVtcF91c2VyIjpmYWxzZSwiZXhwIjoxNzIwNDM5Mzk4LCJzdWIiOiJ1X2tiR2pDYnRHSElzYyJ9.5Jcs78xQbo06Bo6LVlcfOO9evTO49Bfow2cswiwWfcQ

Response headers

date
Mon, 14 Aug 2023 12:50:10 GMT
content-encoding
gzip
x-spotim-device-uuid
a3319bef-f26a-424c-8ba0-adaa5e0ce096
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
via
1.1 6e202b767e6bdee837ba15ada7e3120e.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-spotim-networkid
net_nypost
x-spotim-token
012308145dJX00.0aab40957033845734decc2fe913ee824d6efb0df56e52934143e50833f62c26
x-request-id
1a515af3-3aa1-11ee-bcc6-5e3418901ba1
x-guid
a3319bef-f26a-424c-8ba0-adaa5e0ce096
server
fasthttp
x-spotim-device-v2
d_8JwWcnb1rY86BqPJ9YtT
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://nypost.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url
x-amz-cf-id
6Kgn92Yq6x1Ue0JVwY_6scq7mxIF1ePPQ5EIuBl1j5jtnAkbVlyjNg==
setuid
prebid-server.rubiconproject.com/
Redirect Chain
  • https://crb.kargo.com/api/v1/dsync/PrebidServer?gdpr=&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dkargo%26gdpr%3D%26gdpr_consent%3D%26us_priva...
  • https://prebid-server.rubiconproject.com/setuid?account=&bidder=kargo&f=i&uid=0b404d44-1ef0-08ca-124f-fb3dc2e750df&us_privacy=1---
86 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?account=&bidder=kargo&f=i&uid=0b404d44-1ef0-08ca-124f-fb3dc2e750df&us_privacy=1---
Requested by
Host: blank
URL: about:blank
Protocol
HTTP/1.1
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/png
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-encoding
gzip
transfer-encoding
chunked
Expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 14 Aug 2023 12:50:09 GMT
Content-Encoding
gzip
X-Accel-Expires
0
Vary
Origin
Content-Type
text/html; charset=utf-8
Location
https://prebid-server.rubiconproject.com/setuid?account=&bidder=kargo&f=i&uid=0b404d44-1ef0-08ca-124f-fb3dc2e750df&us_privacy=1---
Cache-Control
no-cache, no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
167
Expires
Thu, 01 Jan 1970 00:00:00 UTC
NYP%20Site%20Wide
api-2-0.spot.im/v1.0.0/reactions/stats/ 		86 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/reactions/stats/NYP%20Site%20Wide
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.8.1/launcher/480-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-22.jfk50.r.cloudfront.net
Software
fasthttp /
Resource Hash
0d61116d249a361c4f071ae125bb893bc1e6de4ac3d2313b1af1258036d56955
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

x-spotim-device-uuid
a3319bef-f26a-424c-8ba0-adaa5e0ce096
x-post-id
26570027
accept-language
en-US,en;q=0.9
x-spotim-device-v2
d_8JwWcnb1rY86BqPJ9YtT
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/json
Accept
application/json
x-spot-id
sp_Sx8YukwE
x-spotim-page-view-id
9221dbf5-e9ec-44c1-b0d4-bb1aa758a98a
Referer
x-access-token
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6IiIsInZlcmlmaWVkIjpmYWxzZSwidXNlcl9pZCI6InVfa2JHakNidEdISXNjIiwiZGlzcGxheV9uYW1lIjoiUmVkQ29ja3RhaWwiLCJ1c2VyX25hbWUiOiJSZWRDb2NrdGFpbCIsInJlZ2lzdGVyZWQiOmZhbHNlLCJpbWFnZV9pZCI6IiNSZWQtQ29ja3RhaWwiLCJyb2xlcyI6W10sInNzb19kYXRhIjpudWxsLCJwcm92aWRlcnMiOm51bGwsInJlcHV0YXRpb24iOnt9LCJzcG90X2lkIjoic3BfU3g4WXVrd0UiLCJsYXN0X2NoZWNrIjoxNjkyMDE3Mzk4LCJ2ZXJzaW9uIjoyLCJ4LXNwb3RpbS10b2tlbiI6IjAxMjMwODE0NWRKWDAwLjBhYWI0MDk1NzAzMzg0NTczNGRlY2MyZmU5MTNlZTgyNGQ2ZWZiMGRmNTZlNTI5MzQxNDNlNTA4MzNmNjJjMjYiLCJwZXJtaXNzaW9ucyI6bnVsbCwic3BvdGltLWRldmljZS12MiI6ImRfOEp3V2NuYjFyWTg2QnFQSjlZdFQiLCJuZXR3b3JrIjp7Im5ldHdvcmtfaWQiOiJuZXRfbnlwb3N0IiwibmV0d29ya19uYW1lIjoiTllQb3N0IiwibmV0d29ya19pbWFnZV9pZCI6Ik5ZUG9zdCIsIm5ldHdvcmtfY29sb3IiOiIjQ0MzMzMzIn0sInNwb3RfbmFtZSI6IiIsImRvbWFpbiI6IiIsInJvbGVzX251bWJlciI6MCwidGVtcF91c2VyIjpmYWxzZSwiZXhwIjoxNzIwNDM5Mzk4LCJzdWIiOiJ1X2tiR2pDYnRHSElzYyJ9.5Jcs78xQbo06Bo6LVlcfOO9evTO49Bfow2cswiwWfcQ

Response headers

date
Mon, 14 Aug 2023 12:50:10 GMT
via
1.1 6e202b767e6bdee837ba15ada7e3120e.cloudfront.net (CloudFront)
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
strict-transport-security
max-age=31536000
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-spotim-networkid
net_nypost
content-length
86
x-request-id
1a6902cc-3aa1-11ee-92dc-ea0f9d15c58d
server
fasthttp
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nypost.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url
x-amz-cf-id
dIcY_7i95Bt09S0k_ce-moRUHmkN8HCD2Q9K-6pJLE5B27xsvGdKnA==
NYP%20Site%20Wide
api-2-0.spot.im/v1.0.0/reactions/stats/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/reactions/stats/NYP%20Site%20Wide
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-22.jfk50.r.cloudfront.net
Software
fasthttp /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-access-token,x-post-id,x-spot-id,x-spotim-device-uuid,x-spotim-device-v2,x-spotim-page-view-id
Access-Control-Request-Method
GET
Origin
https://nypost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://nypost.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age
86400
content-length
0
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
date
Mon, 14 Aug 2023 12:50:10 GMT
server
fasthttp
strict-transport-security
max-age=31536000
via
1.1 5a7c529ef93438ca768c3432355a6e72.cloudfront.net (CloudFront)
x-amz-cf-id
Sj2bDGS_JUWHc1csb_iuNF2gVIvcPBOwOrf1LzUcIk6ocfIa1vm29g==
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
manifest-audio_eng=112056-video_eng=384660.m3u8
videos-cloudfront-usp.jwpsrv.com/64dacae7_576bd9c3b7b35a25372702f4516e53696b433eca/site/XDErnc08/media/ScrNykYo/version/z3PQF4p5/manifest.ism/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://videos-cloudfront-usp.jwpsrv.com/64dacae7_576bd9c3b7b35a25372702f4516e53696b433eca/site/XDErnc08/media/ScrNykYo/version/z3PQF4p5/manifest.ism/manifest-audio_eng=112056-video_eng=384660.m3u8
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.27.1/provider.hlsjs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:a00:2:cecb:23c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
fbd5c41305d123ecee69f661ccd6ac28a46a1bc242dddbf75306b5e59ac9db4a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 14:09:09 GMT
via
1.1 42cdf90926c91454b0e8865bb13f3962.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P6
age
81661
x-cache
Hit from cloudfront
content-length
1160
server
Apache
etag
"usp-60B1B934"
vary
Accept-Encoding
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
access-control-expose-headers
server,range,date,x-cdn-forward
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
origin, range, x-cdn-forward
x-amz-cf-id
TZqxl2hffRWgghl5bJ-4xVnRsE_XuxcMuoVmmk8YuvD1JsdynES3nw==
manifest-audio_eng=112056-video_eng=384660-3.ts
videos-cloudfront-usp.jwpsrv.com/64dacae7_576bd9c3b7b35a25372702f4516e53696b433eca/site/XDErnc08/media/ScrNykYo/version/z3PQF4p5/manifest.ism/ 		276 KB
277 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://videos-cloudfront-usp.jwpsrv.com/64dacae7_576bd9c3b7b35a25372702f4516e53696b433eca/site/XDErnc08/media/ScrNykYo/version/z3PQF4p5/manifest.ism/manifest-audio_eng=112056-video_eng=384660-3.ts
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.27.1/provider.hlsjs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:a00:2:cecb:23c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
f38d2b53ab790811374bcf0ec602282cf4d9f94d39495cf7dd44001de6b401cc

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 14:09:30 GMT
via
1.1 42cdf90926c91454b0e8865bb13f3962.cloudfront.net (CloudFront)
x-usp-info1
t=1970-01-01T00:00:08Z lookahead=2
x-amz-cf-pop
JFK50-P6
age
81640
x-cache
Hit from cloudfront
content-length
283128
server
Apache
etag
"usp-8167C36E"
content-type
video/MP2T
access-control-allow-origin
*
access-control-expose-headers
server,range,date,x-cdn-forward
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
link
<manifest-audio_eng=112056-video_eng=384660-4.ts>; rel="next"
access-control-allow-headers
origin, range, x-cdn-forward
x-amz-cf-id
ymxMIzSe4ssO4Kx_GohK8TElBXSCMvLDk1uj3qcwzbIllb6ktaZfag==
metric
metrics-logger.spot.im/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://metrics-logger.spot.im/metric
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.8.1/launcher/metrics-reporter-bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.204.231.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-204-231-42.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://nypost.com
date
Mon, 14 Aug 2023 12:50:10 GMT
content-length
0
manifest-audio_eng=112056-video_eng=752614.m3u8
videos-cloudfront-usp.jwpsrv.com/64dacae7_576bd9c3b7b35a25372702f4516e53696b433eca/site/XDErnc08/media/ScrNykYo/version/z3PQF4p5/manifest.ism/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://videos-cloudfront-usp.jwpsrv.com/64dacae7_576bd9c3b7b35a25372702f4516e53696b433eca/site/XDErnc08/media/ScrNykYo/version/z3PQF4p5/manifest.ism/manifest-audio_eng=112056-video_eng=752614.m3u8
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.27.1/provider.hlsjs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:a00:2:cecb:23c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
4e88cc7158c2659620f04a6750bd6874a6b106425f653adcca2b19767ab06ea0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 14:08:09 GMT
via
1.1 42cdf90926c91454b0e8865bb13f3962.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P6
age
81721
x-cache
Hit from cloudfront
content-length
1160
server
Apache
etag
"usp-75A6C08C"
vary
Accept-Encoding
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
access-control-expose-headers
server,range,date,x-cdn-forward
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
origin, range, x-cdn-forward
x-amz-cf-id
vtZwMlUS18SBKVPRR7I1Mcw-tKLBsDuPFhM27hDqR_9x1vjO2eVzzw==
manifest-audio_eng=112056-video_eng=752614-4.ts
videos-cloudfront-usp.jwpsrv.com/64dacae7_576bd9c3b7b35a25372702f4516e53696b433eca/site/XDErnc08/media/ScrNykYo/version/z3PQF4p5/manifest.ism/ 		479 KB
480 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://videos-cloudfront-usp.jwpsrv.com/64dacae7_576bd9c3b7b35a25372702f4516e53696b433eca/site/XDErnc08/media/ScrNykYo/version/z3PQF4p5/manifest.ism/manifest-audio_eng=112056-video_eng=752614-4.ts
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.27.1/provider.hlsjs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:a00:2:cecb:23c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
69926d5f82127ed3df1a349655ee26cea78a942d6c8a871074a8e45209eb710d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 14:08:51 GMT
via
1.1 42cdf90926c91454b0e8865bb13f3962.cloudfront.net (CloudFront)
x-usp-info1
t=1970-01-01T00:00:12Z lookahead=2
x-amz-cf-pop
JFK50-P6
age
81679
x-cache
Hit from cloudfront
content-length
490680
server
Apache
etag
"usp-8F7AB1E7"
content-type
video/MP2T
access-control-allow-origin
*
access-control-expose-headers
server,range,date,x-cdn-forward
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
link
<manifest-audio_eng=112056-video_eng=752614-5.ts>; rel="next"
access-control-allow-headers
origin, range, x-cdn-forward
x-amz-cf-id
LpjErNw2LgVWJ-U-6sx11VVVBBetG2JL3CUcnIHCYRQ5H7MA0QHmXA==
manifest-audio_eng=112056-video_eng=752614-5.ts
videos-cloudfront-usp.jwpsrv.com/64dacae7_576bd9c3b7b35a25372702f4516e53696b433eca/site/XDErnc08/media/ScrNykYo/version/z3PQF4p5/manifest.ism/ 		511 KB
513 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://videos-cloudfront-usp.jwpsrv.com/64dacae7_576bd9c3b7b35a25372702f4516e53696b433eca/site/XDErnc08/media/ScrNykYo/version/z3PQF4p5/manifest.ism/manifest-audio_eng=112056-video_eng=752614-5.ts
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.27.1/provider.hlsjs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:a00:2:cecb:23c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
6ece497370b6fb6d408a84cae67dc24ae96d7b3464e46aef437b763fbb0348b6

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 14:08:52 GMT
via
1.1 42cdf90926c91454b0e8865bb13f3962.cloudfront.net (CloudFront)
x-usp-info1
t=1970-01-01T00:00:16Z lookahead=2
x-amz-cf-pop
JFK50-P6
age
81678
x-cache
Hit from cloudfront
content-length
523768
server
Apache
etag
"usp-88666050"
content-type
video/MP2T
access-control-allow-origin
*
access-control-expose-headers
server,range,date,x-cdn-forward
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
link
<manifest-audio_eng=112056-video_eng=752614-6.ts>; rel="next"
access-control-allow-headers
origin, range, x-cdn-forward
x-amz-cf-id
QSXmOi-9HrNhSL7ADfAv3OsTsXf7pwhDGnvRTNxoGoYs_-mHQa1IAA==
read
api-2-0.spot.im/v1.0.0/conversation/realtime/ 		59 B
887 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/conversation/realtime/read
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.8.1/launcher/480-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-22.jfk50.r.cloudfront.net
Software
fasthttp /
Resource Hash
b32e876b78a07e1c74197c4de679ffadfd1034ee608c73792faf402c02599029
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

x-spotim-device-uuid
a3319bef-f26a-424c-8ba0-adaa5e0ce096
x-post-id
26570027
accept-language
en-US,en;q=0.9
x-spotim-device-v2
d_8JwWcnb1rY86BqPJ9YtT
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/json
Accept
application/json
x-spot-id
sp_Sx8YukwE
x-spotim-page-view-id
9221dbf5-e9ec-44c1-b0d4-bb1aa758a98a
Referer
x-access-token
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6IiIsInZlcmlmaWVkIjpmYWxzZSwidXNlcl9pZCI6InVfa2JHakNidEdISXNjIiwiZGlzcGxheV9uYW1lIjoiUmVkQ29ja3RhaWwiLCJ1c2VyX25hbWUiOiJSZWRDb2NrdGFpbCIsInJlZ2lzdGVyZWQiOmZhbHNlLCJpbWFnZV9pZCI6IiNSZWQtQ29ja3RhaWwiLCJyb2xlcyI6W10sInNzb19kYXRhIjpudWxsLCJwcm92aWRlcnMiOm51bGwsInJlcHV0YXRpb24iOnt9LCJzcG90X2lkIjoic3BfU3g4WXVrd0UiLCJsYXN0X2NoZWNrIjoxNjkyMDE3Mzk4LCJ2ZXJzaW9uIjoyLCJ4LXNwb3RpbS10b2tlbiI6IjAxMjMwODE0NWRKWDAwLjBhYWI0MDk1NzAzMzg0NTczNGRlY2MyZmU5MTNlZTgyNGQ2ZWZiMGRmNTZlNTI5MzQxNDNlNTA4MzNmNjJjMjYiLCJwZXJtaXNzaW9ucyI6bnVsbCwic3BvdGltLWRldmljZS12MiI6ImRfOEp3V2NuYjFyWTg2QnFQSjlZdFQiLCJuZXR3b3JrIjp7Im5ldHdvcmtfaWQiOiJuZXRfbnlwb3N0IiwibmV0d29ya19uYW1lIjoiTllQb3N0IiwibmV0d29ya19pbWFnZV9pZCI6Ik5ZUG9zdCIsIm5ldHdvcmtfY29sb3IiOiIjQ0MzMzMzIn0sInNwb3RfbmFtZSI6IiIsImRvbWFpbiI6IiIsInJvbGVzX251bWJlciI6MCwidGVtcF91c2VyIjpmYWxzZSwiZXhwIjoxNzIwNDM5Mzk4LCJzdWIiOiJ1X2tiR2pDYnRHSElzYyJ9.5Jcs78xQbo06Bo6LVlcfOO9evTO49Bfow2cswiwWfcQ

Response headers

date
Mon, 14 Aug 2023 12:50:10 GMT
via
1.1 6e202b767e6bdee837ba15ada7e3120e.cloudfront.net (CloudFront)
x-spotim-device-uuid
a3319bef-f26a-424c-8ba0-adaa5e0ce096
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
strict-transport-security
max-age=31536000
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-spotim-networkid
net_nypost
content-length
59
x-spotim-token
012308145dJX00.0aab40957033845734decc2fe913ee824d6efb0df56e52934143e50833f62c26
x-request-id
1acf743f-3aa1-11ee-b258-760e663e4e12
x-guid
a3319bef-f26a-424c-8ba0-adaa5e0ce096
server
fasthttp
x-spotim-device-v2
d_8JwWcnb1rY86BqPJ9YtT
access-control-max-age
86400
content-type
application/json
access-control-allow-origin
https://nypost.com
access-control-allow-credentials
true
x-amz-cf-id
P1zhwKieMBymu3YMczBntj2J8Z6cpzVwOvTKbPqYL-v0zRQ5Hy1K9A==
read
api-2-0.spot.im/v1.0.0/conversation/realtime/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/conversation/realtime/read
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-22.jfk50.r.cloudfront.net
Software
fasthttp /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-access-token,x-post-id,x-spot-id,x-spotim-device-uuid,x-spotim-device-v2,x-spotim-page-view-id
Access-Control-Request-Method
POST
Origin
https://nypost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://nypost.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age
86400
content-length
0
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
date
Mon, 14 Aug 2023 12:50:10 GMT
server
fasthttp
strict-transport-security
max-age=31536000
via
1.1 5a7c529ef93438ca768c3432355a6e72.cloudfront.net (CloudFront)
x-amz-cf-id
45PwzJyEdlzJPbCF1tdq_g8cfRztGTjaswsaNopESJQzg0cwVFsnBg==
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
manifest-audio_eng=112056-video_eng=752614-6.ts
videos-cloudfront-usp.jwpsrv.com/64dacae7_576bd9c3b7b35a25372702f4516e53696b433eca/site/XDErnc08/media/ScrNykYo/version/z3PQF4p5/manifest.ism/ 		558 KB
560 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://videos-cloudfront-usp.jwpsrv.com/64dacae7_576bd9c3b7b35a25372702f4516e53696b433eca/site/XDErnc08/media/ScrNykYo/version/z3PQF4p5/manifest.ism/manifest-audio_eng=112056-video_eng=752614-6.ts
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.27.1/provider.hlsjs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:a00:2:cecb:23c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
0693dd347b67752ba7a10ad6c43488cf213606f753af84a255cb35159f1aec45

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 14:08:52 GMT
via
1.1 42cdf90926c91454b0e8865bb13f3962.cloudfront.net (CloudFront)
x-usp-info1
t=1970-01-01T00:00:20Z lookahead=2
x-amz-cf-pop
JFK50-P6
age
81678
x-cache
Hit from cloudfront
content-length
571896
server
Apache
etag
"usp-F5955BB2"
content-type
video/MP2T
access-control-allow-origin
*
access-control-expose-headers
server,range,date,x-cdn-forward
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
link
<manifest-audio_eng=112056-video_eng=752614-7.ts>; rel="next"
access-control-allow-headers
origin, range, x-cdn-forward
x-amz-cf-id
9_CCM7oqg2nE3edrzKjLwyGsO26foqDHLeK_kwn10rv4qggdrCEroA==
manifest-audio_eng=112056-video_eng=752614-7.ts
videos-cloudfront-usp.jwpsrv.com/64dacae7_576bd9c3b7b35a25372702f4516e53696b433eca/site/XDErnc08/media/ScrNykYo/version/z3PQF4p5/manifest.ism/ 		453 KB
454 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://videos-cloudfront-usp.jwpsrv.com/64dacae7_576bd9c3b7b35a25372702f4516e53696b433eca/site/XDErnc08/media/ScrNykYo/version/z3PQF4p5/manifest.ism/manifest-audio_eng=112056-video_eng=752614-7.ts
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.27.1/provider.hlsjs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:a00:2:cecb:23c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
adf658e84a5dff1aaa7a5f3908143b92a9b807737af2a4de031755fe369e26a1

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 14:08:53 GMT
via
1.1 42cdf90926c91454b0e8865bb13f3962.cloudfront.net (CloudFront)
x-usp-info1
t=1970-01-01T00:00:24Z lookahead=2
x-amz-cf-pop
JFK50-P6
age
81677
x-cache
Hit from cloudfront
content-length
463608
server
Apache
etag
"usp-83B2B29C"
content-type
video/MP2T
access-control-allow-origin
*
access-control-expose-headers
server,range,date,x-cdn-forward
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
link
<manifest-audio_eng=112056-video_eng=752614-8.ts>; rel="next"
access-control-allow-headers
origin, range, x-cdn-forward
x-amz-cf-id
iPwdddUi7s1bjqwBDUy5h7oARMSkeRl-KAJkvBogJS6B2M6wVR-ang==
metrics
api.permutive.com/v2.0/internal/ 		2 B
37 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/internal/metrics?k=8716c0bf-3e57-4603-9c05-89d10477c922
Requested by
Host: 0cf17917-395b-4f25-91cc-db3bdd6044b0.edge.permutive.app
URL: https://0cf17917-395b-4f25-91cc-db3bdd6044b0.edge.permutive.app/f34a8612-9c89-4e7a-adeb-71a2902d9634-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 14 Aug 2023 12:50:12 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
content-type
text/plain;charset=utf-8
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22
pixels
pix.spot.im/api/v1/ 		0
230 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pix.spot.im/api/v1/pixels
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.8.1/launcher/386-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-91.jfk50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 14 Aug 2023 12:50:13 GMT
via
1.1 dd80355363eac92e0372107558e579a8.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P4
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
content-length
0
x-amz-cf-id
R9ks1nFIFfEx64zxLcrwn4U4uDmQYLKwhveVo2E4C3SUcbJgYHC2UQ==
auction
pg-prebid-server.rubiconproject.com/openrtb2/ 		378 B
577 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pg-prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/prebid/nyp/pb.js?ver=1.0.2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
15c29727e9f1486aecebc3b68deefb8856d230dfbbb9397df8f851741921729a

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/1.127.0
Content-Type
application/json
access-control-allow-origin
https://nypost.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
282
Expires
0
bid
krk.kargo.com/api/v2/ 		0
0
prebid
prebid.media.net/rtb/ 		32 B
394 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU3I8M1G
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/prebid/nyp/pb.js?ver=1.0.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
dbe5b7ecbb1e59ac15de1b1ea340c9540f8d1cf1764c667aeca64a1fdd3b639c

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:14 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=utf-8
access-control-allow-origin
https://nypost.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Mon, 14 Aug 2023 12:50:14 GMT
auction
tlx.3lift.com/header/ 		19 B
737 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.39.0&referrer=about%3Ablank&tmax=2000&us_privacy=1---
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/prebid/nyp/pb.js?ver=1.0.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.84.197.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-197-253.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:14 GMT
accept-ch
sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
auction
elb.the-ozone-project.com/openrtb2/ 		2 B
549 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/openrtb2/auction
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/prebid/nyp/pb.js?ver=1.0.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.6.50 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:14 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7f695286db3467d5-MIA
content-length
2
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		5 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=214337
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/prebid/nyp/pb.js?ver=1.0.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d949f880c2bf4ba4269de2cbc96b926bdcbeec069bb3c84d4a2739b823b974b

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:14 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9fQqEnDS0s03oI2oUroNmH%2B6cCMlJuyfZV8CLX7JUnfZwY7XmArRoNX1ew15V90Xt6jgN8htsMXPrhvXYEBMn9FVOTY0ZND4F7FZOTP5lTLu09LPLIBHUr7MsN3LSF3axMyAliAA"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://nypost.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7f695286eadd8da8-MIA
alt-svc
h3=":443"; ma=86400
expires
0
cdb
bidder.criteo.com/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=135&profileId=185&av=35&wv=7.39.0&bundle=4V2Na19rcEJBN2k4TloyRnhEbmZaRnNRUUJ2N01xZ1ZTalNOJTJGbGN2aE0zcSUyQmF3eUxCM1l0UFhzZ2ElMkZUaEZRVkY3RFFJJTJCUGdIY0UlMkJMT0lYSXlieDdmalRVcUsxQnZvMWxZdks2OExhMTRLVTA3ZlJidE1XVm9HZ2QyTTRtSExMenRsTVkwdlhTT1UxZ3lvaWMwdnl0aUFpWlNnJTNEJTNE&cb=67294853154
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/prebid/nyp/pb.js?ver=1.0.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
af9e84f083173346fb137783024b8cfa67eaeb1352bc96128c7ab489b31d51d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 14 Aug 2023 12:50:13 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://nypost.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
hbjson
grid.bidswitch.net/ 		25 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson?sp=trustx
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/prebid/nyp/pb.js?ver=1.0.2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.207.44.74 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
74.44.207.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
622e81c14e0c9cfa75032b9c348ae1f02ef2b4f51720615bdbc758a215693c69

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 14 Aug 2023 12:50:14 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
50
adreq
ads.servenobid.com/ 		1 KB
800 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=6580
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/prebid/nyp/pb.js?ver=1.0.2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.181.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-181-173.compute-1.amazonaws.com
Software
/
Resource Hash
b8b4261cf1bd8eaf8791a0af11a4a8de86121340c5d3c3cd42c13fd132d4922b

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 14 Aug 2023 12:50:14 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://nypost.com
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
503 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969d8c0175756611146b215ea900ca&pos=8a969c7d017676f2e531f77e856a00f8&cmd=bid&eidpubcid.org=e27f856b-b396-4c82-98f1-d0573477e720&eidadserver.org=885e676c-3a70-45fe-acfc-e7ad294a43e8&us_privacy=1---
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/prebid/nyp/pb.js?ver=1.0.2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
7358df789e70a213a5287a06574e2b1894ef96564c58142cf5c67611936609f5

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 14 Aug 2023 12:50:14 GMT
content-encoding
gzip
server
ATS/9.1.10.57
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://nypost.com
access-control-allow-credentials
true
content-length
80
prebid
ib.adnxs.com/ut/v3/ 		139 B
813 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/prebid/nyp/pb.js?ver=1.0.2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.184 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
44f9f59ca2dcdfa34d272a64557c923900bb034101f2b33804cb9c8ad7c75e49
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:14 GMT
an-x-request-uuid
26d224b9-608a-4876-8bcf-83a3468889fd
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nypost.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
38.132.118.69; 38.132.118.69; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
139
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
nypost
direct.adsrvr.org/bid/bidder/ 		0
394 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://direct.adsrvr.org/bid/bidder/nypost
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/prebid/nyp/pb.js?ver=1.0.2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.250.161.129 , United States, ASN26459 (TTD-ASN-01, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 14 Aug 2023 12:50:14 GMT
x-openrtb-version
2.3
server
Kestrel
content-type
application/json
access-control-allow-origin
https://nypost.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		637 B
842 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11076&site_id=26782&zone_id=111194&size_id=57&p_pos=atf&us_privacy=1---&eid_pubcid.org=e27f856b-b396-4c82-98f1-d0573477e720%5E1&tpid_tdid=885e676c-3a70-45fe-acfc-e7ad294a43e8&eid_adserver.org=885e676c-3a70-45fe-acfc-e7ad294a43e8&rf=about%3Ablank&kw=News%2Cfacebook%2Conlyfans%2Cpinterest%2Csecret%20service%2CTwitch%2Ctwitter%2C&tg_v.permutive=74597&tg_i.page=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&tg_i.name=nypost.com&tg_i.domain=nypost.com&tg_i.cat=IAB1%2CIAB12%2CIAB17&tg_i.page_type=article&tg_i.testgroup=85&tg_i.pagesection=news&tg_i.pagetype=article&tg_i.pbadslot=%2F5850%2Fpost.desktop%2Fbillb_atf%2Fnews%2Fstories&tg_i.mnrf=1&tg_i.mnrfc=1&tg_i.src=mnrtd&tk_flint=pbjs_lite_v7.39.0&x_source.tid=2cf182cb-561c-4a48-8a07-8fafe8a8139d&l_pb_bid_id=12195c5becc93845&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F5850%2Fpost.desktop%2Fbillb_atf%2Fnews%2Fstories&slots=1&rand=0.8082528093604806
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/prebid/nyp/pb.js?ver=1.0.2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::43 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
8c30014281fd459c5e888052f831312c821099f401fa63ad62ee6b4e8bf5f477

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:14 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
637
expires
Wed, 17 Sep 1975 21:32:10 GMT
events
bidder.criteo.com/csm/ 		0
188 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://nypost.com
date
Mon, 14 Aug 2023 12:50:14 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
pixels
ssp-sync.criteo.com/user-sync/ 		690 B
792 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp-sync.criteo.com/user-sync/pixels?ccpa=1---
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::1d , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4ee031bc19c6c4e64ba59fee2d70f6179ed165daee13f3b77a728423174d253a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nypost.com
cache-control
no-store,max-age=0
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
match
ssp-sync.criteo.com/user-sync/
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/cri?r=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3dmDVgP18yJTJCWjFiUTFMSlRsRVBIWkxNUHZYMEZZRVdlWk1YOXM5TDJvUnlsb0w3cGclM0Q%26u%3d%24%7bUSER_ID%...
  • https://ssp-sync.criteo.com/user-sync/match?p=mDVgP18yJTJCWjFiUTFMSlRsRVBIWkxNUHZYMEZZRVdlWk1YOXM5TDJvUnlsb0w3cGclM0Q&u=AABFCk7JtEYAACVAbz7Dsg&us_privacy=1---
0
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp-sync.criteo.com/user-sync/match?p=mDVgP18yJTJCWjFiUTFMSlRsRVBIWkxNUHZYMEZZRVdlWk1YOXM5TDJvUnlsb0w3cGclM0Q&u=AABFCk7JtEYAACVAbz7Dsg&us_privacy=1---
Requested by
Host: blank
URL: about:blank
Protocol
H2
Server
2620:100:a001::1d , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:14 GMT
cache-control
no-store,max-age=0
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Kestrel

Redirect headers

location
https://ssp-sync.criteo.com/user-sync/match?p=mDVgP18yJTJCWjFiUTFMSlRsRVBIWkxNUHZYMEZZRVdlWk1YOXM5TDJvUnlsb0w3cGclM0Q&u=AABFCk7JtEYAACVAbz7Dsg&us_privacy=1---
Date
Mon, 14 Aug 2023 12:50:14 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
match
ssp-sync.criteo.com/user-sync/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=criteo&custom_data=fWg7gF9oUWFCZDJtSmp1VktNaFUwQVgxNmZ4cWdmaHdZOEZRY3pTdkc5Ym5JRXlZJTNE&gdpr=&gdpr_consent=&us_privacy=1---&cr_user_id=k-0QhTtiZmUz-AGAn3HgYorfG9jDu...
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=criteo&bsw_user_id=2ec00d2e-f53c-465e-92d3-2beaa816ca85&gdpr=&gdpr_consent=&us_privacy=1---
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=8759a31e-b0b9-4b35-8fbe-32318a0f4a18&ssp=criteo&us_privacy=1---
  • https://ssp-sync.criteo.com/user-sync/match?p=fWg7gF9oUWFCZDJtSmp1VktNaFUwQVgxNmZ4cWdmaHdZOEZRY3pTdkc5Ym5JRXlZJTNE&u=2ec00d2e-f53c-465e-92d3-2beaa816ca85
0
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp-sync.criteo.com/user-sync/match?p=fWg7gF9oUWFCZDJtSmp1VktNaFUwQVgxNmZ4cWdmaHdZOEZRY3pTdkc5Ym5JRXlZJTNE&u=2ec00d2e-f53c-465e-92d3-2beaa816ca85
Requested by
Host: blank
URL: about:blank
Protocol
H2
Server
2620:100:a001::1d , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:14 GMT
cache-control
no-store,max-age=0
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Kestrel

Redirect headers

Location
//ssp-sync.criteo.com/user-sync/match?p=fWg7gF9oUWFCZDJtSmp1VktNaFUwQVgxNmZ4cWdmaHdZOEZRY3pTdkc5Ym5JRXlZJTNE&u=2ec00d2e-f53c-465e-92d3-2beaa816ca85
Date
Mon, 14 Aug 2023 12:50:14 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
match
ssp-sync.criteo.com/user-sync/
Redirect Chain
  • https://sync.taboola.com/sg/criteoscod/1/cm?redirect=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3dWqTgzF8lMkJPTktVbGlxUXZXOWNVbzAlMkZHS3gzVk43Mk00SzVuckUlMkIxUGdud25Sd2MwJTNE%26u%3d%...
  • https://ssp-sync.criteo.com/user-sync/match?p=WqTgzF8lMkJPTktVbGlxUXZXOWNVbzAlMkZHS3gzVk43Mk00SzVuckUlMkIxUGdud25Sd2MwJTNE&u=1fda57ea-2c09-4838-9cc1-26167d51b9d6-tuctbd3a878
0
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp-sync.criteo.com/user-sync/match?p=WqTgzF8lMkJPTktVbGlxUXZXOWNVbzAlMkZHS3gzVk43Mk00SzVuckUlMkIxUGdud25Sd2MwJTNE&u=1fda57ea-2c09-4838-9cc1-26167d51b9d6-tuctbd3a878
Requested by
Host: blank
URL: about:blank
Protocol
H2
Server
2620:100:a001::1d , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:14 GMT
cache-control
no-store,max-age=0
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Kestrel

Redirect headers

location
https://ssp-sync.criteo.com/user-sync/match?p=WqTgzF8lMkJPTktVbGlxUXZXOWNVbzAlMkZHS3gzVk43Mk00SzVuckUlMkIxUGdud25Sd2MwJTNE&u=1fda57ea-2c09-4838-9cc1-26167d51b9d6-tuctbd3a878
date
Mon, 14 Aug 2023 12:50:14 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
68019
log
hblg.media.net/ 		35 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?logid=kfk&evtid=arlog&itype=RTD&abte=CONTROL&adt=desktop&cid=8CU3I8M1G&ct=MIAMI&cc=US&ugd=4&pht=1200&pid=&dn=nypost.com&servname=ssp-serving-6446fbb9-5m4rf&svr=1010_326&sc=FL&version=4&vh=1200&vw=1600&vsid=&vid=00001692017393434006462152372511&requrl=about%3Ablank&kwrf=&crid=&dfpDiv=div-gpt-ad-billb_atf&rfc=1&size=&art=15017&dfpadvId=36786095&dfpcmpId=2707512692&dsid=%2F5850%2Fpost.desktop%2Fbillb_atf%2Fnews%2Fstories&olid=5399361314&olitype=&invw=0&isEmp=0&lper=1&pb_analytics=true&utid=07b2f161-d10c-4de2-8ce8-c065950d14d7
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.36.23 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-36-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 12:50:15 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Mon, 14 Aug 2023 12:50:15 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		29 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4141958597509330&correlator=3403066966518030&hxva=1&scor=3311754612847666&eid=31072020%2C31076474%2C31076923%2C31076971&output=ldjh&gdfp_req=1&vrg=202308090102&ptt=17&impl=fifs&us_privacy=1---&iu_parts=5850%2Cpost.desktop%2Cbillb_atf%2Cnews%2Cstories&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=970x90%7C970x250%7C978x250%7C1x1%7C1x11&ifi=10&didk=285960245&sfv=1-0-40&rcs=1&eri=1&sc=1&cookie=ID%3D3f4280495ad59a5b%3AT%3D1692017397%3ART%3D1692017397%3AS%3DALNI_MZC9XQPAcBhlDWr46-lWAg712JVGw&gpic=UID%3D00000d8b043de150%3AT%3D1692017397%3ART%3D1692017397%3AS%3DALNI_MaSNJb9Zze-9rTYeUS3EUmWNcxEdA&abxe=1&dt=1692017416220&lmt=1692053416&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=about%3Ablank&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=AOrYGskpaHMHGjlTx9iKp01csCH7IBpKRiQHMgL8FkHTHtobh2JVERh7ew%2CAOrYGslpbwfY2AppfG8YmMJcRFFiA6W49HL1khjyGwGG-aP1PTXoNuY1sQ%2CAOrYGsnfjTqzSYEo0WVsGNnQv1El9Xv_eYmFBuKE3ABcmSj6lxJHkHiS203yTUNsxEtbOdXNplCvNXCP4oPSZj9s6REKSaF54wrATI9H_DlXng%2CAOrYGsmuqLGV0BmHdA-EUo7UXre_Q2vEfc1XrNttzAItAUwfIuLKvXQsAQ%2CAOrYGsljAGX7r5k5osXEwwXEblhl2KlIMUORvwDnVraGppIumLY7EDjKf-pWNZTvGiCRpPAs77KphC1xROA6XOhSfrwrGW3pz4x5QhoOBHvc8Q&ga_vid=1624615099.1692017395&ga_sid=1692017398&ga_hid=1381752064&ga_fc=true&dlt=1692017391878&idt=3587&ppid=64da22f22e0b1160c331cf0964da22f22e0b1160c331cf09&prev_scp=amznbid%3D2%26amznp%3D2%26hb_domain%3Dnypost.com%26hb_auction_id%3D474da0f6-d273-4593-9332-f6c96e4b2dc0%26hb_adomain%3Dvivint.com%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D970x250%26hb_pb%3D0.09%26hb_adid%3D123e4bac13b78017%26hb_bidder%3DindexExchange%26mnadc%3Ddiv-gpt-ad-billb_atf%26mnrf%3D1%26mnrfc%3D1&cust_params=testgroup%3D85%26permutive%3D72374%252C74597%252C135499%252Crts%26puid%3D7e514abc-0a31-4f03-90ca-baace86c2b2a%26ptime%3D1692017395480%26authors%3DFox%2520Business%26page_type%3Darticle%26content%3Dfacebook%252Conlyfans%252Cpinterest%252Csecret-service%252Ctwitch%252Ctwitter%26site%3Dnypost%26dimension54%3Dtrue%26video%3Dnone%26nckey_userGroup%3D2%26hb_test%3Dv3%26prmtvsdk%3Dweb&adks=4085704678
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308090102/pubads_impl.js?cb=31076971
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8bee60698904e2d7c6b1810a3fe619fe6f0500e8a32099a425f4ff2fcac49dac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:16 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12352
x-xss-protection
0
google-lineitem-id
5555742430
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138208987217
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://nypost.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
servt.unrulyvideo.com/ 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://servt.unrulyvideo.com/track?pid=603f65a2e291680ef30af9c7&cid=63270a3c111cb340ec60ce24&cb=1692017397376&r=nypost.com&stagid=62af35d851923c62777207b4&stplid=62b08bd1ff25cd1ac30f2fb8&d35=&cd10=622640&e=AV_M3&prbdres=nopos&sn=about%3Ablank
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.157.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-157-77.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:50:26 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
pub64ef987b36069aa72999d7903381703d
browser-http-intake.logs.datadoghq.com/v1/input/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
tags.knewz.com
URL
https://tags.knewz.com/prod/ncg/cookie.html
Domain
id.geistm.com
URL
https://id.geistm.com/m/OB/KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR
Domain
id5-sync.com
URL
https://id5-sync.com/c/164/108/4/6.gif?puid=729e4ab9-4626-4c72-9437-f28f3a88b1bb&gdpr=0&gdpr_consent=
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=8499&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3Dk1jJghvBi79yX1NZ2sM5fXrm%26source_user_id%3D%24SPOTX_USER_ID
Domain
sync-tm.everesttech.net
URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?source=211945
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=8721&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%2F%3Ft%3Da%26ep%3D301276%26extuid%3D%24SPOTX_USER_ID%20
Domain
dmp.brand-display.com
URL
https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e&us_privacy=1---
Domain
s.ad.smaato.net
URL
https://s.ad.smaato.net/c/?dspId=1001758&gdpr=0&gdpr_consent=&dspCookie=b5596773-acaf-4032-8f52-9596075f9aeb
Domain
sync.richaudience.com
URL
https://sync.richaudience.com/1a12a024f8f9561c49164bbaf87ed164/?uid=8978801468337922557
Domain
dmp.brand-display.com
URL
https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEN4DB0J97z6c5-irA-NhCRI&google_cver=1
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
Domain
dsum-sec.casalemedia.com
URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=17c778fa-3aa1-11ee-969c-688d4aa15bb1
Domain
dmp.brand-display.com
URL
https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
Domain
b1sync.zemanta.com
URL
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5JJFC2QTDOIZFUZ2QKNNG65TKGBDFUOKQ
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=8600&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d10%26ev%3dfddb0e4239674cab881846b90d9a1b4b%26pname%3dSpotX%26api-tier%3d1%26uid%3d%24SPOTX_USER_ID&gdpr=0
Domain
cs.media.net
URL
https://cs.media.net/cksync?cs=37&type=cn&redirect=https%3a%2f%2fcapi.connatix.com%2fcore%2fus%3fDemandPartner%3d31%26UserId%3dfddb0e4239674cab881846b90d9a1b4b%26DemandPartnerName%3dMediaNet%26tier%3d1%26DemandPartnerUserId%3D%3Cvsid%3E&gdpr=0
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?dsp_id=2&user_id=72e3f5f2-3329-4388-a3c9-21dc461f90f0&expires=3&user_group=1&ssp=pubmatic
Domain
image8.pubmatic.com
URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Domain
c.amazon-adsystem.com
URL
https://c.amazon-adsystem.com/aax2/apstag.js
Domain
rumcdn.geoedge.be
URL
https://rumcdn.geoedge.be/35362513-af22-4abd-a2c3-bcf6c62814c8/grumi.js
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6125384915149995829
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6125384915149995829
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:8a39a669-f6cd-41ae-a6c6-5b27ea24ed45&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=YWEwdmc3Nkg0b2tSUTY5NVlid2t2cGc5QQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D
Domain
uipglob.semasio.net
URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=68531A78-C812-44CF-A2C6-1C611A476111&sInitiator=external&gdpr=0&gdpr_consent=
Domain
match.adsrvr.org
URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Domain
elb.the-ozone-project.com
URL
https://elb.the-ozone-project.com/setuid?bidder=rubicon&uid=LLAVGYIH-G-GET7&gdpr=0
Domain
sync-dmp.mobtrakk.com
URL
https://sync-dmp.mobtrakk.com/match/bidswitch?id=${user_id}&gdpr=&consent=&usp=&ssp=gumgum2&bsw=2ec00d2e-f53c-465e-92d3-2beaa816ca85
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=obn&i=ENC%28KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR%29
Domain
match.deepintent.com
URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Domain
ssbsync.smartadserver.com
URL
https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent=
Domain
sync.e-planning.net
URL
https://sync.e-planning.net/um?dc=1a6b1d3b3872943b&fi=9e327913d98873c4&uid=u_86675a2e-1fa3-4d4a-8df3-7774f2fc0697
Domain
eb2.3lift.com
URL
https://eb2.3lift.com/xuid?gdpr=0&mid=5316&dongle=fa68&xuid=bRJKq2kUSPx2Fxz6YkAD-2JAHPl2Fhr7Oh9cm08-
Domain
triplelift-match.dotomi.com
URL
https://triplelift-match.dotomi.com/match/bounce/current?DotomiTest=5f4a25781db9103b&is_secure=true&networkId=74572&version=1&gdpr=0&gdpr_consent=
Domain
match.prod.bidr.io
URL
https://match.prod.bidr.io/cookie-sync/trl?gdpr=0&gdpr_consent=
Domain
sync.mathtag.com
URL
https://sync.mathtag.com/sync/img?mt_exid=62&redir=%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3690%26xuid%3D%5BMM_UUID%5D%26dongle%3D3995%26gdpr=0%26gdpr_consent=
Domain
sync-tm.everesttech.net
URL
https://sync-tm.everesttech.net/upi/pid/RVF22VSl?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3657%26xuid%3D%24%7BTM_USER_ID%7D%26dongle%3D3c0a%26gdpr=0%26gdpr_consent=
Domain
rtb.mfadsrvr.com
URL
https://rtb.mfadsrvr.com/sync?ssp=triplelift&gdpr=0&gdpr_consent=
Domain
um.simpli.fi
URL
https://um.simpli.fi/triplelift
Domain
us.creativecdn.com
URL
https://us.creativecdn.com/cm-notify?pi=triplelift&gdpr=0&gdpr_consent=
Domain
rtb.adentifi.com
URL
https://rtb.adentifi.com/CookieSyncTripleLift?gdpr=0&gdpr_consent=
Domain
pm.w55c.net
URL
https://pm.w55c.net/ping_match.gif?st=TRIPLELIFT&rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D6019%26xuid%3D_wfivefivec_%26dongle%3D465e%26gdpr=0%26gdpr_consent=
Domain
sync.e-planning.net
URL
https://sync.e-planning.net/um?uid=689661242672352996219&dc=4d76b6ce34af74c9&iss=1
Domain
ghb.spotim.market
URL
https://ghb.spotim.market/geo/
Domain
ghb.spotim.market
URL
https://ghb.spotim.market/adunit/tracking?event=11&type=0&client_id=270443&site_id=13401&pbjsv=v7.37.3&full_page_url=https%3A%2F%2Fnypost.com&adid=avh6p2.ru&features=81952&vpbv=A168&tte=7914&lifecycle_tte=8270
Domain
capi.connatix.com
URL
https://capi.connatix.com/core/us?DemandPartner=37&UserId=fddb0e4239674cab881846b90d9a1b4b&DemandPartnerName=_33Across&tier=1&DemandPartnerUserId=212236466587534
Domain
ssc-cms.33across.com
URL
https://ssc-cms.33across.com/ps/?ri=102&ru=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fbidder_id%3D102%26ttl%3D1694609408%26external_user_id%3D885e676c-3a70-45fe-acfc-e7ad294a43e8
Domain
ssum-sec.casalemedia.com
URL
https://ssum-sec.casalemedia.com/usermatchredir?s=191740&us_privacy=&cb=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D2%26external_user_id%3D
Domain
ssc-cms.33across.com
URL
https://ssc-cms.33across.com/ps/?us_privacy=&xi=45&xu=d6b17afb-b9dc-4997-9b71-8ab66aac7c4f-64da22f6-5553
Domain
ssc-cms.33across.com
URL
https://ssc-cms.33across.com/ps/?xi=120&xu=aGQZVP-FWKlwqApFxMElgCaEdkU
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/getuid?https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D90%26external_user_id%3D%24UID
Domain
c.amazon-adsystem.com
URL
https://c.amazon-adsystem.com/aax2/apstag.js
Domain
rumcdn.geoedge.be
URL
https://rumcdn.geoedge.be/35362513-af22-4abd-a2c3-bcf6c62814c8/grumi.js
Domain
simage4.pubmatic.com
URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=1---
Domain
capi.connatix.com
URL
https://capi.connatix.com/tr/ucl?v=313598
Domain
sync.intentiq.com
URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=372401555&pcid=fddb0e4239674cab881846b90d9a1b4b
Domain
imasdk.googleapis.com
URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Domain
cds.connatix.com
URL
https://cds.connatix.com/p/313598/elements.ui.488cf483a75f74c120ac.js
Domain
cs.admanmedia.com
URL
https://cs.admanmedia.com/sync/gumgum?puid=u_86675a2e-1fa3-4d4a-8df3-7774f2fc0697&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa=
Domain
ghb.spotim.market
URL
https://ghb.spotim.market/geo/
Domain
ghb.spotim.market
URL
https://ghb.spotim.market/adunit/tracking?event=11&type=0&client_id=270443&site_id=10247&pbjsv=v7.37.3&full_page_url=https%3A%2F%2Fnypost.com&adid=avh7la.ol&features=81952&vpbv=A168&lifecycle_tte=9141
Domain
eus.rubiconproject.com
URL
https://eus.rubiconproject.com/usync.js
Domain
cms.quantserve.com
URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEFXxpHCCwrHOXSzS7Xwkzow&google_cver=1&google_push=AXcoOmRrhoPfPcE43A4n8P_NiWaO-gcd988t6_RBKV4hyy_d_j9sHsQPea3SqDSjuV8XC47szRbZsDjZC7YTuGxSZRTVeKkHEK8
Domain
aep.mxptint.net
URL
https://aep.mxptint.net/sn.ashx?google_gid=CAESELAeyenRoFH5eicNW47cl2k&google_cver=1&google_push=AXcoOmQDEFLxzRvrHwd1MO3PJyhC9THTMnhanvQOn8rFAsbZHKAgVFsdonj_OePIoeu5gZBhu4iH2JGuusz40sphpGsMPNu1Yt4
Domain
um.simpli.fi
URL
https://um.simpli.fi/gp_match?google_gid=CAESEJkR-knP6QpfmjZqg_wPMgM&google_cver=1&google_push=AXcoOmR55fwGfzEpKtGa28L1IO6z1wNjkxAxo8RwWLxB9DZI3aF_3CsFe1aYE_HU5uuW2IAH6NJ-tolmCAiXAgLNG6XBXEuZ3w
Domain
sync.srv.stackadapt.com
URL
https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESELGlMenRKob86AUbqZdyuT4&google_cver=1&google_push=AXcoOmRxi1iIvlnafs5d2ERsSrJYzapEH6pXoqK28VPPrGpw6R6bUAx5Uq4Tzu2cFqFFNuJw4yhYi_sJBRhLhZ2qK3JJjAFDvK8
Domain
ssbsync.smartadserver.com
URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEOmgQhqvyupDdlsFagf-AxQ&google_cver=1&google_push=AXcoOmRxqKwO0srLxpONE0EpOZWARypDtk97-rJ7uyZ-kXH_qVaxMuUpH8z4QNypX4nAya-6Ojc1oqqITbWqbL5dHKxQHxTbR4E
Domain
beacon.lynx.cognitivlabs.com
URL
https://beacon.lynx.cognitivlabs.com/adx.gif?google_gid=CAESEEd2iRSrzD-D3zYIwgJMNUU&google_cver=1&google_push=AXcoOmQiauVikThW-EUbDhvaUhTqNcOSVPNx-qGHmiffYOOCQzPSeDFfgTSzTaFAU8BezPnxokFgSzlLEdy6mVVjVl7900O84iE
Domain
t.adx.opera.com
URL
https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmSOu5HAtuxWyB7qv0D3Dcpglu65_2gfMEHWrxAM3S9Sgo6ozCTWqszyumdrAFS2b6BTlDZr7DLWEb7FD5vaA6ge6PBHq9AX&google_gid=CAESEEkVdABWXKoo3ppd2-ksYsY&google_cver=1
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KVIfh-ol5jnFzmgjP-zMxdvKoduiRf2aUdeyqcoR7rLIka5v2YcBvj2ZTDQZXDReEV5U4I5SQ
Domain
events-ssc.33across.com
URL
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=70&external_user_id=da207630-7672-426b-8b12-90c1b66ab2da
Domain
aa.agkn.com
URL
https://aa.agkn.com/adscores/g.pixel?sid=9212314908&puid=b0c99a20-e735-4915-8d67-139b3cf8b2a3
Domain
bpi.rtactivate.com
URL
https://bpi.rtactivate.com/tag/?id=50019&user_id=326451a1-7771-40f8-818e-b0184ec64554
Domain
stags.bluekai.com
URL
https://stags.bluekai.com/site/37274?limit=1&id=8b5f22f8-9d8e-4f05-9dd2-0035276e4036
Domain
id.rlcdn.com
URL
https://id.rlcdn.com/709996.gif
Domain
idpix.media6degrees.com
URL
https://idpix.media6degrees.com/orbserv/hbpix?pixId=856286&pcv=125&ptid=23&tpuv=00&tpu=00e6efd4-b061-57b2-100c-d4e299f36047
Domain
aorta.clickagy.com
URL
https://aorta.clickagy.com/pixel.gif?ch=4&cm=b3c54ebb-fa83-4eca-91b0-0450580c2eb4&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537073026%26val%3D%7Bvisitor_id%7D
Domain
rtb.openx.net
URL
https://rtb.openx.net/sync/dds
Domain
sync.ipredictive.com
URL
https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID}
Domain
pixel-sync.sitescout.com
URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0
Domain
pixel.tapad.com
URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1955&partner_device_id=aa3509a2-f3fe-4f03-adc4-07c78fb2e189
Domain
dclk-match.dotomi.com
URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEHES9POUH15iq8MhSsAhSV8&google_cver=1&google_push=AXcoOmQutQw3w2bbT6Rfwm8zV4Bq38wqBDnHUHFnTTYnZ_QOk37o5HQrytNoIQXTGXqVJL2gpysSk7knr0zDln-9rddIKlSL4LCx
Domain
a.tribalfusion.com
URL
https://a.tribalfusion.com/i.match?p=b6&u=CAESEPUWXxKfLaa3QZ7PwrN-ito&google_cver=1&google_push=AXcoOmQNLnPe7Bi-iGUg05DeN2OaUXruBiMPw8-PEw0uCNj8MEuHZXlu4OTzPhj_p2C2454l8yIYy8aQYWynQR5_TbuzctEluGUD&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQNLnPe7Bi-iGUg05DeN2OaUXruBiMPw8-PEw0uCNj8MEuHZXlu4OTzPhj_p2C2454l8yIYy8aQYWynQR5_TbuzctEluGUD%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Domain
aep.mxptint.net
URL
https://aep.mxptint.net/sn.ashx?google_gid=CAESELAeyenRoFH5eicNW47cl2k&google_cver=1&google_push=AXcoOmRYT3FLknlfeZZV-L7WfoUdvil82o6s3EqomkNHkW33NleBAJmAy9kLlJ5xpHNCfIG-Ex-Wnwze7zcjqRILGo2WFKrnSkJ4
Domain
rtb.openx.net
URL
https://rtb.openx.net/sync/dds?google_gid=CAESEKrs3wjNXTWUSLI7Jr9_7jY&google_cver=1&google_push=AXcoOmS62iuND3gFfvpUaQREsILG283BVqt7ClzHnBZgYri3MRLhOVW9rcVPTuEU4tkT6LiukfYcdAjlY8AHgQilpMkYtlKalZtg
Domain
dsum-sec.casalemedia.com
URL
https://dsum-sec.casalemedia.com/cma?google_gid=CAESEPZqk2iPNgWd3K8DEkaAXDU&google_cver=1&google_push=AXcoOmQN1WWS0Crb0HpNDtED8tvZTcFismDgeYzWx8J3-p-85n6kw7Fk1v8_V1eoGvu506fiJNgKTeqYshww2RqTbFA2cETtSGX5
Domain
ius.ctnsnet.com
URL
https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEDRZZE2UJHbvnY-r1VQbMbY&google_cver=1&google_push=AXcoOmSqGnWod09TvkAKRbWUkiovSWVrPIYCVhM2Y2L9HAxJizx6IslucN9nqOeu0AytnVwH2Uubb4k92A1NXc7NZyoPjwjzamfH
Domain
an.yandex.ru
URL
https://an.yandex.ru/mapuid/google/CAESEEuE3AmcZstaYxgk2OwnL44?ext-param=AXcoOmQ-u5Os6dWfeRCBYPkTnSl4eMuZ5Hlkp_ru4u2xwla9LoTbMHfQvlB69YmrKjkND3wY2aQkoB7yVPNT3KklNmBlcTQO-lMtwA&partner-tag=yandex_ag&google_cver=1
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LTZiZ_7xkVqT6WklIf9icAk5D6HvdK9TWgaNJ7DTKq_qbaTgNYkxQJl6GAx0ZAkywtLFGlj_A
Domain
idsync.rlcdn.com
URL
https://idsync.rlcdn.com/420486.gif?partner_uid=68531A78-C812-44CF-A2C6-1C611A476111
Domain
ads.pubmatic.com
URL
https://ads.pubmatic.com/AdServer/js/pwt/160065/3904/pwt.js
Domain
inv-nets.admixer.net
URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dadconductor%26bsw_param%3D2ec00d2e-f53c-465e-92d3-2beaa816ca85%26gdpr%3D%26consent%3D%26gdpr_pd%3D%26expires%3D7
Domain
sync.aniview.com
URL
https://sync.aniview.com/cookiesyncendpoint?auid=1692017406828-939026011029-001222-002-004076&biddername=23&key=f0c9e2f4-a0c8-4698-b246-2a0c386809b7
Domain
sync.aniview.com
URL
https://sync.aniview.com/cookiesyncendpoint?auid=1692017406828-939026011029-001222-002-004076&biddername=56&pid=59c9148628a0612da3689288&key=d3b0ff90-af00-45c0-8b53-51476465188b&gdpr_consent=null&gdpr=0
Domain
cs.admanmedia.com
URL
https://cs.admanmedia.com/fa9f4b3548d146d8b0584acce84c4fec.gif?gdpr=0&gdpr_consent=&us_privacy=1---&coppa=0&puid=1692017406828-939026011029-001222-002-004076&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1692017406828-939026011029-001222-002-004076%26biddername%3D57%26pid%3D59c9148628a0612da3689288%26key%3D%7B%24UID%7D
Domain
player.aniview.com
URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Domain
player.aniview.com
URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0a1.js
Domain
player.aniview.com
URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0a0.js
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuNJa07JLbNkRmPjdnMGNNT-zH3e2hwE5LvyI1tvogz8ut9z3NaVrn6SkffD0BGLG1gZp1P-64TDP0Xcx8ALvoZMLdYdGc3GkHbORyH2AtwCBELAASFDbkCvD7YCuZTs2dhHyMx6ICpTA&sai=AMfl-YRbXXaZnqmeGRxPstG9dk9cVCjUfk3alLtwlNTbx-f2A3Xosd_1z9kudJXjUnIkcKOPyh60sDO_HxLv5zIOhZGD7aLRx_xIWHgcvbf5ROpvngwaSAYqxtdmck2HYxckgp-wST5YwrgPWN6xe8s&sig=Cg0ArKJSzDCbngD3c8ruEAE&cid=CAQSTQBpAlJWSXk1hpRRU9THdP74DO6vW1iiu4zvhCOvsLE8fJAeESVTP_XYHQa4XH1DkPsWhTbJpvDpPHCYbx8t9vhrjZYA-dNxN0ZppGuGGAE&id=lidartos&mcvt=985&p=0,0,250,970&mtos=985,985,985,985,985&tos=985,0,0,0,0&v=20230809&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4085704678&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=3&r=b&rst=1692017398956&rpt=9232&ec=1&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstRAKgicqClN3jNtUooPOoMy0QA0XnBP4btiNlJ3YsUH4lDJgIVwAVJcw7Oc7yHDuttUr1sw232bZe49QPckQwpXOGfE1lip3CJ-CVdZCSP7SXcEZHu&sig=Cg0ArKJSzDnT40BouVAQEAE&id=lidartos&mcvt=8876&p=556,0,563,1&mtos=8876,8876,8876,8876,8876&tos=8876,0,0,0,0&v=20230809&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2584993449&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=b&rst=1692017399051&rpt=1298&isd=0&lsd=0&ec=1&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Domain
pl.connatix.com
URL
https://pl.connatix.com/
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~llavh0ey&c=4711511821746&slotId=2355755910873&uet=2&ghmsh_eids=44750824%2C44752052%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvBIfcapxziZZ0SSmZfaRfecEvShUnIx9JittSvo10nRTCLcDWia9PuYzoR3TqLmOlAIfY_VoTfbj9v6aXI6EGyTonqXMthI3io8uHA6tbY3DOhyEDRS5DrLuG93KmftjkqA-ObR_rTew&sai=AMfl-YRSIuRJrUSPbjvNgdm2YUKY_AdU9a0O1Oq4F7O2h8P4RJoq8-qPZWqdn0wvu_4SZWjOwzfeAVNW-e76nIsyYAtjva5-cswXpqtNOkyKJMWOzleCN5yDp66Fe7G54iqQTTklZerEpjgyXuTi3_E&sig=Cg0ArKJSzA6SQYUMGSKgEAE&cid=CAQSTQBpAlJWSXk1hpRRU9THdP74DO6vW1iiu4zvhCOvsLE8fJAeESVTP_XYHQa4XH1DkPsWhTbJpvDpPHCYbx8t9vhrjZYA-dNxN0ZppGuGGAE&id=lidartos&mcvt=0&p=0,0,600,300&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20230809&bin=7&avms=nio&bs=0,0&mc=0&if=1&vu=1&app=0&itpl=20&adk=2562591345&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=3&r=b&rst=1692017398915&rpt=9181&ec=1&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss3uzGtnydaVLz0OH6-oyWszDKV07sRwk5yHkURsrdnpPS_X7s7cevBdBsMNzGrsa9qps0y0YuwqwMvmQss_UzF-v7gaNIDLwjWVK0lISFBLGLZ0PJR&sig=Cg0ArKJSzDkMB3PLN4uyEAE&id=lidartos&mcvt=0&p=2107,1032,2113,1033&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20230809&bin=7&avms=nio&bs=1600,1200&mc=0&vu=1&app=0&itpl=19&adk=3896335650&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=3&r=b&rst=1692017399099&rpt=4024&isd=0&lsd=0&ec=1&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuR3xHmXWBgj4XZD7sOcMGVYaXuPxNWqRS6zNDy9j6Zb2rvYLz4yQRnmwf2ECTNimVKs6RyjeSvy-NHkVkpLp_Mgld_xaShwiFkqR3MIotEMlEkOWUBWJJ00gK-a_1lZzFMagj_VQLcmQ&sai=AMfl-YQHkosz3Pl9Qj3LadYbsFV5T2bsvs-pXso2eQ7KBJxUIMIODYZ2OwltyH_tI-RaxZIGe5kmtJyDAyhkBNqMMtPMis9_4l7Ci9Bzkh7SkwUdq88jA5Mo3Monrmvna_K3jf_MbuVYWvPwgtBT6Ho&sig=Cg0ArKJSzAskEsIjFZBjEAE&cid=CAQSTQBpAlJWSXk1hpRRU9THdP74DO6vW1iiu4zvhCOvsLE8fJAeESVTP_XYHQa4XH1DkPsWhTbJpvDpPHCYbx8t9vhrjZYA-dNxN0ZppGuGGAE&id=lidartos&mcvt=0&p=2801,1032,3401,1332&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20230809&bin=7&avms=nio&bs=0,0&mc=0&if=1&vu=1&app=0&itpl=20&adk=2132126583&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=3&r=b&rst=1692017399036&rpt=6874&isd=0&lsd=0&ec=1&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss07OHgVweoSlkOrTbFG9cM23ByvNrY_AKlS072pLXQFw1tlztByT4glLzVOqoApboze26CluZ6f6Zy8r_Dc5JthUV5PXNuSdkFViG51e3n8Z9EXWhYwXIFjXUPKEZNIIGEdU0K-ZzyFA&sai=AMfl-YQALfFzYdG_ri7RLRHW8T21xQGo3mBp1H2vNOi64S5cUzd65mq_0SEE-iM5d7gYaS5_wr-MPGJGi4C4PqATOZl28SOh9ma_9MRKEhtryzZowk2eBZFb6nUY2gj2Srq_4y6W6zLLxLANUxAo1yc&sig=Cg0ArKJSzDIGgzOBUjzNEAE&cid=CAQSTQBpAlJWSXk1hpRRU9THdP74DO6vW1iiu4zvhCOvsLE8fJAeESVTP_XYHQa4XH1DkPsWhTbJpvDpPHCYbx8t9vhrjZYA-dNxN0ZppGuGGAE&id=lidartos&mcvt=0&p=3970,1032,4570,1332&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20230809&bin=7&avms=nio&bs=0,0&mc=0&if=1&vu=1&app=0&itpl=20&adk=366994245&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=3&r=b&rst=1692017398995&rpt=7974&isd=0&lsd=0&ec=1&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Domain
csm.va.us.criteo.net
URL
https://csm.va.us.criteo.net/iev?entry=c~Gum.ChromeSyncframe.CookieRead.uid~1&entry=c~Gum.ChromeSyncframe.SidReadSuccess~1&entry=h~Gum.ChromeSyncframe.SidReadSuccessDuration~1219
Domain
track1.aniview.com
URL
https://track1.aniview.com/track?r=nypost.com&sn=770&cd1=AR_3%23FMS_CP_1&cd2=11741-89554-81574&cd3=5192484&cd4=footer&cd5=11741-89554-81574%2C12756-0-&cd6=undefined&ic=0&tgt=0&app=&wi=728&he=409&test=&d36=6.2.119&apppkg=&fv=3&proto=https&clsid=82397c33-8b72-4724-add7-ecf81adc531d&rando=71
Domain
elb.the-ozone-project.com
URL
https://elb.the-ozone-project.com/cdn-cgi/rum?
Domain
krk.kargo.com
URL
https://krk.kargo.com/api/v2/bid?json=%7B%22sessionId%22%3A%22603c7a19-f503-4d8f-b293-802b25959e04%22%2C%22requestCount%22%3A0%2C%22timeout%22%3A2000%2C%22currency%22%3A%22USD%22%2C%22cpmGranularity%22%3A1%2C%22timestamp%22%3A1692017414191%2C%22cpmRange%22%3A%7B%22floor%22%3A0%2C%22ceil%22%3A20%7D%2C%22bidIDs%22%3A%7B%2299bba6e7a0158c7%22%3A%22_fomZp7UJsG%22%7D%2C%22bidSizes%22%3A%7B%2299bba6e7a0158c7%22%3A%5B%5B970%2C250%5D%5D%7D%2C%22device%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%2C%22sua%22%3A%7B%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%7D%7D%2C%22prebidRawBidRequests%22%3A%5B%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_fomZp7UJsG%22%7D%2C%22userId%22%3A%7B%22pubcid%22%3A%22e27f856b-b396-4c82-98f1-d0573477e720%22%2C%22tdid%22%3A%22885e676c-3a70-45fe-acfc-e7ad294a43e8%22%7D%2C%22userIdAsEids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22e27f856b-b396-4c82-98f1-d0573477e720%22%2C%22atype%22%3A1%7D%5D%7D%2C%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22885e676c-3a70-45fe-acfc-e7ad294a43e8%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%5D%7D%5D%2C%22ortb2Imp%22%3A%7B%22ext%22%3A%7B%22data%22%3A%7B%22adserver%22%3A%7B%22name%22%3A%22gam%22%2C%22adslot%22%3A%22%2F5850%2Fpost.desktop%2Fbillb_atf%2Fnews%2Fstories%22%7D%2C%22pbadslot%22%3A%22%2F5850%2Fpost.desktop%2Fbillb_atf%2Fnews%2Fstories%22%2C%22mnrf%22%3A1%2C%22mnrfc%22%3A1%2C%22src%22%3A%22mnrtd%22%7D%2C%22gpid%22%3A%22%2F5850%2Fpost.desktop%2Fbillb_atf%2Fnews%2Fstories%22%2C%22refresh%22%3A%7B%22mnrf%22%3A%221%22%2C%22mnrfc%22%3A1%7D%2C%22tid%22%3A%222cf182cb-561c-4a48-8a07-8fafe8a8139d%22%7D%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22pos%22%3A1%2C%22sizes%22%3A%5B%5B970%2C250%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22div-gpt-ad-billb_atf%22%2C%22transactionId%22%3A%222cf182cb-561c-4a48-8a07-8fafe8a8139d%22%2C%22sizes%22%3A%5B%5B970%2C250%5D%5D%2C%22bidId%22%3A%2299bba6e7a0158c7%22%2C%22bidderRequestId%22%3A%22983efef1b7e9d9%22%2C%22auctionId%22%3A%22474da0f6-d273-4593-9332-f6c96e4b2dc0%22%2C%22src%22%3A%22client%22%2C%22metrics%22%3A%7B%22userId.init.gdpr%22%3A%5B0%5D%2C%22userId.mod.init%22%3A%5B6.3000030517578125%2C2.1999969482421875%2C0.5999984741210938%5D%2C%22userId.mods.sharedId.init%22%3A%5B6.3000030517578125%5D%2C%22userId.mods.uid2.init%22%3A%5B2.1999969482421875%5D%2C%22userId.mods.unifiedId.init%22%3A%5B0.5999984741210938%5D%2C%22userId.init.modules%22%3A%5B14.200004577636719%5D%2C%22userId.callbacks.pending%22%3A%5B5350.400001525879%5D%2C%22userId.mod.callback%22%3A%5B5.099998474121094%2C179.79999542236328%5D%2C%22userId.mods.sharedId.callback%22%3A%5B5.099998474121094%5D%2C%22userId.mods.unifiedId.callback%22%3A%5B179.79999542236328%5D%2C%22userId.callbacks.total%22%3A%5B185.20000457763672%5D%2C%22userId.total%22%3A%5B5561.800003051758%5D%2C%22requestBids.usp%22%3A1.5%2C%22requestBids.userId%22%3A0.5%2C%22requestBids.rtd%22%3A3.1999969482421875%2C%22requestBids.validate%22%3A0.3000030517578125%2C%22requestBids.makeRequests%22%3A6.200004577636719%2C%22adapter.client.validate%22%3A0%2C%22adapters.client.kargo.validate%22%3A0%7D%2C%22bidRequestsCount%22%3A2%2C%22bidderRequestsCount%22%3A2%2C%22bidderWinsCount%22%3A0%2C%22ortb2%22%3A%7B%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F%22%2C%22publisher%22%3A%7B%22domain%22%3A%22%22%7D%2C%22name%22%3A%22nypost.com%22%2C%22domain%22%3A%22nypost.com%22%2C%22keywords%22%3A%22News%2Cfacebook%2Conlyfans%2Cpinterest%2Csecret%20service%2CTwitch%2Ctwitter%22%2C%22cat%22%3A%5B%22IAB1%22%2C%22IAB12%22%2C%22IAB17%22%5D%2C%22page_type%22%3A%22article%22%2C%22testgroup%22%3A%2285%22%2C%22ext%22%3A%7B%22data%22%3A%7B%22pagesection%22%3A%22news%22%2C%22pagetype%22%3A%22article%22%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F115.0.5790.170%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D%7D%7D%7D%5D%2C%22userIDs%22%3A%7B%22crbIDs%22%3A%7B%7D%2C%22usp%22%3A%221---%22%2C%22tdID%22%3A%22885e676c-3a70-45fe-acfc-e7ad294a43e8%22%7D%2C%22pageURL%22%3A%22about%3Ablank%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D
Domain
browser-http-intake.logs.datadoghq.com
URL
https://browser-http-intake.logs.datadoghq.com/v1/input/pub64ef987b36069aa72999d7903381703d?ddsource=browser&ddtags=sdk_version%3A3.8.0

Verdicts & Comments Add Verdict or Comment

452 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| OneTrustStub function| __uspapi object| usPrivacyCookie object| gamoo object| otCcpaOptOut function| dnsfeed function| OptanonWrapper object| ga4Dims function| gtag object| dataLayer function| nypGa object| nypScripts string| nypost_screen object| _wpemojiSettings object| tag object| Sailthru object| webpackChunknypost_2016 object| runtime object| regeneratorRuntime function| setImmediate function| clearImmediate object| wp function| sprintf function| vsprintf object| nypAqfer object| jwDatazoomConfig string| usprivacy object| LongTaskObserver object| LUX object| LUX_ae object| LUX_al function| admiral object| googletag object| saasquatch_settings object| sailthru_vars string| ob_id object| OB_element object| OB_elements string| dimension21 function| nypGoogletag object| twemoji object| nypZephr object| zephr object| nypMembership string| OnetrustActiveGroups string| OptanonActiveGroups object| otStubData object| webpackChunknyp_membership function| _ object| core object| cj function| onRecaptchaLoadCallback object| __otccpaooLocation function| 4dm1r11545242527 object| pbjs object| ProgrammaticBidding object| pbjsChunk object| _pbjsGlobals object| mnet object| mnjs string| nobidVersion object| nobid function| FlipboardWidgets object| jwDefaults object| webpackChunkjwplayer function| jwplayer object| nypDataLayer object| __OW_CONFIG__ object| webpackChunk_spotim_launcher object| TQ object| __SPOTIM__ object| sharing_js_options undefined| windowOpen object| _stq object| google_conversion_id object| google_custom_params object| google_remarketing_only object| google_tag_data function| GooglemKTybQhCsO object| google_conversion_date object| google_conversion_time number| google_conversion_snippets number| google_conversion_first_time object| google_conversion_js_version object| google_conversion_format object| google_enable_display_cookie_match object| google_conversion_type object| google_conversion_order_id object| google_conversion_language object| google_conversion_value object| google_conversion_currency object| google_conversion_domain object| google_conversion_label object| google_conversion_color object| google_disable_viewthrough object| google_gtag_event_data object| google_conversion_linker object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_allow_ad_personalization_signals object| google_restricted_data_processing object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| onload_callback object| opt_image_generator object| google_gtm_url_processor object| google_conversion_page_url object| google_conversion_referrer_url object| google_gtm object| google_gcl_cookie_prefix object| google_gcl_cookie_path object| google_gcl_cookie_flags object| google_gcl_cookie_domain object| google_gcl_cookie_max_age_seconds object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_additional_conversion_params object| google_additional_params object| google_transport_url object| google_gtm_experiments object| PARSELY object| google_tag_manager boolean| availablePlans number| hits object| initialized number| lastVisit number| sessionLastVisit number| sessionStarted boolean| triggerFlag boolean| startChatFlag number| differenceInHours object| nypSnowplowNamespace function| snowplow object| Optanon object| OneTrust function| noop object| mnjsWebpackJsonp object| rtd object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| __bt_tag_d object| __bt_tag_am object| __bt_intrnl object| __bt undefined| $ function| jQuery function| nypostAdRefresh object| MicroModal object| datazoom function| st_go function| linktracker_init object| wpcom object| __OPEN_WEB__ function| wtAdTracer object| wtStream object| process function| onYouTubeIframeAPIReady object| gaGlobal function| _typeof string| GoogleAnalyticsObject function| ga object| optimizely undefined| fcp object| observerFCP object| observerFID number| lcp object| observerLCP function| handleLCPVisibility function| handleAbandonmentVisibility object| apstag object| PushlySDK function| pushly function| getCookie object| newsId boolean| subscriber object| z_session object| identityArr object| ncgCookie object| permutive string| nypost_dfp_screen object| dfp_ad_slots_desktop object| dfp_ad_slots_mobile object| apsTagSlots boolean| have_ad_slots object| definedSlots object| _comscore object| unruly object| adWrapper function| ncgGetCookie object| ncgId object| ncgSpId object| gaAutId string| hasAmazon object| links object| amazonLinks undefined| gaEventData undefined| amazonGaEvent undefined| currentGaEvent boolean| __bt_already_invoked object| ns_ object| nb object| ncg_data object| GlobalSnowplowNamespace function| _ncg_snowplow object| SPOTIM string| __OW_ENV__ string| __SPOTIM_ENV__ string| __SPOTIMENV__ string| __SPOTIM_PAGE_VIEW_ID__ object| recaptcha object| closure_lm_5522 object| LI object| __li__evt_bus object| liQ object| liQ_instances object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator object| google_js_reporting_queue function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| _aps boolean| apstagLOADED object| apscustom object| bouncex string| pxSegmentIDs object| c057Data function| get_real_link object| __SKIM_JS_GLOBAL__ object| skimlinksAPI string| __unrulyPageLoadId function| playerApi622640 object| COMSCORE object| ns_p object| MSX6DN2 function| MSX6DN3 object| xop object| -2ia6clendvk object| -11vn7uyeng8w object| gaplugins object| OBR string| OB_releaseVer object| OBREvents function| OBR$ object| OB_PROXY object| outbrain object| outbrain_rater object| ZERG object| ggeac boolean| creativeVendorLibraryLoaded function| _typeof2 function| __liSync object| gaData function| pd_callback object| webpackChunksmart_tag object| json6163575 object| pyGhCB function| pyGhCw object| xblacklist object| Wde8ou2 function| Wde8ou3 function| xblocker undefined| google_measure_js_timing object| closure_lm_512905 object| Criteo function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_na object| sync16589_wa object| sync16589_xa function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_K function| sync16589_L function| sync16589_M function| sync16589_J function| sync16589_la function| sync16589_ma function| sync16589_N function| sync16589_O function| sync16589_oa function| sync16589_P function| sync16589_pa function| sync16589_qa function| sync16589_ra function| sync16589_Q function| sync16589_sa function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_R function| sync16589_S function| sync16589_ya function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_W function| sync16589_za function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Da function| sync16589_Aa function| sync16589_1 function| sync16589_Ca function| sync16589_Ba function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Fa function| sync16589_Ga function| sync16589_Ia function| sync16589_Ea function| sync16589_7 function| sync16589_Ha function| sync16589_Ka function| sync16589_Ja function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_La function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_$ function| sync16589_Pa function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa object| lotame_sync_16589 object| closure_lm_514171 object| ox_esp object| bxgraph object| signal_decrypted object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_140 object| Criteo_identitytag_140 object| __uid2SecureSignalProvider object| __uid2 object| _33across function| positionApi_62af35d851923c62777207b4_1692017396540 function| playerApi_62af35d851923c62777207b4_1692017396540 function| configApi_62af35d851923c62777207b4_1692017396540 function| owActionQueue function| processGoogleToken object| googleToken object| googleIMState object| DD_LOGS object| Zephr function| reload_campaigns function| setBounceCookie function| getBounceCookie function| setBounceVisitCookie function| getBounceVisitCookie function| clearBounceCookie object| aniplayerPos number| google_unique_id function| obApi object| webpackChunkvidget string| OB_VIDEO_VERSION object| OB_VIDEO object| criteo_pubtag_prebid_135 object| Criteo_prebid_135 boolean| DFPMessageEnabled object| webpackChunknotifications function| apiObj function| __SPOTIM_DISABLE_ADS__ object| webpackChunkreactions object| webpackChunkconversation number| _tlTagsPending object| cnx_usr_storage object| webpackChunk function| OutbrainMP object| vdz string| @vsrv function| avPlayer object| storageAni object| cnxPlugins object| cnxEnfStorage function| cnxsetTimeout function| cnxsetInterval function| webpackJsonpbx5uni724rri object| __vidazooPlayer__ object| vidazoo function| @pizngtdi7qk object| __SPOTIM_DEV_STORE__ function| cnxAddEventListener

406 Cookies

Domain/Path Name / Value
widgets.outbrain.com/nanoWidget/externals/cookie Name: thirdparty
Value: yes
.3lift.com/sync Name: sync
Value: CgoIgAIQk-bioJ8xCgoIgQIQudPioJ8xCgoIhwIQ6aTioJ8xCgkICRDppOKgnzEKCQhJELnT4qCfMQoJCAsQudPioJ8xCgoIiwIQk-bioJ8xCgoIjAIQ6aTioJ8xCgoIzgEQudPioJ8xCgoIjgEQk-bioJ8xCgoIkQIQudPioJ8xCgoIkgIQudPioJ8xCgoIlAIQk-bioJ8xCgoI1gEQk-bioJ8xCgkIGxC50-KgnzEKCgidAhCT5uKgnzEKCgjeARC50-KgnzEKCQhfEOmk4qCfMQoJCB8Q6aTioJ8xCgoIoQEQ6aTioJ8xCgoI4gEQ6aTioJ8xCgoI4wEQk-bioJ8xCgoI5gEQ6aTioJ8xCgoI5wEQk-bioJ8xCgoIrAIQudPioJ8xCgoIrQIQudPioJ8xCgoItAIQ6aTioJ8xCgkIORCT5uKgnzEKCQg6EOmk4qCfMQoKCP8BEJPm4qCfMQ==
i.liadm.com/s Name: _li_ss
Value: CkgKBQgKEOMVCgYI3QEQ5RUKBQgGEOMVCgYIgQEQ4xUKBgiiARDjFQoJCP____8HEO0VCgUICxDjFQoGCIsBEOMVCgYI0gEQ4xU
i6.liadm.com/s Name: _li_ss
Value: CgA
nypost.com/ Name: lux_uid
Value: 169201739259558255
.nypost.com/ Name: blaize_session
Value: f6c37589-c6ba-46fe-bb04-17016bbf28e8
nypost.com/ Name: usprivacy
Value: 1---
nypost.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.nypost.com/ Name: _pubcid
Value: e27f856b-b396-4c82-98f1-d0573477e720
.nypost.com/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/%22%2C%22sref%22:%22%22%2C%22sts%22:1692017393906%2C%22slts%22:0}
.nypost.com/ Name: _parsely_visitor
Value: {%22id%22:%22pid=29d8e12a-bdce-43f1-adac-e50b2e3fff4d%22%2C%22session_count%22:1%2C%22last_session_ts%22:1692017393906}
.nypost.com/ Name: OptanonConsent
Value: isIABGlobal=false&datestamp=Mon+Aug+14+2023+02%3A49%3A54+GMT-1000+(Hawaii-Aleutian+Standard+Time)&version=6.39.0&hosts=&consentId=8398b51d-42dc-4025-bb54-c5b78cd12848&interactionCount=0&landingPath=https%3A%2F%2Fnypost.com%2F2023%2F04%2F13%2Fsecret-service-tracking-onlyfans-twitch-pinterest-websites%2F&groups=1%3A1%2C2%3A1%2C3%3A1%2C4%3A1%2C5%3A1%2C8%3A1%2C9%3A1%2CC0022%3A1%2CC0012%3A1%2CC0013%3A1%2CC0017%3A1%2CC0020%3A1%2CC0021%3A1%2CC0023%3A1%2CC0024%3A1%2CC0030%3A1%2CC0029%3A1%2CC0033%3A0
.nypost.com/ Name: _nyp_ses.64db
Value: *
.nypost.com/ Name: _nyp_id.64db
Value: .1692017394.1.1692017394..2f9b4024-b327-4809-9fcc-8756fd09ca4d..4e079dc2-eccc-4e7a-814c-604a123deb2a.1692017394233.1
.nypost.com/ Name: _ncg_sp_ses.64db
Value: *
.nypost.com/ Name: _ncg_id_
Value: acced7cc-e7c0-4390-ae29-35396c2349c9
.nypost.com/ Name: _nyp_sp_id_
Value: 28d38bbe-2d06-45f6-882d-062fc6d97b87
.newscgp.com/ Name: sp
Value: b97c6e3e-5d02-4414-bea5-f504d547eb22
.nypost.com/ Name: _li_dcdm_c
Value: .nypost.com
.nypost.com/ Name: _lc2_fpi
Value: 37577191df7a--01h7t1h0vpksc8abk7zsfr004m
.nypost.com/ Name: _ncg_domain_id_
Value: acced7cc-e7c0-4390-ae29-35396c2349c9.1.1692017394312.1755089394312
.spot.im/ Name: device_uuid
Value: a3319bef-f26a-424c-8ba0-adaa5e0ce096
.scorecardresearch.com/ Name: UID
Value: 1ADc7eacd1c46a66366014b1692017394
.nypost.com/ Name: _pnvl
Value: false
.adnxs.com/ Name: uuid2
Value: 6125384915149995829
.nypost.com/ Name: pushly.user_puuid
Value: WdMnnNZo0bcqoyHrBxyklKrpjdvqvcuf
.nypost.com/ Name: _autid
Value: 64da22f22e0b1160c331cf09
.zergnet.com/ Name: seen_crc
Value: %5B3456304996%2C695879188%2C4129535575%2C912481641%2C3016188949%2C797514147%2C2652520250%2C1885613294%2C4090140368%5D
.newscgp.com/ Name: _ncg_g_id_
Value: b97c6e3e-5d02-4414-bea5-f504d547eb22.3.1692017394.1755089394312
.nypost.com/ Name: permutive-id
Value: 7e514abc-0a31-4f03-90ca-baace86c2b2a
.liadm.com/ Name: lidid
Value: 98e88688-0673-4918-b58d-6b26411ac6e7
.nypost.com/ Name: AMP_TOKEN
Value: %24NOT_FOUND
.nypost.com/ Name: _gid
Value: GA1.2.853817950.1692017395
.nypost.com/ Name: _pnxd
Value: 1624615099.1692017395
.0cf17917-395b-4f25-91cc-db3bdd6044b0.prmutv.co/ Name: pxid
Value: 003da1f0-d678-4da4-ad40-d56ad35df284
.nypost.com/ Name: _ncg_sp_id.64db
Value: acced7cc-e7c0-4390-ae29-35396c2349c9.1692017394.1.1692017395.1692017394.83b0ffdc-e8df-43d1-8c6a-21115ae84f1e
.nypost.com/ Name: _gat
Value: 1
.nypost.com/ Name: _ncg_g_id_
Value: b97c6e3e-5d02-4414-bea5-f504d547eb22.3.1692017394.1755089394312
.outbrain.com/ Name: obuid
Value: 3ebbb7b7-7e3b-46d4-93bf-dc08b9e67ea7
.nypost.com/ Name: _ga
Value: GA1.1.1624615099.1692017395
.amazon-adsystem.com/ Name: ad-id
Value: A7UP8y4bsk7XtonRo1W4Pcg
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.adnxs.com/ Name: icu
Value: ChgI7d40EAoYAiACKAIw9MXopgY4AkACSAIQ9MXopgYYAQ..
.yahoo.com/ Name: A3
Value: d=AQABBPQi2mQCEJGp4I5z6Xvk_TzEPeH_FTwFEgEBAQF022TkZAAAAAAA_eMAAA&S=AQAAAjMDlEahxHw1i2kK-gMU_uM
.media.net/ Name: visitor-id
Value: 3350189961523764000V10
.openx.net/ Name: i
Value: 7fe74507-017e-4d73-bdf3-57f9d8191378|1692017396
.kargo.com/ Name: ktcid
Value: e5d6dfd5-355b-06c0-1e68-3fa724787bfd
.nypost.com/ Name: _awl
Value: 2.1692017395.5-39084ec4010ce635f61c62b40ba176ca-6763652d75732d6561737431-0
.criteo.com/ Name: uid
Value: 43438add-310c-42c6-a606-253d769a587a
.turn.com/ Name: uid
Value: 4086215225291572915
zephr-v4.nypost.com/ Name: AWSALB
Value: nQ4M66CJ9un8ZZehJXiqqcGBwHeQH/k2W1yXbP8RGjD9xg2ZC5SRgQ6bc1AZxg/Hdgoj80mEVaPcFOh2jBjEbKzyD/IuOdOPBov2MUW6Chgs0E0QOfnl8cUtMJ4D
zephr-v4.nypost.com/ Name: AWSALBCORS
Value: nQ4M66CJ9un8ZZehJXiqqcGBwHeQH/k2W1yXbP8RGjD9xg2ZC5SRgQ6bc1AZxg/Hdgoj80mEVaPcFOh2jBjEbKzyD/IuOdOPBov2MUW6Chgs0E0QOfnl8cUtMJ4D
.the-ozone-project.com/ Name: __cf_bm
Value: 2C6FdXuRZ3LulnwWqEGOLVgPN6YK1wz2cjJGkL61JQo-1692017396-0-AVqsI6yYTQw6VuDAtAeUB9IVgTK2OkNu+Lk1lvL0tGFIXDabBu8cLj7qQ12MGc56pkzvhgnU2aXL2gSWKUMDEy8=
.gumgum.com/ Name: vst
Value: u_86675a2e-1fa3-4d4a-8df3-7774f2fc0697
.rezync.com/ Name: zync-uuid
Value: a92192c3-6390-4b70-861a-56d497938f37:1692017396.5221553
.servenobid.com/ Name: cap_908
Value: 10
.servenobid.com/ Name: cap_950
Value: 10
.servenobid.com/ Name: cap_1062
Value: 10
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: 190b6527dadd45d4b1a6d4fdc80fcdac
.adsrvr.org/ Name: TDID
Value: 885e676c-3a70-45fe-acfc-e7ad294a43e8
.krxd.net/ Name: _kuid_
Value: PvBJHFtJ
.mathtag.com/ Name: uuid
Value: 068264da-22f4-4000-ba14-d06cfa582d66
.demdex.net/ Name: demdex
Value: 69711565905253048191909689065259585669
.mfadsrvr.com/ Name: tuuid
Value: 8759a31e-b0b9-4b35-8fbe-32318a0f4a18
.mfadsrvr.com/ Name: c
Value: 1692017396
.mfadsrvr.com/ Name: tuuid_lu
Value: 1692017396
.bidswitch.net/ Name: tuuid
Value: 2ec00d2e-f53c-465e-92d3-2beaa816ca85
.bidswitch.net/ Name: c
Value: 1692017396
.bidswitch.net/ Name: tuuid_lu
Value: 1692017396
.agkn.com/ Name: ab
Value: 0001%3AVr3UZul%2BoRmxOTKQ4E9f5g1DK4AU5eKY
.zemanta.com/ Name: obuid
Value: KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR
.zemanta.com/ Name: zuid
Value: JJ-Bcr2ZgPSZovj0FZ9P
.sharethrough.com/ Name: stx_user_id
Value: 2e7556fa-d433-4e40-9dcf-8adfe374e481
.addthis.com/ Name: na_id
Value: 2023081412495600069398190731
.addthis.com/ Name: na_tc
Value: Y
.addthis.com/ Name: uid
Value: 64da22f46ba4d68e
.addthis.com/ Name: ouid
Value: 64da22f400019b2163b592a10b8480798fb0696e3357ae165888
.casalemedia.com/ Name: CMID
Value: ZNoi9Ggn7zBNSI16aEKdmQAA
.casalemedia.com/ Name: CMPS
Value: 3515
.casalemedia.com/ Name: CMPRO
Value: 3515
.nypost.com/ Name: _cc_id
Value: 190b6527dadd45d4b1a6d4fdc80fcdac
.nypost.com/ Name: panoramaId_expiry
Value: 1692103796607
.presage.io/ Name: presage-ssp
Value: %7B%22uuid%22%3A%2292facfc4-3510-4a84-be3c-4a9e5b742301%22%7D
.outbrain.com/ Name: recs_9404a512d418df897f3a01c071cf582c
Value: 2005B5062503531A5255925241A5263404890ACD1
.doubleclick.net/ Name: IDE
Value: AHWqTUmey8-4wFyV8Hnr7nfPnFf8B_Kg9huoioSpdXTQ6LmtADjba8Hww_CFcJbep3k
.im-apps.net/ Name: imid_secure
Value: US_zWFuSSQKb1vOdCmlDog
.im-apps.net/ Name: imid_created_secure
Value: 1692017396
.dpm.demdex.net/ Name: dpm
Value: 69711565905253048191909689065259585669
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSsjSzNLSwMDe0MLSwNDY2MjcyFOIz1DUoizTO1vU0iA_McwQAMhuZDCQAAAA
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_wXBwRGAMAgEwI_t4AAXjpzdJDoWYuXufkcvZShvGCG3sdttMpYVn6EW5ou-gkqPhnhWZlThB8lG0_U6AAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSsjSzNLSwMDe0MLSwNDY2MjcyFOIz1DUoizTO1vU0iA_McwQAMhuZDCQAAAA
.contextweb.com/ Name: V
Value: 5TsF0pv5gg6c
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 94f7ce013aed5570
nypost.com/ Name: _dd_s
Value: logs=1&id=69cf1d68-417f-42b4-9fad-a51412327b25&created=1692017397033&expire=1692018297033
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZNoi9QAIevMY0AAN
.360yield.com/ Name: tuuid
Value: 9ee49186-746a-4a99-b9ae-326ad01ba3bd
.360yield.com/ Name: tuuid_lu
Value: 1692017397
.deepintent.com/ Name: CDIUSER
Value: di_46728c7c51484919aba18
.technoratimedia.com/ Name: tads_uidp_88
Value: 105292019557171327147
.technoratimedia.com/ Name: tads_uidp_44
Value: LLAQPRKA-1J-5GPH
.technoratimedia.com/ Name: tads_uidp_46
Value: 4758994987981515631
.technoratimedia.com/ Name: tads_uidp_79
Value: 1ec53bc3-e39c-4c90-ae0e-778aed312742
.technoratimedia.com/ Name: tads_uidp_37
Value: 07376320-8906-3598-8b3f-81690e08a1a2
.technoratimedia.com/ Name: tads_uidp_49
Value: AAACB26mzyQ3xQNo9du2AAAAAAA
.technoratimedia.com/ Name: tads_uidp_7
Value: 64595b5b-a4f6-421e-810a-3c8e210fb387
.technoratimedia.com/ Name: tads_uidp_80
Value: y-kEMm_7NE2uGd.uJROVj3KrJ5IEaU63o5~A
.technoratimedia.com/ Name: tads_uidp_82
Value: ZNoDwS2LbAbYl1Of5cwC6QAA&3829
.technoratimedia.com/ Name: tads_uidp_50
Value: 9d907732-7c80-491d-a084-2925466bd1eb
.technoratimedia.com/ Name: tads_uidp_61
Value: 212236272823495
.technoratimedia.com/ Name: tads_uidp_62
Value: 3350110091524559000V10
.technoratimedia.com/ Name: tads_uidp_64
Value: OWH0hNtQpfSVVlTt_PJJjH1bnhdcaKeE
.technoratimedia.com/ Name: tads_uidp_76
Value: RX-8d00adb2-b1f1-43ca-92a3-b760a8039a3e-005
.technoratimedia.com/ Name: tads_uid
Value: 2129E09A41B14F3196FBE4892007BDC9
.technoratimedia.com/ Name: tads_uid_cd
Value: 20230812073535+0000
.technoratimedia.com/ Name: tads_zora
Value: 2
.dlx.addthis.com/ Name: na_sc_x
Value: 1
.3lift.com/ Name: tluid
Value: 689661242672352996219
.nypost.com/ Name: bounceClientVisit2045v
Value: N4IgNgDiBcIBYBcEQM4FIDMBBNAmAYnvgHYCeEA9iggHQDGFAtkbgAy4ZGsAsRAjJwIoApnQBOwhAFoRYgG4BLOsKkIxAQzoBrBcQDmUisTCkAZuuIpVAdwUI6cKRF0JhE6lOvCARijvD0AhAAGhAxGBAQAF8gA
.bluekai.com/ Name: bku
Value: ikG99wDitZuM9hRq
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-68641954-ff85-58a9-70a8-0a45c4c12580.S3DfmYyocKRvvR6qQowMjMlAmvHxlAC%2BWLaW9uqT39Y
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-68641954-ff85-58a9-70a8-0a45c4c12580.S3DfmYyocKRvvR6qQowMjMlAmvHxlAC%2BWLaW9uqT39Y
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AaGQZVP-FWKlwqApFxMElgCaEdkU.kfZXQioWbxnBR7oQXs7ziZA1DFAW0NAhBQmZUA6Wkts
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AaGQZVP-FWKlwqApFxMElgCaEdkU.kfZXQioWbxnBR7oQXs7ziZA1DFAW0NAhBQmZUA6Wkts
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIEjX9IyUCz-LH3myccHSNBQP2Zn5PJKKuv4oZdxfBB7DEHwYBCD1xeimBjABOgShleyOQgQnV8JQ.3dDQziCn3zu%2B7M1uv7gha8uEmYJnyKHrpOdV99PPeog
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIEjX9IyUCz-LH3myccHSNBQP2Zn5PJKKuv4oZdxfBB7DEHwYBCD1xeimBjABOgShleyOQgQnV8JQ.3dDQziCn3zu%2B7M1uv7gha8uEmYJnyKHrpOdV99PPeog
.ipredictive.com/ Name: cu
Value: bd84f5ab-78b1-42b1-95ee-05bf6d810cd4|1692017397093
.eyeota.net/ Name: mako_uid
Value: 189f4188dca-551b0000010a5f38
.eyeota.net/ Name: SERVERID
Value: 24376~DM
.pippio.com/ Name: did
Value: sHnYGD-BJtUDJ0rp
.pippio.com/ Name: didts
Value: 1692017397
.pippio.com/ Name: nnls
Value:
.adfarm1.adition.com/ Name: UserID1
Value: 7267159384384272534
live.rezync.com/ Name: sd-session-id
Value: .eJwNylEOgyAMANC79FsW2gptuYxhyhKyyRZxPzPefX6-5B0wfcq25lbaDmnfvmWA-VUvdUgH9PpbyxMSWDRUFVRUYyYhhHOAXnqv7zbV5SrZCI1mdpHNu_Eu3mnE7EJcRhNjfbAkjEYehS3eAhGGwHD-AWzJJGc.ZNoi9Q.l2NXJjgQojQK2lzOTmRYDRjHu-Y
.smartadserver.com/ Name: pid
Value: 8978801468337922557
.creativecdn.com/ Name: ts
Value: 1692017397
.creativecdn.com/ Name: u
Value: nbVMDximHKFhSA45Jmrh
.adentifi.com/ Name: adtheorent[cuid]
Value: cuid_12bd8522-3aa1-11ee-a1cc-125335d52042
.rubiconproject.com/ Name: khaos
Value: LLAVGYIH-G-GET7
.company-target.com/ Name: tuuid
Value: 7f3a6ff6-5c0d-4ed7-9bd4-46c2c860ad36
.company-target.com/ Name: tuuid_lu
Value: 1692017397|ix:0
.exelator.com/ Name: EE
Value: "29ad69c47951f47dd7ac7218b02f358b"
.socdm.com/ Name: SOC
Value: ZNoi9cCo8X8AAGiFsigAAAAA
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 68531A78-C812-44CF-A2C6-1C611A476111
.openx.net/ Name: univ_id
Value: 537072971|885e676c-3a70-45fe-acfc-e7ad294a43e8|1692017397671631
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQcHIMjHFzDLZxNzS1DDNxDwlxTwx2dzI0CLJwCjN2NQiaXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDQdEl%252BUWb6otDgxUUpaQyLSopPBR%252F5xQMAmIgqWw%253D%253D"
.linkedin.com/ Name: li_sugr
Value: 77df87ea-9b77-4e9f-a267-e06d623381da
.linkedin.com/ Name: bcookie
Value: "v=2&9b775189-e503-4949-8263-c165a1b18361"
.linkedin.com/ Name: lidc
Value: "b=OGST05:s=O:r=O:a=O:p=O:g=2811:u=1:x=1:i=1692017397:t=1692103797:v=2:sig=AQEWay548XR7US6tx-O8tvcauAQrhKeM"
.bing.com/ Name: MUID
Value: 0E6DB67C217D6B2D3D11A51120616A1D
.c.bing.com/ Name: MR
Value: 0
.nypost.com/ Name: _admrla
Value: 2.2-43a2158bcbd44f90-c33f61f1-3a98-11ee-99a5-18b8fc247e01
.smaato.net/ Name: SCM
Value: 1d2e13731d
.adform.net/ Name: C
Value: 1
.exelator.com/ Name: hsk_1600
Value: "gAAAAAQAAACSKLUv%252FSCSkQQAiKRidWlk2gBAS1FCOHVRRlFEeVRPWmpvWjMyS1pYYWloYmJiZ1BOUzVSRUI1WFc1VHVQcmZzaVZfenVWaUo1LUU2dEJkb3pqUqNoc2ukNjA2OahkZWxpdmVyeaQ2MDY5o3ZlcgGlYm5hbWWnUzIwNE9VVKV0c2Vnc6cyOTQ0NTQ0pWJjb2RlzQZAonRzylPE%252Bgw%253D"
.sitescout.com/ Name: ssi
Value: d6b17afb-b9dc-4997-9b71-8ab66aac7c4f#1692017398037
.quantserve.com/ Name: mc
Value: 64da22f6-1209f-19f23-041a9
.smaato.net/ Name: SCMo
Value: 1d2e13731d
.adform.net/ Name: uid
Value: 7015751175867750616
.nypost.com/ Name: cto_bundle
Value: 4V2Na19rcEJBN2k4TloyRnhEbmZaRnNRUUJ2N01xZ1ZTalNOJTJGbGN2aE0zcSUyQmF3eUxCM1l0UFhzZ2ElMkZUaEZRVkY3RFFJJTJCUGdIY0UlMkJMT0lYSXlieDdmalRVcUsxQnZvMWxZdks2OExhMTRLVTA3ZlJidE1XVm9HZ2QyTTRtSExMenRsTVkwdlhTT1UxZ3lvaWMwdnl0aUFpWlNnJTNEJTNE
.tapad.com/ Name: TapAd_TS
Value: 1692017398324
.tapad.com/ Name: TapAd_DID
Value: 729e4ab9-4626-4c72-9437-f28f3a88b1bb
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-8473adf2-1b89-4704-a0af-ee0cafa92d52-005%22%7D
.id5-sync.com/ Name: callback
Value:
.simpli.fi/ Name: suid
Value: 4F94844F4CC4401AB7330777BA793A74
nypost.com/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%22885e676c-3a70-45fe-acfc-e7ad294a43e8%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222023-07-14T12%3A49%3A58%22%7D
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-4086215225291572915&KRTB&23150-4086215225291572915
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-885e676c-3a70-45fe-acfc-e7ad294a43e8&KRTB&22918-885e676c-3a70-45fe-acfc-e7ad294a43e8&KRTB&23031-885e676c-3a70-45fe-acfc-e7ad294a43e8
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:4F94844F4CC4401AB7330777BA793A74&KRTB&23489-uid:4F94844F4CC4401AB7330777BA793A74
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEPTX_oTCFaZXlMlwPLXMozU&KRTB&23025-CAESEPTX_oTCFaZXlMlwPLXMozU&KRTB&23386-CAESEPTX_oTCFaZXlMlwPLXMozU
.the-ozone-project.com/ Name: ozone_uid
Value: 2TyZhLk7EXf7ImTsu5N2FNlayB6
.advertising.com/ Name: A3
Value: d=AQABBPYi2mQCEA2OKGCWogOvkvYzV4FF4osFEgEBAQF022TkZNxH0iMA_eMAAA&S=AQAAAkjN4g6mifwXVvi2M3h0fzE
.nypost.com/ Name: _ga_0DZ7LHF5PZ
Value: GS1.1.1692017395.1.0.1692017398.0.0.0
.bluekai.com/ Name: bkdc
Value: phx
.nypost.com/ Name: __gads
Value: ID=3f4280495ad59a5b:T=1692017397:RT=1692017397:S=ALNI_MZC9XQPAcBhlDWr46-lWAg712JVGw
.nypost.com/ Name: __gpi
Value: UID=00000d8b043de150:T=1692017397:RT=1692017397:S=ALNI_MaSNJb9Zze-9rTYeUS3EUmWNcxEdA
.cdnwidget.com/ Name: __3idcontext
Value: {"cookieID":"2TyZhHp4GYUuwOWfeL39OANSHAn","deviceID":"2TyZhINDIDmhyTKWZ3SFLYGq6d5","iv":"","v":""}
.cdnwidget.com/ Name: __adcontext
Value: {"cookieID":"2TyZhHp4GYUuwOWfeL39OANSHAn","deviceID":"2TyZhINDIDmhyTKWZ3SFLYGq6d5","iv":"","v":""}
.33across.com/ Name: 33x_ps
Value: u%3D212236466587534%3As1%3D1692017398922%3Ats%3D1692017398922
.tynt.com/ Name: uid
Value: 4TyoHmTaIveN5qKLG0JPjw==
.nypost.com/ Name: __idcontext
Value: eyJjb29raWVJRCI6IjJUeVpoSHA0R1lVdXdPV2ZlTDM5T0FOU0hBbiIsImRldmljZUlEIjoiMlR5WmhJTkRJRG1oeVRLV1ozU0ZMWUdxNmQ1IiwiaXYiOiIiLCJ2IjoiIn0%3D
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!5436
.media.net/ Name: data-pbs
Value: setstatuscode~~1
.go.sonobi.com/ Name: __uis
Value: 273e4370-6533-4b38-9af5-edc3c5d51bd0
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-232b251a-73f7-38d2-b385-866b557f8a46
.prebid.a-mo.net/ Name: _sv3_0
Value: 1
.a-mo.net/ Name: amuid2
Value: 50478a03-0398-43f7-86fc-e8df8347d808
.prebid.a-mo.net/ Name: sd_amuid2
Value: 50478a03-0398-43f7-86fc-e8df8347d808
.yellowblue.io/ Name: wrvUserID
Value: V83JJ1Ctkp_s
.lijit.com/ Name: ljt_reader
Value: HJkhbLZHRtsgZLtNTqiinddP
.adkernel.com/ Name: SSPZ
Value: 181225
.adkernel.com/ Name: DSP2F_63
Value: 546302
.adkernel.com/ Name: DSP2F_40
Value: 578434
.adkernel.com/ Name: DSP2F_59
Value: 629319
.adkernel.com/ Name: DSP2F_61
Value: 632261
.adkernel.com/ Name: ADKUID
Value: A4227443290020297021
.minutemedia-prebid.com/ Name: wrvUserID
Value: E7FJG1ktkp_mm
.sportradarserving.com/ Name: zuuid
Value: 15e7f8ff-07e6-4309-9696-695e3fbea310
.sportradarserving.com/ Name: c
Value: 1692017399
.sportradarserving.com/ Name: zuuid_lu
Value: 1692017399
.admanmedia.com/ Name: admtr
Value: ca97df06-6c9e-4029-8a33-8a416c993787
.smadex.com/ Name: smxtrack
Value: 29c4531c-4349-4322-918b-c6939fbaab19
.smadex.com/ Name: smxbds
Value: 1
nypost.com/ Name: __zephruser
Value: {"hd_metro":"shown:1|rotation:1|converted:0|expired:0"}
.spotim.market/ Name: vmuid
Value: 6727deaf8a61a4e5
.spotim.market/ Name: a271858
Value: 6125384915149995829
.servenobid.com/ Name: pid_351
Value: 2e7556fa-d433-4e40-9dcf-8adfe374e481
.servenobid.com/ Name: pid_324
Value: 969188718189332721
.servenobid.com/ Name: pid_337
Value: y-ka0IJ91E2uEn8mIOLyAuUA.dc8QajnFTWDzb2vs-~A
.servenobid.com/ Name: pid_339
Value: y-ka0IJ91E2uEn8mIOLyAuUA.dc8QajnFTWDzb2vs-~A
.servenobid.com/ Name: pid_317
Value: 8978801468337922557
.servenobid.com/ Name: pid_353
Value: 3350189961523764000V10
.servenobid.com/ Name: pid_312
Value: 6125384915149995829
.spotim.market/ Name: a290146
Value: y-uHIRbmdE2uF6igFf13hTFan0Fo_yG9kD~A
.w55c.net/ Name: wfivefivec
Value: b7GxuppY1Qvx1d5
.servenobid.com/ Name: pid_332
Value: 273e4370-6533-4b38-9af5-edc3c5d51bd0
.media.net/ Name: data-rk
Value: 969188718189332721~~8
.servenobid.com/ Name: pid_346
Value: ua-232b251a-73f7-38d2-b385-866b557f8a46
.lijit.com/ Name: _ljtrtb_273657
Value: 273657
.servenobid.com/ Name: pid_328
Value: ca97df06-6c9e-4029-8a33-8a416c993787
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1692017399
.media.net/ Name: data-ttd
Value: 885e676c-3a70-45fe-acfc-e7ad294a43e8~~1
.media.net/ Name: data-g
Value: CAESEAd430h0QrBN59qV5xXs-WM~~8
.yieldmo.com/ Name: yieldmo_id
Value: 3miJdzzTTJz59jIHRbNE%7C1691971200000%7C0
.media.net/ Name: data-c
Value: 43438add-310c-42c6-a606-253d769a587a~~1
.media.net/ Name: data-c-ts
Value: 1692017400
.prebid.a-mo.net/ Name: _sv3_3
Value: 1
.media.net/ Name: data-mf
Value: 8759a31e-b0b9-4b35-8fbe-32318a0f4a18~~1
.prebid.a-mo.net/ Name: _sv3_2
Value: 1
.media.net/ Name: data-rbh
Value: nbVMDximHKFhSA45Jmrh~~1
.w55c.net/ Name: matchmedianet
Value: 5
.media.net/ Name: data-ris
Value: {{APID}}~~25
ads.avct.cloud/ Name: uuid
Value: df42ed37-b5c3-41cf-a6a0-9e25fb4c785b
.quantumdex.io/ Name: uid
Value: 3cd234c8-f0a6-446a-8454-6292074b6aa0
.bttrack.com/ Name: GLOBALID
Value: 2uKlc8-sIBd987FnX3pAYuP7eXQCX9L_CnE45XCwJkMIPL1sCPdDr4DK5h7Qm4hWJmr2QyfIJ5QC4TM1
ads.us.e-planning.net/ Name: CT
Value: 1
.betweendigital.com/ Name: dc
Value: was1
.betweendigital.com/ Name: tuuid
Value: 04899144-0d37-53e2-8a09-f160eed3d398
.betweendigital.com/ Name: ss
Value: 1
.taboola.com/ Name: t_gid
Value: 1fda57ea-2c09-4838-9cc1-26167d51b9d6-tuctbd3a878
.krushmedia.com/ Name: krm_usr
Value: e619a086-6237-43e7-a4c9-07e5deaedcb9
.e-planning.net/ Name: E
Value: ABW-WjS5792nvVMg
.servenobid.com/ Name: pid_310
Value: HJkhbLZHRtsgZLtNTqiinddP
.mookie1.com/ Name: id
Value: 10596758823292913325
.mookie1.com/ Name: mdata
Value: 1|10596758823292913325|1692017400414
.mookie1.com/ Name: ov
Value: 4bc421a1d7ff4b2898852525807931d6
.media.net/ Name: data-co
Value: AAAMuSdE6J2fHANCmUS6AAAAAAA~~8
.csync.loopme.me/ Name: viewer_token
Value: d3b0ff90-af00-45c0-8b53-51476465188b
.mookie1.com/ Name: syncdata_IOW
Value: 1
.pippio.com/ Name: pxrc
Value: CPXF6KYGEgUI9ywQAxIGCIK9KxAA
.servenobid.com/ Name: pid_333
Value: ZNoi9Ggn7zBNSI16aEKdmQAADbsAAAAB
.betweendigital.com/ Name: ut
Value: ZNoi-AAIovDMAuuxCs-k1e2ll1uGvAdw85B9Eg==
.servenobid.com/ Name: pid_352
Value: V83JJ1Ctkp_s
.media.net/ Name: data-xu
Value: b7GxuppY1Qvx1d5~~8
.servenobid.com/ Name: pid_348
Value: E7FJG1ktkp_mm
.bidr.io/ Name: bitoIsSecure
Value: ok
.servenobid.com/ Name: pid_309
Value: u_86675a2e-1fa3-4d4a-8df3-7774f2fc0697
.bidr.io/ Name: bito
Value: AABFCk7JtEYAACVAbz7Dsg
.omnitagjs.com/ Name: ayl_visitor
Value: 319d01586de56a5b586bfe7d7e64dd29
nypost.com/ Name: outbrain_cid_fetch
Value: true
.smaato.net/ Name: SCMtmp1001758
Value: 1d2e13731d
.smaato.net/ Name: SCM1001758
Value: 1d2e13731d
.id5-sync.com/ Name: id5
Value: 4303c446-99c3-7586-b6d2-fb4a5e9f53db#1692017398337#3
.prebid.a-mo.net/ Name: _sv3_4
Value: 1
.go.sonobi.com/ Name: HAPLB8G
Value: s8582|ZNoi/
.adtelligent.com/ Name: vmuid
Value: 3bb610820602cfe1
.adtelligent.com/ Name: a307682
Value: 3cd234c8-f0a6-446a-8454-6292074b6aa0
.krushmedia.com/ Name: krm_r
Value: 470|489
.prebid.a-mo.net/ Name: _sv3_8
Value: 1
cookies.nextmillmedia.com/ Name: NMUID
Value: csuid_18b61098-0acb-415f-9681-15b73465b2e5
.doubleclick.net/ Name: APC
Value: AfxxVi47r2vWamGkkeeerjLs0wsb6Acw8hl6BeCWtaOvJVEmz3h_5Q
.connatix.com/ Name: cnx_userId
Value: fddb0e4239674cab881846b90d9a1b4b
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAMgybzHMEkeANPQjKEAAAAAAA&KRTB&22713-AAAMgybzHMEkeANPQjKEAAAAAAA&KRTB&22715-AAAMgybzHMEkeANPQjKEAAAAAAA
.servenobid.com/ Name: pid_323
Value: LLAVGYIH-G-GET7
.media.net/ Name: data-bs
Value: 2ec00d2e-f53c-465e-92d3-2beaa816ca85~~1
.marketiq.com/ Name: ADK_EX_685
Value: 1
.marketiq.com/ Name: ADKUID
Value: A4227443290020297021
.richaudience.com/ Name: pdid
Value: 8fed1160-b734-44bc-949d-1zz1692017188
.nypost.com/ Name: _pnlspid
Value: 12135
.pubmatic.com/ Name: SyncRTB3
Value: 1692835200%3A63%7C1694563200%3A224%7C1693267200%3A35%7C1693180800%3A264_240_166_233_13_22_99_165_238_176_178_231_104_234_71_250_55_249_96_220_3_81_204_48_54_21_5_56_8_239_214_243_46%7C1697155200%3A69%7C1692576000%3A15_2_223_38
.connatix.com/ Name: perf_timestamp
Value: 1692017404458
.w55c.net/ Name: matchcasale
Value: 5
.teads.tv/ Name: tt_viewer
Value: 72195685-23dd-4447-b1be-acde40b8ab49
.nypost.com/ Name: _pnss
Value: dismissed
.nypost.com/ Name: _pnpdm
Value: true
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJ0cmlwbGVsaWZ0X25hdGl2ZSI6eyJ1aWQiOiI2ODk2NjEyNDI2NzIzNTI5OTYyMTkiLCJleHBpcmVzIjoiMjAyMy0xMS0xMlQxMjo1MDowNVoifX0sImJpcnRoZGF5IjoiMjAyMy0wOC0xNFQxMjo1MDowNVoifQ==
nypost.com/ Name: cnx_userId
Value: fddb0e4239674cab881846b90d9a1b4b
.tremorhub.com/ Name: tvid
Value: ce073d04b8f7443b931f017feaf2089e
.tremorhub.com/ Name: tv_UISCX
Value: fddb0e4239674cab881846b90d9a1b4b
.deepintent.com/ Name: CDIPARTNERS
Value: %7B%22141%22%3A%2220230814%22%2C%22142%22%3A%2220230814%22%7D
.tynt.com/ Name: pids
Value: %5B%7B%22p%22%3A%22797f54a72d%22%2C%22f%22%3A1%2C%22ts%22%3A1692017399356%7D%2C%7B%22p%22%3A%223bfd58deb3%22%2C%22f%22%3A1%2C%22ts%22%3A1692017405586%7D%2C%7B%22p%22%3A%224bee518595%22%2C%22f%22%3A1%2C%22ts%22%3A1692017399356%7D%2C%7B%22p%22%3A%22029cc11ae7%22%2C%22f%22%3A1%2C%22ts%22%3A1692017405586%7D%2C%7B%22p%22%3A%221fbac30d28%22%2C%22f%22%3A1%2C%22ts%22%3A1692017405586%7D%2C%7B%22p%22%3A%227daaa56bb0%22%2C%22f%22%3A1%2C%22ts%22%3A1692017399356%7D%2C%7B%22p%22%3A%227912d88d74%22%2C%22f%22%3A1%2C%22ts%22%3A1692017405586%7D%2C%7B%22p%22%3A%2224c05c7b76%22%2C%22f%22%3A1%2C%22ts%22%3A1692017399356%7D%2C%7B%22p%22%3A%22d26852f088%22%2C%22f%22%3A1%2C%22ts%22%3A1692017399356%7D%2C%7B%22p%22%3A%2222833ea406%22%2C%22f%22%3A1%2C%22ts%22%3A1692017405586%7D%2C%7B%22p%22%3A%22f9a4a8fd15%22%2C%22f%22%3A1%2C%22ts%22%3A1692017399356%7D%2C%7B%22p%22%3A%22008c314e8f%22%2C%22f%22%3A1%2C%22ts%22%3A1692017405586%7D%5D
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-7015751175867750616&KRTB&23263-7015751175867750616&KRTB&23481-7015751175867750616
.pubmatic.com/ Name: KRTBCOOKIE_1251
Value: 23269-di_46728c7c51484919aba18
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-K2fFfi9hxykwYpMvJDWMLiQ1kywwY5UufGq4dhFk&KRTB&19420-K2fFfi9hxykwYpMvJDWMLiQ1kywwY5UufGq4dhFk&KRTB&22979-K2fFfi9hxykwYpMvJDWMLiQ1kywwY5UufGq4dhFk&KRTB&23403-K2fFfi9hxykwYpMvJDWMLiQ1kywwY5UufGq4dhFk
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-aGQZVP-FWKlwqApFxMElgCaEdkU&KRTB&23334-aGQZVP-FWKlwqApFxMElgCaEdkU&KRTB&23417-aGQZVP-FWKlwqApFxMElgCaEdkU&KRTB&23426-aGQZVP-FWKlwqApFxMElgCaEdkU
.sundaysky.com/ Name: sskyu
Value: d6.c6d18bf56ac3495a947d70c47ef8dd85
.sundaysky.com/ Name: sskyCreationTime
Value: 1692017405709
.resetdigital.co/ Name: ckbk
Value: 00000109DACCAD8C
.colossusssp.com/ Name: gtm_usr
Value: 06bd7121-f814-4f9b-97d4-c7fa7b122477
.colossusssp.com/ Name: lmg_r
Value: 74
.w55c.net/ Name: matchpubmatic
Value: 5
.adnxs.com/ Name: anj
Value: dTM7k!M4.gE:2jUF']wIg2ImRvw4f#!@wnfH8K6pQK`!5=E<*L5?%Lz/yU[81(W6%='ZZ7bzZ@ag57Hs:/`Sb*]*KZ*bpRz*r>.H_E'EQ:-V<9h00XY=X:6BRNuWp24t/-%s^quQarta!(WuFftHHE
.adgrx.com/ Name: ADGRX_UID
Value: 17c778fa-3aa1-11ee-969c-688d4aa15bb1
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:b7GxuppY1Qvx1d5&KRTB&23421-uid:b7GxuppY1Qvx1d5
.pubmatic.com/ Name: KRTBCOOKIE_1278
Value: 23329-4976a760-2c51-4709-ab97-9734bb064b72&KRTB&23340-4976a760-2c51-4709-ab97-9734bb064b72&KRTB&23498-4976a760-2c51-4709-ab97-9734bb064b72
.servenobid.com/ Name: pid_327
Value: 50478a03-0398-43f7-86fc-e8df8347d808
beacon.lynx.cognitivlabs.com/ Name: UID
Value: 85c94525-fdfb-449f-a906-966f89f4c667
.pubmatic.com/ Name: DPSync3
Value: 1693180800%3A259_258_261_228_226_219_260_262_235_256_197_201_263_236_245%7C1692576000%3A252_265_253_164%7C1692057600%3A255_248%7C1693008000%3A257
.sitescout.com/ Name: _ssuma
Value: eyIyNCI6MTY5MjAxNzQwNTYzMywiMjYiOjE2OTIwMTc0MDYxNDAsIjM5IjoxNjkyMDE3NDAwOTAxLCI3IjoxNjkyMDE3NDAwOTAxLCI4MSI6MTY5MjAxNzM5ODI3NCwiNzAiOjE2OTIwMTc0MDA5MDF9
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pbw
Value: %24b%3d16999%3b%24o%3d11100
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-17c778fa-3aa1-11ee-969c-688d4aa15bb1&KRTB&23275-17c778fa-3aa1-11ee-969c-688d4aa15bb1
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-6125384915149995829&KRTB&23339-6125384915149995829
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_13MOw6CUBRF0ZDYUlE4imfu593PYTYoYUCWlJSUDMMhWWmDGMpV7L01LTuEOCp5Mr3_XINzvexWfIlnFwOEIQ8trqBS70ElnYdiPlYENCeN_hf5zUTYTOfuODksl5Nf18MQkw86zgjomgAAAA
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-d6b17afb-b9dc-4997-9b71-8ab66aac7c4f-64da22f6-5553&KRTB&23418-d6b17afb-b9dc-4997-9b71-8ab66aac7c4f-64da22f6-5553
.pubmatic.com/ Name: KRTBCOOKIE_964
Value: 20918-cuid_12bd8522-3aa1-11ee-a1cc-125335d52042&KRTB&23354-cuid_12bd8522-3aa1-11ee-a1cc-125335d52042&KRTB&23415-cuid_12bd8522-3aa1-11ee-a1cc-125335d52042&KRTB&23422-cuid_12bd8522-3aa1-11ee-a1cc-125335d52042
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-969188718189332721
.bfmio.com/ Name: __187_cid
Value: 68531A78-C812-44CF-A2C6-1C611A476111
.bfmio.com/ Name: __io_cid
Value: 50148c8628af7e4ea9be23ffd4806bea71776f9f
.aniview.com/ Name: aniC
Value: 1692017406828-939026011029-001222-002-004076
.pswec.com/ Name: tuuid
Value: 72e3f5f2-3329-4388-a3c9-21dc461f90f0
.pswec.com/ Name: c
Value: 1692017407
.ctnsnet.com/ Name: cid
Value: 070766d5b6024d57be3bf3175c375e95
.pubmatic.com/ Name: KRTBCOOKIE_52
Value: 22772-R35CAB_10765A342_12CAFEAE&KRTB&23092-R35CAB_10765A342_12CAFEAE
.acuityplatform.com/ Name: auid
Value: 813726672749
.adgrx.com/ Name: ADGRX_CM_CASALE_BRIDGED
Value: 1
.smartadserver.com/ Name: csync
Value: 22:7015751175867750616|49:7267159384384272534|79:43438add-310c-42c6-a606-253d769a587a|111:ID5-632bhOSjupo1vdRoNINUp-sxGbreZvcK_wvnbh0_cg|116:JJ-Bcr2ZgPSZovj0FZ9P|127:AABFCk7JtEYAACVAbz7Dsg
ads.playground.xyz/ Name: connect.sid
Value: s%3A_jB7pL16NSu1VrQd2FycjU-WYEDQ-flA.8LDZeNWBzpHo7rDhx%2BJAlAbMD2veqju9kmRvBHiwZ4Q
.owneriq.net/ Name: p2
Value: pmc
.owneriq.net/ Name: si
Value: Q7453038071703537949P
.owneriq.net/ Name: pmc
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_469
Value: 8273-813726672749&KRTB&23428-813726672749
.pubmatic.com/ Name: KRTBCOOKIE_1305
Value: 23408-68531A78-C812-44CF-A2C6-1C611A476111&KRTB&23413-68531A78-C812-44CF-A2C6-1C611A476111&KRTB&23479-68531A78-C812-44CF-A2C6-1C611A476111&KRTB&23505-68531A78-C812-44CF-A2C6-1C611A476111
.spotim.market/ Name: a281178
Value: 68531A78-C812-44CF-A2C6-1C611A476111
io.narrative.io/ Name: io.narrative.guid.v2
Value: 18b736b0-3aa1-11ee-a591-0a3986670f6f
.inmobi.com/ Name: idsp_c
Value: cad42cac-631a-45c5-8985-91c07a63aac8
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANvqNdXNlck1hdGNoaW5nSWTMkWxhc3REcm9wVGltZU1pbGxpcyUBRH0DCy+CmGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUR9Awsvgo90aGlyZFBhcnR5VXNlcklkIfv7hnZlcnNpb27C+w=="
.servenobid.com/ Name: pid_316
Value: 68531A78-C812-44CF-A2C6-1C611A476111
.adx.opera.com/ Name: UID
Value: OPUa9d32a8716fc4cd59006943d3734bedb
.adsby.bidtheatre.com/ Name: __kuid
Value: 8a39a669-f6cd-41ae-a6c6-5b27ea24ed45.461231407
.c.appier.net/ Name: _auid
Value: CCqSsgrGBoOSKSzh_yLaZA
.pubmatic.com/ Name: KRTBCOOKIE_904
Value: 16787-CCqSsgrGBoOSKSzh_yLaZA
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-bd84f5ab-78b1-42b1-95ee-05bf6d810cd4&KRTB&23011-bd84f5ab-78b1-42b1-95ee-05bf6d810cd4&KRTB&23355-bd84f5ab-78b1-42b1-95ee-05bf6d810cd4
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-RX-8473adf2-1b89-4704-a0af-ee0cafa92d52-005&KRTB&17107-RX-8473adf2-1b89-4704-a0af-ee0cafa92d52-005
.outbrain.com/ Name: recs
Value: D1
.outbrain.com/ Name: obsessionid-p770
Value: 0516ccbb-2895-e51b-0000-0189f41886c6|12218|1
.onaudience.com/ Name: cookie
Value: 07c40deed3961894
.onaudience.com/ Name: done_redirects147
Value: 1
.rubiconproject.com/ Name: audit
Value: 1|tcR/wBEzWcIEtUVeNl6H/aS5Bv7H1ouoxdnNVF8ci157halKj1x5sUcbUm4xnjwALBZMIFgq3G9ymPvo8plePx63vS4r7n45c8p30O+KFTfxXSTExHpjkV9byk9TjXUW
.audrte.com/ Name: arcki2
Value: aa0vg76H4okRQ695Ybwkvpg9A!20220908!1692017407961!ip#38.132.118.69
.audrte.com/ Name: arcki2_pubmatic
Value: 68531A78-C812-44CF-A2C6-1C611A476111!20220908!1692017407964
.semasio.net/ Name: SEUNCY
Value: 293454FD82C3EA98
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AABFCk7JtEYAACVAbz7Dsg
.pubmatic.com/ Name: PugT
Value: 1692001368
.openx.net/ Name: pd
Value: v2|1692017396.1.11|vPvMgakWgy.iKbwhEgKg2.wvmmuYwDwtvJeSwrf8wi
.rlcdn.com/ Name: rlas3
Value: IvB7h+qi3QGEm24omXfn7ac0Yy6mpXRaRLHtF5Xmq+Q=
.pswec.com/ Name: tuuid_lu
Value: 1692017408
.thrtle.com/ Name: mc
Value: eyJpZCI6ImRlNzY1YzNhLTkyZTQtNGNjZS1iYzQxLTU0N2ExYzBlOGM1MyIsImwiOjE2OTIwMTc0MDgyMzAsInQiOjF9
.sundaysky.com/ Name: sskya
Value: "e2N4Ont0czoiM3o0dWJrIix0OiJuaSJ9fQ=="
.pubmatic.com/ Name: SPugT
Value: 1692017408
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 25
.adsrvr.org/ Name: TDCPM
Value: CAESGwoMc2hhcmV0aHJvdWdoEgsIkOLX89-zjjwQBRIWCgdydWJpY29uEgsI0OXQ_d-zjjwQBRIWCgdzdng5dDUwEgsI-Nv6_t-zjjwQBRIUCgV0YXBhZBILCM7HlIDgs448EAUSEwoEa3J1eBILCPz7h4bgs448EAUYASABKAIyCwjKxOSM97OOPBAFOAFaB3hrc3c5bGFgAg..
.intentiq.com/ Name: IQver
Value: 1.9
.intentiq.com/ Name: intentIQ
Value: ZTT4jp1Pu8
.the-ozone-project.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJrYXJnbyI6eyJ1aWQiOiIwYjQwNGQ0NC0xZWYwLTA4Y2EtMTI0Zi1mYjNkYzJlNzUwZGYiLCJleHBpcmVzIjoiMjAyMy0wOC0yOFQxMjo0OTo1OS45MDk0MDQ3NjRaIiwic291cmNlIjoiY29va2llIn0sInJ1Ymljb24iOnsidWlkIjoiTExBVkdZSUgtRy1HRVQ3IiwiZXhwaXJlcyI6IjIwMjMtMDgtMjhUMTI6NTA6MDguNzg2MzIyOTE5WiIsInNvdXJjZSI6ImNvb2tpZSJ9LCJzaGFyZXRocm91Z2giOnsidWlkIjoiMmU3NTU2ZmEtZDQzMy00ZTQwLTlkY2YtOGFkZmUzNzRlNDgxIiwiZXhwaXJlcyI6IjIwMjMtMDgtMjhUMTI6NTA6MDUuNDk3MjQ4OTM4WiIsInNvdXJjZSI6ImNvb2tpZSJ9LCJzbWFydCI6eyJ1aWQiOiI4OTc4ODAxNDY4MzM3OTIyNTU3IiwiZXhwaXJlcyI6IjIwMjMtMDgtMjhUMTI6NTA6MDEuNjA2MDg5NTFaIiwic291cmNlIjoiY29va2llIn19LCJiZGF5IjoiMjAyMy0wOC0xNFQxMjo0OTo1OS45MDk0MDE0MzRaIn0=
.quantserve.com/ Name: d
Value: EFkBIgHaKYEO-TC_vLEKyb0Qupgg
.w55c.net/ Name: matchtriplelift
Value: 5
.dotomi.com/ Name: DotomiTest
Value: 33aa1c91124021b6
.rlcdn.com/ Name: pxrc
Value: CPTF6KYGEgUI6AcQABIFCOhHEAASBgi66gEQCRIGCMLqARAMEgYIuOsBEAE=
.tribalfusion.com/ Name: ANON_ID
Value: ainyfbt3er66AxvPBVpBowAmrZdZaHYtVfmQ9iPLuTM3ZbafZaTtZbFwUKyRGa6VUj21wRl4nEZa4fPWNCdm9Zbec4jOOBisc5xnrZbspfQJ69PotuArsQrIZbW5SLZdLME0UAR1cirtpMJ8ymY5ua7BaBSy7X
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-8473adf2-1b89-4704-a0af-ee0cafa92d52-005%22%2C%22nxtrdr%22%3A%22https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1692017406828-939026011029-001222-002-004076%26biddername%3D200%26key%3D%5BRX_UUID%5D%22%2C%22zdxidn%22%3A%222069.29%22%7D
beacon.lynx.cognitivlabs.com/ Name: ss
Value: SSjwk1WncLevEA8XESjIQxTVAxfG69sNIMTZfJgU6URzqL0%2BlZc%2FthKtfaxoiup0WVRXVdNUsdEYqL5NcVavA5lkp8%2FmjKgENzF23MKx4G8%3D
.contextweb.com/ Name: ccpa
Value: 1---
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1ma7|2N.0.AAAMuSdE6J2eqwM2r_QWAAAAAAA|7dN.0.AABFCk7JtEYAACVAbz7Dsg|4is.0.CAESENgf9zI1fhutulcPNK82ZsE|7Xz.0.1|7TY.0|8jz.0.1|3oy.0|7bq.0.1|8nK.0.1|8jE.0.1|8nM.0.1|8i8.0.1
.mxptint.net/ Name: mxpim
Value: R35CAB_10765A342_12CAFEAE.1.64DA23000000000064DA22FD
.ctnsnet.com/ Name: gid_CAESEDRZZE2UJHbvnY-r1VQbMbY
Value: 1
.id5-sync.com/ Name: 3pi
Value: 164#1692017398589#-1360189313|264#1692017400863#1886356787#885e676c-3a70-45fe-acfc-e7ad294a43e8|441#1692017399824#-1404641521#u_86675a2e-1fa3-4d4a-8df3-7774f2fc0697|203#1692017404281#-1122675916#43438add-310c-42c6-a606-253d769a587a|108#1692017409009#1477644135|429#1692017406482#-1953999883#68531A78-C812-44CF-A2C6-1C611A476111
.id5-sync.com/ Name: cf
Value: gif
.id5-sync.com/ Name: cip
Value: 164
.id5-sync.com/ Name: cnac
Value: 3
.id5-sync.com/ Name: car
Value: 7
.id5-sync.com/ Name: gdpr
Value: 0|
.analytics.yahoo.com/ Name: IDSYNC
Value: "18y3~2dcc:195n~2dcc:18za~2dcc:18z8~2dcc:190u~2dcc:175w~2dcc:18yl~2dcc:1967~2dcc"
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1692039009156
.aniview.com/ Name: 1_C_3
Value: 2129E09A41B14F3196FBE4892007BDC9
sync.aniview.com/ Name: 1_C_3
Value: 2129E09A41B14F3196FBE4892007BDC9
.aniview.com/ Name: 1_C_10
Value: 5TsF0pv5gg6c
sync.aniview.com/ Name: 1_C_10
Value: 5TsF0pv5gg6c
.aniview.com/ Name: 1_C_9
Value: a8558a898a7f1d459a56776b82e5d936
sync.aniview.com/ Name: 1_C_9
Value: a8558a898a7f1d459a56776b82e5d936
.aniview.com/ Name: 1_C_78
Value: y-ka0IJ91E2uEn8mIOLyAuUA.dc8QajnFTWDzb2vs-~A
sync.aniview.com/ Name: 1_C_78
Value: y-ka0IJ91E2uEn8mIOLyAuUA.dc8QajnFTWDzb2vs-~A
.aniview.com/ Name: 1_C_52
Value: ua-232b251a-73f7-38d2-b385-866b557f8a46
sync.aniview.com/ Name: 1_C_52
Value: ua-232b251a-73f7-38d2-b385-866b557f8a46
.aniview.com/ Name: 1_C_22
Value: 9ee49186-746a-4a99-b9ae-326ad01ba3bd
sync.aniview.com/ Name: 1_C_22
Value: 9ee49186-746a-4a99-b9ae-326ad01ba3bd
.aniview.com/ Name: 1_C_18
Value: HJkhbLZHRtsgZLtNTqiinddP
sync.aniview.com/ Name: 1_C_18
Value: HJkhbLZHRtsgZLtNTqiinddP
.richaudience.com/ Name: avcid-sma-uid
Value: 8978801468337922557
.nypost.com/ Name: spotim_visitId
Value: {%22visitId%22:%22a3319bef-f26a-424c-8ba0-adaa5e0ce096%22%2C%22creationDate%22:%22Mon%20Aug%2014%202023%2002:49:56%20GMT-1000%20(Hawaii-Aleutian%20Standard%20Time)%22%2C%22duration%22:14}
.prebid-server.rubiconproject.com/ Name: uids
Value: eyJ1aWRzIjp7fSwidGVtcFVJRHMiOnsiYWRueHMiOnsidWlkIjoiNjEyNTM4NDkxNTE0OTk5NTgyOSIsImV4cGlyZXMiOiIyMDIzLTA4LTI4VDEyOjUwOjA5LjgxMzA2OTU2NVoifSwicnViaWNvbiI6eyJ1aWQiOiJMTEFWR1lJSC1HLUdFVDciLCJleHBpcmVzIjoiMjAyMy0wOC0yOFQxMjo0OTo1Ni45Mjg1MDA2WiJ9LCJ1bnJ1bHkiOnsidWlkIjoiUlgtODQ3M2FkZjItMWI4OS00NzA0LWEwYWYtZWUwY2FmYTkyZDUyLTAwNSIsImV4cGlyZXMiOiIyMDIzLTA4LTI4VDEyOjQ5OjU4LjUxNDg2OTQxOFoifSwia2FyZ28iOnsidWlkIjoiMGI0MDRkNDQtMWVmMC0wOGNhLTEyNGYtZmIzZGMyZTc1MGRmIiwiZXhwaXJlcyI6IjIwMjMtMDgtMjhUMTI6NTA6MTAuMDU4MDIzNDc2WiJ9LCIzM2Fjcm9zcyI6eyJ1aWQiOiIyMTIyMzY0NjY1ODc1MzQiLCJleHBpcmVzIjoiMjAyMy0wOC0yOFQxMjo1MDowMC41MjgxOTUyMTdaIn19fQ==
.spot.im/ Name: access_token
Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6IiIsInZlcmlmaWVkIjpmYWxzZSwidXNlcl9pZCI6InVfa2JHakNidEdISXNjIiwiZGlzcGxheV9uYW1lIjoiUmVkQ29ja3RhaWwiLCJ1c2VyX25hbWUiOiJSZWRDb2NrdGFpbCIsInJlZ2lzdGVyZWQiOmZhbHNlLCJpbWFnZV9pZCI6IiNSZWQtQ29ja3RhaWwiLCJyb2xlcyI6W10sInNzb19kYXRhIjpudWxsLCJwcm92aWRlcnMiOm51bGwsInJlcHV0YXRpb24iOnt9LCJzcG90X2lkIjoic3BfU3g4WXVrd0UiLCJsYXN0X2NoZWNrIjoxNjkyMDE3Mzk4LCJ2ZXJzaW9uIjoyLCJ4LXNwb3RpbS10b2tlbiI6IjAxMjMwODE0NWRKWDAwLjBhYWI0MDk1NzAzMzg0NTczNGRlY2MyZmU5MTNlZTgyNGQ2ZWZiMGRmNTZlNTI5MzQxNDNlNTA4MzNmNjJjMjYiLCJwZXJtaXNzaW9ucyI6bnVsbCwic3BvdGltLWRldmljZS12MiI6ImRfOEp3V2NuYjFyWTg2QnFQSjlZdFQiLCJuZXR3b3JrIjp7Im5ldHdvcmtfaWQiOiJuZXRfbnlwb3N0IiwibmV0d29ya19uYW1lIjoiTllQb3N0IiwibmV0d29ya19pbWFnZV9pZCI6Ik5ZUG9zdCIsIm5ldHdvcmtfY29sb3IiOiIjQ0MzMzMzIn0sInNwb3RfbmFtZSI6IiIsImRvbWFpbiI6IiIsInJvbGVzX251bWJlciI6MCwidGVtcF91c2VyIjpmYWxzZSwiZXhwIjoxNzIwNDM5Mzk4LCJzdWIiOiJ1X2tiR2pDYnRHSElzYyJ9.5Jcs78xQbo06Bo6LVlcfOO9evTO49Bfow2cswiwWfcQ
elb.the-ozone-project.com/ Name: AWSALBTGCORS
Value: ky8bhw2IqFrmYiv4nCrd6M1Qe5DoackiIzb6hSD/lGWCmgrOCjJMLJy0qAWfWX28T87GHp7EuwU7qZRhYdxx6Yf02htTJBrnLFVR3Zgd+ETS3b+A6UrNOnsoWvt8YjVo1O7LtJmjmFnY4eYTjm7AVTcim2q3OkGZiRWhUs+Ih/mzVq6kAhM=
.mfadsrvr.com/ Name: ssh
Value: !bidswitch,1692017414!triplelift,1692017408!minutemedia,1692017400!medianet,1692017399!outbrain,1692017396

22 Console Messages

Source Level URL
Text
network error URL: https://zephr-v4.nypost.com/blaize/datalayer
Message:
Failed to load resource: the server responded with a status of 401 ()
rendering warning URL: https://cdn.jwplayer.com/libraries/spddoyds.js?ver=6.0.5(Line 9)
Message:
Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
security error URL: https://us.tags.newscgp.com/prod/ncg/ncg.js(Line 3)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.ncaudienceexchange.com') does not match the recipient window's origin ('https://nypost.com').
security error URL: https://us.tags.newscgp.com/prod/ncg/ncg.js(Line 3)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://tags.knewz.com') does not match the recipient window's origin ('null').
security warning URL: https://tagan.adlightning.com/nc-nypost/op.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://api.nypdev.com/cdp/zephr/content/flyout?gaClientId=1624615099.1692017395
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://id.geistm.com/m/OB/KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://sync.search.spotxchange.com/partner?adv_id=8499&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3Dk1jJghvBi79yX1NZ2sM5fXrm%26source_user_id%3D%24SPOTX_USER_ID
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://sync.crwdcntrl.net/map/c=14516/tp=OBRN/tpid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://sync.outbrain.com/cookie-sync?p=pulsepoint&uid=5TsF0pv5gg6c&obUid=KQB8uQFQDyTOZjoZ32KZXaihbbbgPNS5REB5XW5TuPrfsiV_zuViJ5-E6tBdozjR&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob&ev=1&us_privacy=${us_privacy}&pid=562709
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%2068531A78-C812-44CF-A2C6-1C611A476111&rnd=RND
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://sync.search.spotxchange.com/partner?source=211945
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://sync.search.spotxchange.com/partner?adv_id=8721&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%2F%3Ft%3Da%26ep%3D301276%26extuid%3D%24SPOTX_USER_ID%20
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security warning URL: https://tagan.adlightning.com/nc-nypost/op.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://tagan.adlightning.com/nc-nypost/op.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://di.rlcdn.com/710530.gif
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://id5-sync.com/k/155.gif?puid=AACrE07JtEYAACl9xk287Q&id5AccountNum=155&numCascadesAllowed=9
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://u-iad04.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=9e327913d98873c4
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEN4DB0J97z6c5-irA-NhCRI&google_cver=1
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://sync.search.spotxchange.com/partner?adv_id=8600&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d10%26ev%3dfddb0e4239674cab881846b90d9a1b4b%26pname%3dSpotX%26api-tier%3d1%26uid%3d%24SPOTX_USER_ID&gdpr=0
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security error URL: https://nypost.com/2023/04/13/secret-service-tracking-onlyfans-twitch-pinterest-websites/
Message:
Refused to execute script from 'https://id.rlcdn.com/712202.gif?cparams=fddb0e4239674cab881846b90d9a1b4b&gdpr=0' because its MIME type ('image/gif') is not executable.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors nypost.com decider.com pagesix.com *.nypost.com *.decider.com *.pagesix.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0cf17917-395b-4f25-91cc-db3bdd6044b0.edge.permutive.app
0cf17917-395b-4f25-91cc-db3bdd6044b0.prmutv.co
0edf596e832eaa823c8ae8874f5e6aeb.safeframe.googlesyndication.com
33across-match.dotomi.com
a.sportradarserving.com
a.tribalfusion.com
aa.agkn.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad-delivery.net
ad.360yield.com
ad.doubleclick.net
ad.mrtnsvr.com
ad.turn.com
ads.avct.cloud
ads.betweendigital.com
ads.pubmatic.com
ads.servenobid.com
ads.stickyadstv.com
ads.us.e-planning.net
ads.yieldmo.com
adservice.google.com
aep.mxptint.net
ajax.googleapis.com
ak.sail-horizon.com
ampcid.google.com
amplify.outbrain.com
an.yandex.ru
aniview-diag-server.1rx.io
aorta.clickagy.com
ap.lijit.com
api-2-0.spot.im
api.btloader.com
api.nypdev.com
api.permutive.com
assets-jpcust.jwpsrv.com
assets.a-mo.net
assets.bounceexchange.com
b-code.liadm.com
b1sync.zemanta.com
bcp.crwdcntrl.net
beacon.krxd.net
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bidder.criteo.com
bpi.rtactivate.com
broker.datazoom.io
browser-http-intake.logs.datadoghq.com
btloader.com
bttrack.com
c.amazon-adsystem.com
c.bing.com
c1.adform.net
c21lg-d.media.net
c2shb.ssp.yahoo.com
capi.connatix.com
casale-match.dotomi.com
cd.connatix.com
cdn-ima.33across.com
cdn.cookielaw.org
cdn.flipboard.com
cdn.id5-sync.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.jwplayer.com
cdn.p-n.io
cdn.parsely.com
cdn.permutive.com
cdn.prod.uidapi.com
cdn.speedcurve.com
cdn.watchingthat.net
cds.connatix.com
ce.lijit.com
cks.connatix.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cm.rtbsystem.com
cm.smadex.com
cms.quantserve.com
connatix-supply-partners.tremorhub.com
contextual.media.net
cookies.nextmillmedia.com
core.iprom.net
crb.kargo.com
creativecdn.com
cs-rtb.minutemedia-prebid.com
cs-server-s2s.yellowblue.io
cs.admanmedia.com
cs.krushmedia.com
cs.media.net
cs.minutemedia-prebid.com
cs.yellowblue.io
csi.gstatic.com
csm.va.us.criteo.net
csync.loopme.me
d.adroll.com
d.turn.com
d1z2jf7jlzjs58.cloudfront.net
data.cdnbasket.net
dclk-match.dotomi.com
de.tynt.com
decider.com
di.rlcdn.com
direct-events-collector.spot.im
direct.adsrvr.org
dis.criteo.com
dmp.adblade.com
dmp.brand-display.com
dpm.demdex.net
dsp.adfarm1.adition.com
dsp.adkernel.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
elb.the-ozone-project.com
entitlements.jwplayer.com
esp.rtbhouse.com
eus.rubiconproject.com
eventlog.outbrain.com
events-ssc.33across.com
events.bouncex.net
fastlane.rubiconproject.com
fonts.gstatic.com
g2.gumgum.com
geolocation.onetrust.com
ghb.spotim.market
gocm.c.appier.net
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
grid.bidswitch.net
gum.criteo.com
hblg.media.net
hbx.media.net
hde.tynt.com
htlb.casalemedia.com
i.ctnsnet.com
i.e-planning.net
i.liadm.com
i6.liadm.com
ib.3lift.com
ib.adnxs.com
ice.360yield.com
id.geistm.com
id.rlcdn.com
id5-sync.com
idpix.media6degrees.com
idr.cdnwidget.com
ids.cdnwidget.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
images.outbrainimg.com
imasdk.googleapis.com
ins.connatix.com
inv-nets.admixer.net
invstatic101.creativecdn.com
io.narrative.io
ipac.ctnsnet.com
ius.ctnsnet.com
js-sec.indexww.com
k.p-n.io
krk.kargo.com
launcher.spot.im
libs.outbrain.com
live.rezync.com
loadus.exelator.com
ls.skimresources.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
matching.truffle.bid
maxcdn.bootstrapcdn.com
mcdp-nydc1.outbrain.com
media.sailthru.com
medianet-match.dotomi.com
metrics-logger.spot.im
ms-cookie-sync.presage.io
mug.criteo.com
mv.outbrain.com
mweb.ck.inmobi.com
nypost-com.videoplayerhub.com
nypost.com
oa.openxcdn.net
oajs.openx.net
observe.aniview.com
odr.mookie1.com
onetag-sys.com
open-api.spot.im
p.astarcdn.com
p.jcontentcdn.com
p.rfihub.com
p.skimresources.com
p.typekit.net
p1.parsely.com
page.cdnbasket.net
pagead2.googlesyndication.com
pagesix.com
partners.tremorhub.com
pg-prebid-server.rubiconproject.com
ping-meta-prd.jwpltx.com
pippio.com
pix.cdnwidget.com
pix.spot.im
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.advertising.com
pixel.rubiconproject.com
pixel.sitescout.com
pixel.tapad.com
pixel.wp.com
pl.connatix.com
platform.datazoom.io
player.adtelligent.com
player.aniview.com
player.spotim.market
pm.w55c.net
pmp.mxptint.net
pr-bh.ybp.yahoo.com
prd.jwpltx.com
prebid-match.dotomi.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
ps.eyeota.net
public.servenobid.com
publisher-assets.spot.im
pubmatic-match.dotomi.com
pulsepoint-match.dotomi.com
px.ads.linkedin.com
px.owneriq.net
r.casalemedia.com
r.skimresources.com
rebelhen.com
rp.liadm.com
rp4.liadm.com
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.gumgum.com
rtb.mfadsrvr.com
rtb.openx.net
rtb2-useast.marketiq.com
rumcdn.geoedge.be
s.ad.smaato.net
s.amazon-adsystem.com
s.company-target.com
s.e-planning.net
s.skimresources.com
s.tribalfusion.com
s0.2mdn.net
sac.nypost.com
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
segment-data.zqtk.net
server3.vidazoo.com
servt.unrulyvideo.com
simage2.pubmatic.com
simage4.pubmatic.com
sli.nypost.com
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssl.p.jwpcdn.com
ssp-sync.criteo.com
ssp.disqus.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
stags.bluekai.com
static-cdn.spot.im
static.adsafeprotected.com
static.cloudflareinsights.com
static.criteo.net
static.vidazoo.com
stats.g.doubleclick.net
stats.wp.com
storage.googleapis.com
sync-dmp.mobtrakk.com
sync-jp.im-apps.net
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.admanmedia.com
sync.adtelligent.com
sync.aniview.com
sync.bfmio.com
sync.colossusssp.com
sync.crwdcntrl.net
sync.e-planning.net
sync.go.sonobi.com
sync.intentiq.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.quantumdex.io
sync.resetdigital.co
sync.richaudience.com
sync.search.spotxchange.com
sync.spotim.market
sync.springserve.com
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync.technoratimedia.com
synchroscript.deliveryengine.adswizz.com
t.adx.opera.com
t.nypost.com
t.skimresources.com
tag.bounceexchange.com
tagan.adlightning.com
tags.barrons.com
tags.crwdcntrl.net
tags.decider.com
tags.knewz.com
tags.mansionglobal.com
tags.marketwatch.com
tags.nypost.com
tags.pagesix.com
tags.penews.com
tags.realtor.com
tags.wsj.com
targeting.unrulymedia.com
tg.socdm.com
tg1.unrulyvideo.com
thrtle.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.outbrain.com
trace.mediago.io
track1.aniview.com
triplelift-match.dotomi.com
u-iad04.e-planning.net
u.openx.net
uipglob.semasio.net
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
us.creativecdn.com
us.q2s15.com
us.tags.newscgp.com
us01.z.antigena.com
use.typekit.net
usermatch.krxd.net
usersync.gumgum.com
v2.pixel.newscgp.com
vid.connatix.com
vid.vidoomy.com
video.unrulymedia.com
videos-cloudfront-usp.jwpsrv.com
view.cdnbasket.net
visitor.omnitagjs.com
vop.sundaysky.com
warp.media.net
wave.outbrain.com
widget-pixels.outbrain.com
widgets.outbrain.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.ncaudienceexchange.com
www.zergnet.com
x.bidswitch.net
x.dlx.addthis.com
zephr-v4.nypost.com
a.tribalfusion.com
aa.agkn.com
ads.pubmatic.com
aep.mxptint.net
an.yandex.ru
aorta.clickagy.com
b1sync.zemanta.com
beacon.lynx.cognitivlabs.com
bpi.rtactivate.com
browser-http-intake.logs.datadoghq.com
c.amazon-adsystem.com
capi.connatix.com
cds.connatix.com
cm.g.doubleclick.net
cms.quantserve.com
cs.admanmedia.com
cs.media.net
csi.gstatic.com
csm.va.us.criteo.net
dclk-match.dotomi.com
dmp.brand-display.com
dsum-sec.casalemedia.com
eb2.3lift.com
elb.the-ozone-project.com
eus.rubiconproject.com
events-ssc.33across.com
ghb.spotim.market
ib.adnxs.com
id.geistm.com
id.rlcdn.com
id5-sync.com
idpix.media6degrees.com
idsync.rlcdn.com
image8.pubmatic.com
imasdk.googleapis.com
inv-nets.admixer.net
ius.ctnsnet.com
krk.kargo.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.tapad.com
pl.connatix.com
player.aniview.com
pm.w55c.net
rtb.adentifi.com
rtb.mfadsrvr.com
rtb.openx.net
rumcdn.geoedge.be
s.ad.smaato.net
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
stags.bluekai.com
sync-dmp.mobtrakk.com
sync-tm.everesttech.net
sync.aniview.com
sync.e-planning.net
sync.intentiq.com
sync.ipredictive.com
sync.mathtag.com
sync.richaudience.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
t.adx.opera.com
tags.knewz.com
track1.aniview.com
triplelift-match.dotomi.com
uipglob.semasio.net
um.simpli.fi
us.creativecdn.com
usersync.gumgum.com
x.bidswitch.net
104.126.112.185
104.126.112.26
104.126.114.69
104.126.116.66
104.18.0.32
104.18.1.32
104.18.10.47
104.18.11.47
104.18.24.185
104.18.25.112
104.18.6.50
104.19.150.54
104.36.115.113
107.178.254.65
108.138.106.17
108.138.106.37
108.138.107.138
108.138.128.34
108.138.128.37
108.138.128.91
108.139.29.120
108.139.29.97
108.139.54.32
124.146.215.52
13.225.214.57
13.225.223.23
13.225.63.10
13.225.63.36
13.225.63.91
13.226.34.38
13.35.93.126
13.35.93.5
130.211.23.194
141.226.224.48
142.250.80.66
142.251.35.162
142.251.40.166
142.251.41.2
143.244.222.249
146.75.30.132
147.28.129.37
15.197.193.217
151.101.66.217
151.101.66.49
151.139.128.10
152.199.5.228
162.19.138.120
162.248.18.32
162.248.18.37
169.197.150.7
172.104.121.22
172.240.219.212
172.98.26.241
172.98.26.245
173.231.178.115
174.137.133.32
174.137.133.49
18.164.101.60
18.164.116.114
18.164.116.122
18.164.124.41
18.164.131.120
18.164.96.22
18.164.96.43
18.164.96.8
18.173.219.66
18.206.138.177
18.208.125.34
18.214.20.208
184.24.36.23
184.24.37.207
185.167.164.43
185.184.8.90
192.0.66.184
192.0.66.32
192.0.76.3
192.132.33.46
192.40.39.223
195.244.31.10
195.5.165.20
198.148.27.131
199.127.204.162
199.127.204.171
199.127.206.102
199.250.161.129
199.38.167.130
20.85.134.6
205.234.175.175
207.198.113.204
207.198.113.205
216.200.232.249
216.22.16.5
23.105.12.137
23.205.56.163
23.220.188.182
23.220.188.195
23.220.189.76
23.227.139.243
23.23.38.193
23.23.70.212
23.76.43.24
23.88.86.2
23.92.190.69
2600:1402:b800:38::1701:2198
2600:1402:b800:78d::2c79
2600:141b:13::17d7:8252
2600:1901:0:7416::1
2600:1f18:4e9:5a02:d83a:9713:23f4:8b03
2600:1f18:612b:4232:6fb3:e7b4:1fbc:46fc
2600:1f18:61c0:2204:dc96:d78f:7c5:6b8d
2600:1f18:730:b150:499a:567e:57a7:91ad
2600:1f18:ed:550a:fdb3:b355:1994:e0eb
2600:9000:21da:7600:1:a3fa:7cc0:93a1
2600:9000:21dd:9c00:1f:4c18:bd40:93a1
2600:9000:23ca:400:8:48e:53c0:93a1
2600:9000:23ca:fe00:9:41bd:8d00:93a1
2600:9000:23cb:a000:8:8845:1500:93a1
2600:9000:2511:3800:a:e047:753:6381
2600:9000:2511:3a00:1b:5138:8a40:93a1
2600:9000:2511:a00:2:cecb:23c0:93a1
2600:9000:2511:cc00:4:b37b:9440:93a1
2600:9000:26fa:de00:e:5a70:ca40:93a1
2602:803:c002:200::43
2603:c020:400d:3000:bf17:cd18:9a23:846c
2604:9e00:1:129::2:a01
2606:4700:10::6816:2460
2606:4700:10::6816:3456
2606:4700:20::681a:346
2606:4700:20::681a:78b
2606:4700:20::ac43:4acf
2606:4700:3035::ac43:bfac
2606:4700::6810:3965
2606:4700::6812:184e
2606:4700::6812:18ad
2606:4700::6812:1a98
2606:4700::6812:1d26
2606:4700::6812:651
2606:4700::6812:aa72
2606:4700::6812:acf
2606:4700::6813:9e13
2606:ae80:1451:20::1720
2607:f8b0:4004:c17::9b
2607:f8b0:4006:80b::2002
2607:f8b0:4006:80d::2002
2607:f8b0:4006:80e::2002
2607:f8b0:4006:80f::2004
2607:f8b0:4006:816::2001
2607:f8b0:4006:81c::2003
2607:f8b0:4006:81c::200a
2607:f8b0:4006:81d::2002
2607:f8b0:4006:81d::2010
2607:f8b0:4006:81e::200e
2607:f8b0:4006:820::2008
2607:f8b0:4006:820::200a
2607:f8b0:4006:821::2001
2607:f8b0:4006:821::2003
2607:f8b0:4006:821::2006
2607:f8b0:4006:822::200e
2620:100:a001::18
2620:100:a001::1d
2620:100:a001::4
2620:100:a001::c
2620:112:f002:bbbb::21
2620:112:f002:bbbb::23
2620:116:800b:21:4cb8:1820:80ca:50f7
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4009:821::2003
2a02:6ea0:c400::12
2a03:2880:f112:182:face:b00c:0:25de
2a04:4e42:200::485
2a04:4e42::626
3.215.50.168
3.216.187.16
3.220.99.217
3.223.58.25
3.232.39.216
3.92.156.8
3.94.23.46
34.102.146.192
34.102.163.6
34.102.180.215
34.107.140.17
34.107.148.139
34.107.191.194
34.107.254.252
34.110.220.19
34.111.113.62
34.111.8.32
34.117.239.71
34.120.107.143
34.120.117.212
34.120.253.250
34.149.130.207
34.149.2.25
34.149.254.212
34.194.30.69
34.199.73.116
34.200.65.202
34.205.126.51
34.233.157.77
34.96.70.87
34.96.71.22
34.98.64.218
34.98.72.95
35.169.215.20
35.172.4.172
35.186.193.173
35.190.39.111
35.190.59.101
35.190.60.146
35.190.90.30
35.190.91.160
35.201.67.47
35.207.24.140
35.207.44.74
35.208.249.213
35.211.178.172
35.211.233.246
35.214.225.72
35.227.252.103
35.227.254.22
35.236.220.17
35.241.9.51
35.244.216.63
35.71.139.29
37.157.2.234
38.68.201.140
40.76.134.238
44.195.135.11
44.197.65.5
44.206.193.111
44.212.249.199
44.213.233.180
45.133.44.3
45.133.44.4
50.17.205.49
50.17.85.25
50.31.142.95
51.222.39.185
52.0.156.250
52.201.165.221
52.201.180.243
52.205.55.225
52.206.103.177
52.207.126.75
52.207.45.55
52.22.181.173
52.22.194.176
52.23.49.153
52.3.206.23
52.4.169.33
52.46.151.131
52.55.144.0
52.95.126.160
54.144.144.142
54.156.202.94
54.158.247.65
54.165.119.46
54.175.87.143
54.198.143.1
54.204.170.28
54.204.231.42
54.210.73.124
54.225.185.242
54.229.167.103
54.230.163.10
54.230.163.92
54.236.116.166
54.84.197.253
54.85.70.234
54.88.169.209
63.251.28.233
64.202.112.255
64.225.0.15
64.227.64.62
67.202.105.23
67.202.105.32
67.202.105.34
68.67.160.132
68.67.160.184
69.166.1.34
69.173.151.100
69.173.151.96
69.90.254.78
72.247.65.83
74.119.119.139
74.119.119.150
8.2.110.134
8.2.110.24
8.28.7.83
8.28.7.84
8.43.72.98
80.77.87.166
82.145.213.8
85.114.159.93
96.46.186.57
000a321a18985f99a6a890dd4159de196edc13d6515caf2163eec03f13da5b4c
009194e0ef2b6a718d82152d400833d2f9d7e06c6aaf958044338cfa12b69a7e
00c77ac833f1a05fc40097b5b433b5e30a0d3c0c4d93ec95aacb4ba5c5bcaaa9
0292c490af46fed8c95fb0d728a9db44f964cd7f997af76f9bc95daf7b5f7259
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
03427adb761dfb1ebff7f637175dee936c1baa5eec7dfcc2664109d5bb4ed6ab
042f7f2584ad7ef059a8a04fe074f4f1ef875d8ba45fd73580e0224106debbc0
04f9dc4a97b243e2f7e3240f4d963593cc553c20fdf0fc947cb0ff8f5973bfe5
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
057da4d9f7dbb19c543e3694492375c65de82e1fd8b3589cf29523e779f3a878
05f7cf161d99234aa8ef94e08d61e12aebfc291a4c213c66de8ebf4d0377fbfd
063d2750f41b88f89b69d29f07378e23b4f95f51992ca1767567f73b4927ce53
0693dd347b67752ba7a10ad6c43488cf213606f753af84a255cb35159f1aec45
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06e61149224364185510140a22c17735023300f0731d3718f52439ffd7cb4e09
06ffd9e17bd41822b9a7b982a8ff486fafa54f7781baacb6ef3507ae7f9b36b5
074ebccc3051fc1134d2fdebe572628923b61990cbbd1da47bdf1d8ff7ed200b
076d349ea3c64dc8c267d658e135d4c55ee39db70c2076f2650c26fd9620e3bc
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651
09a75ddba1c72c4a0d225d4039e9c856934811938facfd833e7ab20be1792e8e
09bba9c244cbc0f1c1f93f3c4033b7e71d34a8dbeee3c754a36ddcba0e329ab8
0b4bb74c7f550162d688cef16db8298a8b697ed71082729828f0bfc3b6bbe4dd
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c34dc4de2a524e93b1315788f03ba101b99e22ff50082945e84a00368d73e16
0c66fcbd005b49322f31177cd407cb74dbcca28d8dd197efc3aa2e754e724450
0d0201ae289abedb69462530b537bf214965f715981bfbc1332c8a4aa32e75ce
0d1a994269a6be2e3504c4f2dce71980d8c9b8be12cdedb9997da9f18362ebfa
0d61116d249a361c4f071ae125bb893bc1e6de4ac3d2313b1af1258036d56955
0d62c80e8180a2c275d761c5fb681cc5b0e41fff53d32926ebed430f91f511c9
0d681e7b8bf69feb54dac29be9c220ba245295feacde9814666573be9a699327
0db06895e7209c5b0ec1f4fa71a2ec9e03d9d5ee74d998725d4025d3dbe2309c
0f3c3764cca0c1427274c98291edacac65a70e577e7a31cf1b42a01741490b8e
1047020444e0f9d5830f2d569440909a6aaf61ef5b6db572bc3b9987f4b4f741
1125b86e58a329b006c7ac61ebdaecb194fd151d3e07131bedc460c2d9b54dda
113a51e486fa9882fd4345ba3c1b3e7d4c99e858f6a37e4479d41305fd32b114
11472afad36851ba300270bbb84522012221c5f2f1bfeef898004e303f7d2a22
1212aebf052f6f8132cec9e511eb780c9eb9efbaea9805ed1308e8c480fefcf0
12f2773027db7060e60253f6d7a8d6143d079965de1b3257f34c9d350e089762
14b4caf239342334bf7b8280605e60f67c33c589762047b8bd67c0552fdb80a6
14e4d1596c6b58896dfce1fc1ec45372bab4d2259ba82828fa3f96cc4f859fc4
155634641e0af9f8618778ad4385e5ecb1a8c61808b59d593963f9f6efc73bbb
15676f8492c8e8fc815f4cc5326ae80a1e42512ce45a7f2f8e8fdf12879cc6e6
15c29727e9f1486aecebc3b68deefb8856d230dfbbb9397df8f851741921729a
1670ee422d780fa3b73c0c8710eaaabad3bb445574e9e0efd7195391e2ffb807
16b301cfef6fed7abfc211fc81211e98c5a6c5dd7f906dbd39d6545835c1cda3
17389d972cd773e79c2ae5e5518068befc541f5f28944650a1fe0a832c642361
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18cbfcb608af5885f7916274b60578d32006c90e8fce3d98dbcc89a646707608
19325d3afc6878dcf98e05f964704dc833dd37872e8fcf216944e84fede6bf47
1934e5d5035066a6841b2f752c8b943a09442a2bee1903a8729eb441e1b3b9f6
1999dbeed949fa2152858c559d7ef95be2dae83bed0f1195e4c3569c0d2b9728
199e4835af79f304e97b71d6bd8c6e970c7d03c607f8b2cec52cc93ae73b5ab4
1b8ba4868781f0b66efefdaa399da69c291235688dd9123ea45d31a44a6992da
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1bdec2c2ad47a9294d4692739fe33d05a37b89967be1e597306be24bb84515c6
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1d5efa1877ba09128cd3c07a1c9e9e0b2f7579817311cfd00b01a835d32634a4
1d960633f9d4f3883fc4e37c17124c015600d49f67bb331eb110ccbf1a885933
1dc4b29dd0acbed77ec2fd81036c33efd4ab5989e8182705a30615a00a0117f7
1e1bebd59e4649e258296b9ba145e36fa40b099cce03ddbdc11fcb1eaeb4ee4f
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
20b7efe8486155db01ea1304479465917360eb8fec4092f7592b5eabc9b24d53
21655d9fabe294c06d30757dcab3766717c260d8e75e750b4135b03541dca772
238331d3bee21cf334365e5e4f91796e9cc156e3c01c4f0f07cb11a4883158ba
238a8058cd2844737df29521746c33e40c565822858a01e7ff33d4b8f14e3b57
250e2915fe1cc935369030d50d2ed1ffae880c8c984f8f8557c5f1600a7bfa68
262fbcc7922dfabfbb72c1c366ae208230efbed08f7fc16988db51650c1e01ba
267c61e8de2c28a2551dd5fa6ecdbc608d94b52d639c7fbb4b8ed6db91e311ea
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2689e04993ea216d08ca70fed81820dc0c3add7b106c72dc136e5f84eb3c9ce6
273f270699eaa38035b1e5a38f4ad3cdd643d77a57b9d2f65aa959b30d5e75f1
28168f094d3633fec225e7ecd9982c5405b51f2fceae610016b6ec9cc10606a9
29d00e73ab0c3dfb89f382f04d07751de82c28a7f0df8a639fd1999461439686
2a772ae382ed63d0ff9066f79ca6066847deede42ea279bb1a4e7b403e2adeb7
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2ac99eac10f56ef7bbcbba6c1042b6fd053ec0b2dc0eb27cc72cfe67b49718aa
2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78
2c49cb962ef8cde4b20f4c74d091646c3cd6189d05363f9082bb73f4d3d5dc74
2cb3bbe98fc61e41a70ef122d0128c5db5d8a835bd0253df0c0be75b626fac7f
2d57d64b0d7464fe9fe09cac21d5d21701de75215eae7c14af52ad51cc78245a
2dccdd26bcba69a611b2c82493a7ec52efb25a1156d9b1a3e4b0ab68ba98405b
2ddfdbe820acf73e9b01c2a6f912ecd7de131d9e9e82efd748d61b2b84beab42
2df75dd5414f39139ce6f757636066e98d685654dbb93bf2c0f93f37092f1abd
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2e1108d8337773ea47d4f9d3fa841339d918b2722ff1c87fee7e8a1194c03a73
2ea060e12edc14d61585386c06cadb21b1fa835a7fade5425fff2eebae71d2ad
2ed0664d2bf8eaf59fbc7d7975664fa9b3739bb2ba769d4f6dfbf6ff942cb78b
2f503d94cd0377b30ad4a5e30b03f64d8beb7b5ad5ed502a97a0eb3cdb85b375
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3033d18780c31430ee49929988186914528e96a29a2a416b46639e7d77e8ef64
30c714bf4216e577686d238b98561d093672cb25bf90baab50dd956f75cda4b3
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
325600cdfabdb5abad38c4ea373c47bb8654dceb653dd4e0fdf71d0f78336b9c
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3298446559e3092533afc8e7739ead20d365cf51c846d1b833781643d4150231
32a9284c528855fe0a7713b3d136cbf6447a57ed63667c5cbe14f66006519cb3
337113dca5dca51e06e8f52436146d9bdea02a50f6f442085c9d1540079630dd
33849beaed6f34c2defe2ea3610a424d05730d79a9af10e3cf67e070af0694e0
34f947462e57db099dfb1a87b6dfe310b1ee72d7bbd0a916589460e83bae42a8
3584ea9df907fa30b588127fd09db4b8f309a68dc181c4357a62830dff8943d3
37619e5369a3825b83c19196aa81cbe8e25a28ffad018fd9667af11c6b4838ca
3778b11054daa02477c738ed3bf2ba3b0ef7c5d57eae266b9f4199fe3c65917e
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
38235bc84ace333aca458c28a8919c858d979260405df01652aaaedda904aff7
3863276a33d1d80116435988b3ef289f0f2b2ada9ea368a07d0756022491f747
38c980c78bb071575a1684a76b7736c9fa3d58de5ef883184c5263001c701951
393f3e4e25a29357699d565a3c7e2c9b1f12444a9fe8e0515658c5fb67b5b8d7
39b8eb6f627d2b3b6087c9b80548a1822bfd63f5dcea868f996a4c5e0932863e
3a457efb10b3a5870e08f51aa64c8dde162aed9176abf6c048829b52ddbab1f6
3b0ecd0b7c8e4db72578c8d28429bff3a47a2d8f306e3c9ecce4f34403b9ed83
3bc623916f9da4e29b62d5682392830eebc2511cd1ec62c96b3b6a0306af02e9
3c1179965bbbc155a93a33852b756160ec48f09d26d41f96273d14f732fa74c8
3c735c4ebe1bb83751e8325342cba1b6b6044ac98ec1d9e14b63eac5603ec184
3cd5b87f13a06af310cd255c3f25a0fd0d5bc37de6db7a2e4fdd840e5bfc8b64
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d799b8d6ab02987525e8b6762b44750c198a6f6a3f9e7753473ddef8094c83e
3deca228885e45583293924edf896128b563691f6d7ec3527f2dbba703ffed90
3e1e2b7f832fcd87fbe0e12fdb8d310dea53ef4e2444f1921f409517808621b4
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e7e6ddedaafc66b9f94c08002441292efb61a9d80cd0aca4d808011d32371a5
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f006dec88c65732acad8ea71a9bcc6be450a360567eccc8174da37df54c6038
3f56473141577d2b87c23d340192177edda4e2e5860257152f9814e143d5d82d
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9
410ee3648b58b7a432cb01c9161a1c319904ec783b0245de71fc1c323e2cb9db
411c8ac2a8c4eb17f5f1d0d9419a21235a8dbb20b4fcd49d8dde46ed9178298d
41fd4ed5ad93e39cd84d043e905e66e3bbb9dbb50cf2d7bbf68bfeef79f3d3cc
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
42ba599a32bbce10ef02456dd2e2a709a4794b3ebe6cfc9a77bfb381eb3e93a5
437f7ed45b365db0e1c6468b30311091e263cc9397687c3ec3967c5731361ca5
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44529f30aa6017da84c45718df1a0a4b0fb44cbb187c1fd80e33bbd6077067cc
44f9f59ca2dcdfa34d272a64557c923900bb034101f2b33804cb9c8ad7c75e49
451ce2bcc056a9985c7d83a91689076e08450f9f5375b3f35ee6a6ff454eb6a7
45f0f27fb78191006375051ee3046fae3105b652d11680432511cba61b32c330
464ebe51a3d3b0a1d0fa645a63fb49a5689d0819fb19720e6e972127359df587
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46cd024c098a819457a86a965c1831e29b4f107fc1fc6efdc150a768658fced6
479771a85779db725b9814cd4a738e5208f867ec7dee831a1516908ee1d46b1c
47eeae039c79c7913003cc6d774b9edfe85d1f84923bc696561786ed3f0ed6e2
4808c8e8e2350265366b6e9b590043f18be423649ffdfaaa4a87c4edc2961d5b
487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4981cbe7a8a46d1c7a4ad33997a79af6109859f31e75462376fdf7414b2f745c
4a4a10a664ff7f5a65f89c2a9ccb02a6c49cb144eb80c1ecc03745c7559cb4c7
4a8285f69819693db719ed5f41249c26952db347e7c93a0ee7b0cf3433231b23
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9
4baa448d3d6a16bf873b3c00a94e9e6bcc22b032ab6e3c9009565c9d14e893d0
4cf07a6b71b845095930141f6797ba402ea64e2151c433ffeaedfba94823f5a8
4d098860773d68c5d80ac5f428b3c1d0ed991cb1f89964c20d059cb645aa4494
4d2a8b875091b09a99fcf7db07ee04dd3b7059fd3cf80d695517ed8d2fb9306e
4d44eef42468aa9860e7e4d534a143260ab1d102607635a2f30483d0c039686f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e1dd78ad69fc4a0df1f0edb67f6c10bcbf16057588c2b6f7535930e967ef742
4e88cc7158c2659620f04a6750bd6874a6b106425f653adcca2b19767ab06ea0
4e910ecba81a32520bbafe044335ab6dfb4e18bd8216a72d147f4f408074d286
4ee031bc19c6c4e64ba59fee2d70f6179ed165daee13f3b77a728423174d253a
4ee0a0af2086d2d7842764f77c154b9235587cf9ba0b961cb2b4d692405a4009
4f11fff395615749f7d73545799ed746cab0761185e45db32432454cdbf7cfa7
4f32d102a1a3f45bac46140601a6f5d47e1a3e9711cbdc9f942e751f3354f2a6
4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4
5028f77ac0afdac1bb66eaeeef41e77cea0f2487a66cb1df354d8680db1bb64e
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5066b8428ed1902196c54ede48f78c637da47acdadfe22c10442cb676da0afde
50bbb78df62c9dbd228de33144c858b58d9d802d313bfe402c07f86358fd529f
50edc908c356840c9b7a0542c960bfe76ec529c182d698dd49c137b68c8a2498
51007da9a4b314714c54327142ca37d1d77cc6386e63342e53e1017d72953e50
510bad5273617bc2a9e70742b2228b4164f3e48623822da557d1ef9102b81eb1
51176aace8cc2d70bb4363c340721521ccd6b64d483ad0275af4a1aa075b8dfc
51251da9ac6de8910cac8e22942cb3d10fba93e8043488356937e29a50c7e9af
5172dcf83f6d622751ea688d1ba4b507d54e3eeed9e933ac38f87ada5ecc87fd
528e44f480dc7876814c1741a61e0848ba17d4aac33862afc3eb6544dde3dae2
52a6c0dc3a72a1f3b7202d7f33fdb147db367ce8b44f86e791814a9f079a5735
538be4d0f583d206b41eaf40ba202b642d3b7bca07ad734c834ef7ad8d13a700
5427e10c23520fbca480e8750c7e03dc2858eee594081879ea72a559bbd9fa81
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
54884e22a5a776b6c7eb41ae0e119b2ac1d2ba8765b063811b485dea1b8de946
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54e8767ac25a959fb54be018ff5c4930b775a7b497aa6dea85ba223ab9fbf0b1
5547ff8e64fb15bda9d94f9d8c28f7dd20c79de2cbcd64f954a5d079a7704315
555cd03ff6898614166494825516fbaf15aadfb16f88611778b580257d120a24
558eb4d6de8f263a292d618186ac5d1270fdf3718f2b52277cb2ccf6cdfe6158
561f49e7560b02f72da6625f7acdbc628765225984bbed60c93209020471620b
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5662149034f5fd127ca3fac155c369590a333672567f6d75983f58984d0b7d7b
569570d532fa6c2737ee3dccac947e9f02fbb9dde932e4f704d7ba37ca0fc7f1
56ca4f4ce6bd0aca06c71ca0202571897e0456a97a587e80827afb33fed418c4
58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4
5920678648db4b6996fdf65c133bf9edc5825a2525018e77cd1be056e2fdabc6
59a977b16bc5be2dc40ea61d5a5ff8244abcb824bc9fa2c7d81ed1e8bc1a169a
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5c09b27f858e9254397451abbff3927acb9f6fc9745bcf3f56b7ab1c82cfb4a5
5d43c598e2818c95943dae6325d770f93f7a2adf383d4df880766c077bfd0380
5d6b864869c19ea1f500174a8dc3f327fd5fdc7e8f92f569788a6744341e4f27
5d932873e864e38ca42a4151759b54a827a20b021c6593f816562c9cb94fe69c
5f1a4f7d4aa6440bacf7075c3edf0c9e528ffdfdf9c93e05518ca770571280bd
5f2f38673f92650aca0a73abea2cdb36fd3e9c8d9ac3ad3adc1c4c212c93908b
5f789ccae156b160492d89a6146b1974d15128790b74abb995d8e89fa44cde5e
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
600177d7eaa658bd5508d5bb19a4a669454cd3280b39319ee32f893915c48db4
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474
6162dd71cc216b9acc8dee776de2d410e90c08de94d85965e608da04c4a431fd
617bf1c27e03853ae5fa288ae5361889fc49736672164dbfd2007a2dcb8be86b
622d8b20aff13a9a96cecc1eff31d5336fa29a8fb3f4c97ef3a184217dc6c103
622e81c14e0c9cfa75032b9c348ae1f02ef2b4f51720615bdbc758a215693c69
62e7add37de51562a82b49367fb7675f5de0b6b11826fee827166e269cfc5734
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
6478604e340b76a95c9cd64afbb9bf2e19dc7e371d442b095495e861ba3d66e0
649c937aa09a423947b473150880a77ca3c75e58c547e11d425325110e3f9420
65875d6e79bb192aca56647ef342b576d35e8c94bfcba84c61fb4e43892a9f44
65b436ff1b96d1a83cbb0bf650370ff365aa4519b9076b08cf47fe1a30c50ba6
65d907d1b8033445e8bc4e7b6576892a78df5b8228e0cb23682e121373fca82b
65fae40aecaa4a2551aee0826fe9ff3fc02b2c92ca6ac7c21d45d6a5b0e0fe5c
66499ddf1a34f67f53c5a31abc9e866f7c54a64a8cda4199a9d6bd1f2b1df51d
666ef5ee78173e66f48d3006d04013d5407d85d54bdb1c7793b4772d2318d339
668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c
66a53a93258f8769021ef1a57531ae151994d2c6203656479bf51ff3c39b3ac7
66c8a7fd77862e3549f38f33023f6fe2dbded3d717a5cdec8348d616067d14d3
68151335dd5944307d4c935ea1f7ad791c82aedd9f49434cf96323a9cdc6a8a4
683245d5f3f9976ce066aa5d899f8c533bec2ab49b9a848f1d19825c0b791566
685f3b9aa3522188ab3cfec3d88b949641c26b3297e965b6a0cfd8343cde3a6a
69926d5f82127ed3df1a349655ee26cea78a942d6c8a871074a8e45209eb710d
69cb5404dde4842704b5d0120ae553f33e4f7a50e2f25b765254ffac34de0732
6a9c7db7515df74d106c7143e79feb5d6b469a9259dc9f3554bf86d91355ef19
6ad8f8c68fcd3042d30a385f8476c8ea8b6d53c8e3812e35b567f9bbb6bed177
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b2541c52d3cdf7127c3ac76c935018f94c7280cafb00e7aca48a8d4603e1e20
6b96bb266dc1e41e713ce7861924fd5855bf1039b5d4fbb806c4841281fe5f48
6b98f3eec96ea7d3619f429615bbc0f9465a5ba47308a765e348f5666990e2d8
6bc8568545c1b9f2a3c6ee7892cdef2ff0d5a75e7157559e0124c0aa5d2766d1
6ece497370b6fb6d408a84cae67dc24ae96d7b3464e46aef437b763fbb0348b6
6f8b2b91c0a7c18a0eafd67bcaa80fdb350695ecc4d866f71728c74a8f886598
6fecb89a29ee2bd397bb1bf58ecaa530a76f0654db71fadefd3cc70b0bc302bf
70cac5af8c6518f461619e1a96a8ee2e08f022683bca955d429abfa49652db7a
711b60d9fc0432c82dfdc3785366c3bfb2278a511d6fd772d9918390ddc4e642
71cfd0bf781e3f393bca283fc9d44777a2036985a4ffe9abedf14909e63a8aef
72240431a4500e77bdceda6f08efa1355b6a3c1e73dcf34a62d49b5d4e4e0de7
7358df789e70a213a5287a06574e2b1894ef96564c58142cf5c67611936609f5
73c084e1dc6a9a42ecba9e4107c3fbe171b23a6993f74db4fa3b3fddac992ba7
73d3b0665c9ba0323fbadb5cd70a07ec2fdd1a7b2e550709a93c2a51027cfa15
7538a0d2d49d8a0a799bb45763418866fdf94e5ed7dfde0b681ee1a7fc4b2b08
754c6880f51894787d9f03b28ad0e3d4859636129eeeb0a4600de7d10ba9163b
756ba962a88d78b29fe823e9b1ae3e1db64b3e777fb170d9a438588df4ddcad6
7590f6a2a361b6b574d8ee724439a131aecd6336d421f5b9e3610f0c6c0975c0
7599e0a5ce1ba2a12f036e998e19e60b6e982178e4363d4630ab3a91ca73bf62
768baa590e2ee9426373fc093573c4efb99a76db192592051578e2ad47d511a0
771676df0a22e07f73f7710292ec29b573ac81f5c107ae4d3527071d98343fd9
778be0a20b795b24796a8bc78cad7d23ccbcf35d20d68c761527d57486605aaa
77c4f0e931302d1c5d4af4a62100dc120f96b769fe8fe5f018ae21f99c6908e9
78c4775acc252edf88fccc6bc27a0dda23a3bf315026411a4ed052bffcc2787c
78c494f627e3b2e9caf4bd092dab298329ab49eba6cc059d3fc698d1077417a7
7906666c4bf0224aac51903ab6752c07179e5ac9b93d811ed6ed30689eeb0ef1
79174ee77b6396cce4fcb7cb25caa2eef27936e6d5dc920a88ea4dfe47e179cb
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a9054758a4808c97c188f5be469879eef19a2f7cbd9bb0e740cee3199a6c747
7adfac299561b9d5ab03c88e9d582cf76bd31746a4c0564d7d0d428199c943df
7ae58427fe287ffa5c653ae12133e35316bfc41766fe255e80b7a19bc43d5591
7b48a74fa0f94d83ae6d60c772f5e7aa66e7be1b63ccf223ca14e34d3d7b0d22
7e6d8425e323a908a2c90d047c45e0bc2073f86d2508c04908af805adbb34486
7f07d2473e618f397d51504108584d8e704b48cf948cea60309e7c5c7721a687
7f16dc7dcdb9178187f378daf1e34cf972d5b15b5002ab0b0a8dfd703844e1da
7fe77c30581bd46d966e9210fad4688336fa49fe7bf366bbbfef8eecea39cd4f
8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d
8163e7149db361ed14b7555bca382bdd8f5d1c6ee6d33f9434a83c2f0420cff2
819dcb4ae19b3c27e3374d9fa37ed58caaaaf3b897a9d80bf4046f3765da89f0
81bd0df77dc7440397ca51114b1c136b79eef20fd7c2e36e82ebec07f393d337
81d064926cee91fd88a624d7dea8c312dfd196dcab565b0495a08369a18cbafc
81fc1c1ca2aa23d5506d7e002e111e2ec455f7450c19707578f47b1c1d9c7f8f
822c116fa47de1d63672cbb1acc99bf2ea7e35ce7c498dc8e880e83e516e4ef4
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8382149949830c4a71cb4d1dc6d30676fd897b85872489c91e1b333d2b0692b4
8434a17ad06183830bb3d064f158ed2166f9d2032e698b3d5236c299dcf8d4a3
84b849d4439de89b697d9a824f5837d503b0df9d63ce31729e2cf96d26852c52
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
85bb7b589a04b78b76ebf311878c885c83a89856e59ebae4061a944d0ed2b9a8
8724e163f7c61a4290b6bf50e9a6680aba5f5eb7b14e21fef82b905f4b1127a1
876ed8d39144369bb5e9bc3bd83516efcc6fd763970926f6ef46485dc818c6d9
88ff1b3a2afaa564847b178f44070d289af530835fa4d1baa92ae482a08c160f
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a1b9a22e4927c75aaf0d707bb489739f4be27f502a1d5ffa4c8819f3bcae086
8aabf0113f8006f81da8b7164efce760ae81669f8c606f060cc2b375cc46728d
8b400107ca6b7f71beac6707606d13af2ee13a8f52451d076f612e161f978834
8bee60698904e2d7c6b1810a3fe619fe6f0500e8a32099a425f4ff2fcac49dac
8c0918c9505f3e9e1a402db8a8fd2134d799af574e639a3965a0a28ded8cc0b0
8c2767d370df3c0aa9bd8e5374930008ce2b65b44c88734dec1d4355de1afc8b
8c30014281fd459c5e888052f831312c821099f401fa63ad62ee6b4e8bf5f477
8c3010509fc7480b59413a90d69e9fafcb3d5aa202faf7862466f6bb8be1a335
8c67d47496a8af1f4c99a350ababf131661cf111a02460c5e9f6d9539db481c3
8c987a719729aa82c4a08540bf76cac86e2f5a1f8308d09a86a8d5e40a67e6d2
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d92888f97786ff2dbcd8bcc59145cff3c6872ccd3543f508cbdc3fbc87f4471
8db6e3c575dc902ed301e2881857692e57cf58e39aef9d08ba42fda30b5ccb2b
8e3e20ca112b01c60deb0b6c402991d3c456fb2508ab206b8e7cfb5304dc7879
8e8ae2ee446ec9ebd506e168f1abccdfdef8fcbdf4d7d35df50d4d35fe5263ad
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
8f6e1c5cf951a248d57f249395b07aeaaaff351fcc118d5ef0da05de5e642cb5
916a731948a8256dfdbf64295c028cf715b7efef269147fd1d35c11cac98e1c1
925ff22e8102a4cf1e8da410b3ebb080113af14ffe3696fa30759c739ea7c34b
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9343caf16ea460f4018323aa5bb980df9dfc65fa7059e8a2a3381d6f2efe1b95
937085b9310af935b47f756a6326f86351c9fa0066de9e313e8cd6623ca0f888
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
940d7a58531c070a01b7dbaec7a6772e890427ec91e6d4235efd5214d6548425
945e21405266956d0127e1166031702b0a30c6996d014a68fa0107d5a2e60b09
94cc218cdfe87dc4c784f1a3bc3097d102fbf5a1c58a07e42006ff3c7d2cf834
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
95b2d6fb2f2a0963f8f0747d2468674f04561a3a76fad3ac4d26233e5a03417b
95bd5b5dee2a2c169bd5cb212bd61511ca275fedd9f69b722ccdb8262e24d0e9
96281150fc4b153640ffd15f9ce9a133ee631aecb0f955cd67974e72af74ae64
96285d56ec02524ddf8a4d1a45a0a0afbd105282e56303275a0004c6c2fe0752
973351a8332ef14670e481d690b0e7d242a6b3c949fdcac75cb767068ee5241c
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98d8c1199a6b9cc2704321101b789ac19ff203961d9ff1668ee04d4d9224d9c1
98dc2fbe32b46dca7cca91570af0fcbb2f09d331ae236bd7c92585c84a7b1e3f
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a217ac70727c09f126d43089c261ea3d780f97fafcef709bace1ea27f42ff45
9a30bc832f9e95a6611f8642798e66637e5637b6b1f66ad48c2005f2d8dbe33b
9a5ae44d839cbf3b062f5dd29191a15cf0ba4d7683bfb2463a0d7f31c3145c6d
9a7e1baabdf40ac4f280d17a95f3798ebea8161a555d4ee1b698cc67cfc3a8e6
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b5482933146ef854dc6abdb4fe947ff1479d8e79f27d486bb9803bae120dae7
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034
9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134
9cbbe3aac8733766ef223705c40c8e65db3d2441d46334a5437237af1ca43abf
9cd17af00b58e83bcf70fa97448e21bc6def92af0c00dfa7349aeb3200c40b8a
9d07fb6a85f0cb749d620cbede61dad7e9965e6479036a410d8e4732707876b2
9d949f880c2bf4ba4269de2cbc96b926bdcbeec069bb3c84d4a2739b823b974b
9dd7f3509b0c04a53f7a60edd65fd4dafd9c5c8723ba3296de33dacb56e21ff2
9ed96d3023e9f7b4ec4992578c70790583f41d3dbcca81f6e3f6d73a4889ab84
9ef0267d5ec7e7ef7a525893a3fe2d6833c3a3810a12d45907c2017e9c45159a
9eff412c1198930f1d219490894e17733ccd8b992e9ddb7546971f783c00431e
9fa030bd8c5330c2e8e981e3449f052b5bdf950bf9bd955d93e0c02518805ca8
9fd1bc93f7212dbd99739cfd9fd1607fbfdf193efdd761bd7b8d82cb0877453f
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
9ff8115a8f6c859f92cb418452ea76522b583f1cc5bad5c93ff9fb290741acfc
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0c05348e5bb7e479ae1cfed18c64809700bae84d1d5f21667b8c088aa67b814
a1426eedf230cdba16b71e71df81e3eb8531706d79101883ea83face89abebba
a17854e578b5d293036c60bbad19647a50911232b844893802cf3da03f98059a
a229bc73c5e500f4398e2c6010f0fe3ac37ce33951e659a1c5d935c32f1b4d10
a3fdce8587c21fb3df135dc7761dd203b6883685d4f791045a673d7f1f59db47
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4dd1cd805b5b06bdd8d29fcbfefc39bf617dcb6c6cdccb9cca67d0b504cad8a
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a5cf82e81d6662bba84d2a3c1cacc20a609daba1b097c633ac0b56f0f2793cf0
a5e2f3ea6e601012859abbc5da7eef35d1cf45011a0275cd9a86dbd0f7fd4101
a610a6a0c31cde4c57235319e2d87775c6edce8a7f34481da6b4566bb7c07501
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a72d67ceee9fabb9f63fa3dea4b94ef32c1a2c3d22b7b653e4a0ff96bdb2a3a6
a76674ac30c78c1540d744665ed5ccef621d3ee9fd2fda70761b35fc5358fd96
a793fd23a65e3aab644ce22fe8d78afb22e1e1b1237de32265dad49d3fd9823f
a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01
a9b168a2a7b125d366fb25871096baff96192b60fb25e9dd524b0fe5399dca59
a9c57ee861a52608fb584a41d929b404f290e077cbb7b9df516aa491652d65b6
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa8e08269090ad710622a296f27968a3cd2f465ccec632429e822bc7f1278818
aaa022ea6fbc4948712d50850b2f4038de3a68541d87dccd5d1d8abe5ac622df
ac4a42477700e88184ef3ce714317abc76a40dd857d518e108a676dbe80300b8
acd67ad087fc6061dfdc4fb2c4ac89fb1cde0654225885b81a889dcbf75141d0
ad23a556ada04655067ae0040759f5ad6ee3fbd127a947082795327b2bb7337f
ad5f11dd00d48d6058bb7ab44edeb643ccb1c0ad2fc53703f3e898ef0229b681
adbd50d0835f016d0fc7236f10550879e0a0cad7c552904a74f60c3d2b73b42f
adf658e84a5dff1aaa7a5f3908143b92a9b807737af2a4de031755fe369e26a1
ae0f5662b237fd882a27992f48cb371a9e23549295d4b3c85aea0b1de5890938
aebfbd73cbd1afd26ec17543eac2676adec9ac54d8c4829b866fccbfe08644f9
aec372219e477fec213219a0d207b00d233b03cc0bc3e2af3840a67f571b9213
aed2024c0b547dfcf4693718aa6b73058c09bbc2ffb4608033cb1c5cffd2ac19
af9e84f083173346fb137783024b8cfa67eaeb1352bc96128c7ab489b31d51d4
afacfe6ca991f962d8d1b38354172fdf8d2c2a7761b07cf9fc7099c165f2e78c
affe42e5878cb6a6d888d239d3a3f211f395539eba2813a8bba74593dcc50107
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b0b194afde199899744b6db2211b80757e330a6df4d6e08174896ef70d5d11ad
b0b26fb8e1318f612e7bc978307f18fc79b93bc58e8b7311eed80de7b21e45ac
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b15adda52043ab41ba5663be05a91676db5ff3ad95e82dfafe7c5047eedc3f26
b16edd5668ea1f58ddfcfd7d2b4ae5fb7d3c99347cdf4a39de7304601c1fb98d
b2747aa72f214695477ed5e0e6e5db06d84a911e083a46eb7c7d01edb3fcb36e
b2b70ce5a2f2465de003e045f72fd3c665deb75e199d3dc1f3cac8b2330c550a
b32e876b78a07e1c74197c4de679ffadfd1034ee608c73792faf402c02599029
b38f3fd75de23296536e7e330c028000af88eb0f228959eb3b1d55920fd63af0
b3bac03a5bc56738777270044fbb3533821f7d05b1a754be455e684e39a5f1bc
b3ce4d571ae95da3a6fed686eb4bde7d0d54d5fa1f8913b29e08e82b403f81a3
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
b5b57158d599a1ae09543bddaf35fb04d29d3a858de1adc481cd3a8cc16bc873
b5f3bbe93348fab76879e3ab81573722f59275cac4ea155a61cc1c23d8e12491
b70e9c4d8ea372379c91a7a856c2b2e575ad5023f91328e82fddb43a96cb64e5
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b7e6db8dfe79e6581a5accc07438706f2ff043bc6f9cb4f61f549a4f5d0ee4e8
b87bb1163cd0e0d014117898793c9e359f9edafcfcbf263b1a81ec83f5ae91c3
b8b4261cf1bd8eaf8791a0af11a4a8de86121340c5d3c3cd42c13fd132d4922b
b958e0f47861dde13a175cc69494bdb54f08e2b5e78cecf6abd16470d2085257
b97b49ee323dbccf9a13f15fa3d93188d01681652d52b1ed40ad00c32dfb0513
b993a0e8f3f053b76d6b10a7ff52f78d56a68242e27cde6737af3bea128e1749
ba0e4777ade6e76d319d95ffe9cf484ea240834e319431ff6b0a2a09bd2e3107
ba42a9cd56b1f918a292886d48247f16072ae1efc2ca788a9091288d060c32fd
badbcf045249cc5d9eab597c09eac8e1e4cac6d32f71d0b73213411bec24040e
bafc057ab257c7b3b70c1d4a8ac9dea811b129932ebe197450560d4bfcb2eee4
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbc0bb3ee4ba3973f8abe9088c583feda6b51644e2256de9c22ad04b0ea30f78
bbf6000ae861eaaa745128dfb1d54a771fcb19d77ab2e07f8d089051c06cdcd5
bbf903684c94e204498e6645da2359da42517d09a3d9c330f43e9c66fa58b5b7
bc5cc57b97ed7090094720e46c1afec8dac7d1ae17db4c4648176078dcbe97f2
bccd94e403bfccf0a57a4cb856e41e48b7cc082c5a1e8f926ead341f4f673971
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bd53009baa81953a7b82428a4bd466c15dfadca2609b1915fa1a52afd4c03d30
bd65610919da8526de9e3bb65a1ef9414a83990e0c5e7c275392627e6a43bc63
bd88b201f70def5559b62fe89e32bec4d0b0ac706cf657a5251ae6f1711b0d06
be33c364e784f14ebca2c4a7caba16a3b32046c6f0dedc1f1caf0d05d280a9c4
bf339547b4ae515c03b4508c2587ce5efd13b9381f883ec0cd5ccb6f4438c7b9
bfd73655552ce0e5e0587417bf9d08a6b1df69a425a569862454e7f883273628
c0ad59f0282aaa7c2d10cd1fe948a7dcf079a9ae79d13e2a3951dc27525e60df
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7
c204fa2213c75a59ca23145d972a116ad271a68f2d8878070a0b8d0b12b6d98b
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391
c2c92cde33538b1187bedea3d0b6d5141e4222eba8092476339aa080cee759ac
c2cde34834b982a9deb57720370764bc7d37392b7b69309b24d355092f6d8cae
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c3c3128cba06257f8bacf1fd0c0d884f3bc765c815c21b5e1d672cf803460568
c4113ebc97841fdd4d6079742098c029077897bc029ae5e724a293fc1053a88c
c5e58768fe1836f437b39056aa5580722055dcafef4ce77b5333daa0f134a3f3
c5f572ed80485a43331f587039ef455ab7400d278434cdee0965a0fea35befcf
c6bc5755c6646844a8e300cac5bc87acc2306e4c4c4b80929a270c01b7708256
c7b335cd4f99f54a92a1d88d6548647d52d94a3ceaafd5b36fd1d0a88b63897e
c8303d94c22f8d08a2bbf554557afbb554161aa594d248b2c77286b1d3c98252
c83ae168153d6d218a83314b17dc5a145e5860f34f1fe9a2863a4b75d7aa5e88
c86554a8933a7bdf79a3d3ec72511c6091be0487cfef52a044214d68697dcff5
c89f3b1c6ad8974cf26df010fa1ccf7b475651adfe487f88f29da516acb6ee8e
c957adaf4326a8636ad68fc78acb194b96b34bbeba09daf6b36c74975ac37d21
c9cef747eb759ceb172aaaba4857e1f3a31c5894e7448dd79818ef717ec94bd2
c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed
ca00caa096b2a33320843576a1132c745df4c6aeae3cf74410e562d4a2ff7a5f
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
cc69cfc4dafc52b381c78e94b540956947b479478ff005b2b8fd8f15091fece8
cca23143ebf37532b958d2f5c4714d8e6c2a6da3434769a4503361cd69671f54
ccaac2a8b85879c92bbd73e67512e8e8ab0e719ad0163193081ea6abb20031cc
ccd4b7b0f1ec42c1de66868b52d5f571c70211ade3dd1ac1dc2487777bba880b
ccd674114f5bfac6da7d95223aeb8afc1468211b3f9c5db7b4abbc8f4fd8ebf4
cdc3dd5008414b00c1eafae79784703f8943b59025430b2c934c609bfe22891c
cf105a11e980fd6a1810ee3e340f707b21c47353fd7dd00401791678bf904381
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cff827c81126b56d0b40cfc60568c2d57c348199f5e438aa23dc0bee17b099c4
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d047924f28a6f7da65cccee885e334a961441c4b02f584286034114f8da8ea1a
d07480f1ea096e7c2ed85faa8ce7e5348ad4e7d67d888d5beff1ee907b703148
d0828341c0710f02e5a7400db548207eaf5e9220fea352fce5502ab3849e6a6f
d08a462cc6905c4b94c42daaad21ea311687b42726c59022912a614f2ffb564e
d0be3aa83c1b8be68b4c7fb1516e3700cc09303eacf88d315eca13f1605daf8d
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d131ac66c0b87aa62e440fe629175fc1ef348510e71a6c605242ad5e680575c4
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505
d30e9fe8c6581baecfae8f6f2ea1dce892f66a99554097d88655bcd792cea131
d49d25a875c1d1762e5ef7b96b771c64139c0aef85ce501c421e501242e1f98b
d5b616694f1262a8d042679be7f51e1b2a401bdd34329f6b72b164dd49cc4961
d5cdc58750167d7d4b95f6da1287723217f30edf895789d91d95e2bc565873f4
d62735077645cd3c421d34a4b49456bb9f1d0dbc3223e3a1f4f77428a65c6a4a
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
d851d82b509976a447ad00c9acd8604d49a1655937f5ef17b1c10ce27f19e98d
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
db12975962631f4072b35e95c67a12bf02290ae8d23e8caf46deac685bcb3930
db1981be22673e5790a92b01d69a58e44cde6da72e74dd655c8306ba550e48b0
dbe5b7ecbb1e59ac15de1b1ea340c9540f8d1cf1764c667aeca64a1fdd3b639c
dc94c296cb4803ab1e1a492dc553b3c487adf23247708330dce7b7f09d05609f
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd65833f02dc4f3993499ab953fc281a487c0162a043d687ec1823a9e7d3062c
dddf4638077ce5f0bca405063a219d921a39106985507d768c4eeb8859e1b1b1
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de8a3d37d025e9675adca4cd831093b5400c7b76a96a6863a781f7ec1862b3b6
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
df578fdb7cfa4868794f149c238af7d0173925c4090c0454a214ac6a3c7e2bc5
e0ba033e6cb25fa6e20186d6d8113cc3821028b7891c93eebe671b75f6eebc3f
e0c750b97759124bffe209a81cfb7a3aa05dd20ca1168314348cb865254f1ce2
e1b409240e0e8c2b231f6fb53cb8d6161f13c3c380c6e1cccf2eab57a8523b18
e2aae31334bcac08063fee99ef40adb322ad6a09ff2a0952fc9cc1cd2e523a69
e3aeeb9b76fb8242067c35d89b2a5281561e92a7c9a25239d630f818fe978a7d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b924a35823385fe5d1fbf922aa99d0e37d3aa5b08c30ed3517516e3515c6be
e5201d037f3fe8601635742a2349c32b57c0f088e1962f25307452db32a907bb
e57d7d6928fa7aecf78fc6ceccce1f518cfee8be09875e44fb1660b1367691df
e66a68b3981921066be641298688cbd8c9fe45ae59bab0fc3f6ce54b77c8f589
e68d4edfd3b5b56d6eed01e4eb7dbf84b09cbedf45b75e469efd0037d1f18e8e
e6d7cdc0e48a00ec3c1470d275f7ae086c3b20237d22ee648738b5ff27d34c11
e7e43dd04a274a58748ea704967748907767444d6a04c9abfe7fc84b1aabec9b
e7efcd6d780141149d6cfa70470b4518d2e4cbb421bc21d76df611f6b2969587
e89d2a2cf9ee12f1ea7af8c47450a484982bb1ab4d1c4e096624a6ae617d1c17
e93c41730f20fd857747def9273d960ec3e39cb2a711d805e59111af7d13b733
ea357f83d664cad122bc4aab4ab4d5e966972214a90544afb22706ed97b43653
eb0a28422de80a1127635064abbb693c00bb0199025346ab171840c99d1a18e9
eb27773dd227b67b4ab536a528d276c231e476d85bb8d609ee70694e25a3da8d
ebff6c0185f82da56ae24b05179c5c24dcc630c5002ce833e7f7f53eca8a0df8
ecc2a725e508d883ba357c285bee88d1765ba0672e36d85b1a38a7bcb49c5f00
ed33f38634e7d613e789f82e2bfa7f5a02d303ba5244b199e02057ce29ff7d2b
ee8686e5b72a3d816d62a607cd65e758e9c258ae8a2f941a5413dc6d2e64df13
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef7876a6a4b27b0dedf4357ed8516a92dc5d887ee6f3b77e790f919ac0c0a74a
f039e32c9e62cd2acc5bf02dec7282686e6f41be6b01bfa249f9590cda747cba
f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a
f15ab02c5171c6d22996ab19b4bdc00770fd7e65861d79d3135745fa03b1a7c2
f178859fa575ca6b65f4a221fec2c0f37194dbf8562a1c1f467151e08f38b110
f1d0e50c440571cffce4c7aea610d6cbee0f2a15f1058aef12b225e3e246e404
f22b62b3013e70a95dea269e3537500071d2de70839912ea420220d3fb04a8a0
f2340482e7f3f5c28febe39596266b4f7e2a91d39e57652b737f6c844ec0c552
f25b68cae995caaaaea17d890f255f8863419c6126a53322bb4469053acfc4c8
f27b4cdbd821100765224a52c7c8d544fa9fdd6d0aba21015eb66c11735e0989
f2bed8001d93323f2d479a68e37d7ab22675434fdd31e60ce603407716fff0a4
f3017b3f985322807ef10a31db7d60d1009a9a3d7a49da9cb996b5d220785704
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a
f326891bae89353b82409bdcc78870a18105d6894a6a45213377849fe799cb06
f33b318af6daf1ac1e6a7cea2758f883542c8c6378f02346fa9ce844747db6fd
f3742a76c1e6a72fc523661302c2d4bf56cdb5219d8ebcb8a8bef303eb72d17c
f38d2b53ab790811374bcf0ec602282cf4d9f94d39495cf7dd44001de6b401cc
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f44b5426e3273934f005eeff3ac530e79bc33bbe9f9ac046a393fc6e295b6d48
f4ede32d3a93f800a887100bba1f1b9de06a904fb84d4d2951f0f8538854d166
f4ef110f0003697ab6e2ed17072688e2e2530108fc9606930b7c5ec26aac54d6
f4fc114373da7e63fade04d84f7f1cfb5b31632246f33b10f3b7b275b85e6dd6
f52a25986db575f3b50734266b36cfe7d8e6889805d089e9963ae3b064aa7dc3
f53c80a725351dcb34aadc916fd1307993af19d79080c8902dba3f5725d56987
f54d8a75a5931e0089161aeab1724055e53d1b4e187911d764dd69ca19babbf1
f56805665729555fb5796e32adc67dd4902763af47f2e0c778e5f3c4d05882c4
f5dc5dc201adf9ef2ed311d17f97ce68093d851f74c6b8f410974bfcef99e109
f73e5da3c86a48d12d6c1712a2cd7a86fae5ac5892847fef6bd00e9597d2acf4
f7fc2ee49fb8128a69c38428e8c5609d9e51a83fbbdf782544d0f975b6a61d04
f826f59070a141c3599d0b89ee2683cb7bf9527dd350a227096f62f45f9144fa
f86a1105ed755e9ae9b75708a5b19d5c478212605b9f8d7c98796b451de18c63
f8bc24d4390c8efd649eed177cfd405db39e5d790e17a73c4b3e995ea0a40dcc
f8d6148b07b2251c53a2605a003b1d29babb8154c5abd0bde0f7e8a800f2dfd9
f94e678ac837b79270f596a071ab5cb73a9527606d3528c2bd7f4f0bb83855c2
fa34a2e5ec9044ed1dc5bf38ec8144a0dcdf4abf25476015a0c4f3b36fa55d01
fa4963a149a0053c40435d8c21ce786ab19ee89ab2594889b0d4c53bed2c68c5
fa7791fec913342ea73faacc4e2b72f72e264b8d305946ddd559384bf4d124a1
fabac3dd70ca2dc3fe76134e78cc621a9855872bd8e9274b977a6932c0adb3b9
fb332f6a286fb2a19310350891eb32de8291a4e7291fec8e62f985aef8f4a208
fb6bcf7d9261064812fe1b4d2b59b8c8ca52b7d0c522746ba9cec2dc01b3a7d4
fbd5c41305d123ecee69f661ccd6ac28a46a1bc242dddbf75306b5e59ac9db4a
fc33ea1cd5e782e1f281be9d85ef5ab2cd7f8effb98798e1f9015fd3f6a4eeb4
fc33f3f191b216e95a86146f0bc9afa4600c1c2d52ef3bf2ffd67b03c2a419a8
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
fd2879e3b0d373936b3a4f85f24bf5ae631ea76ec7c79b528b53bd4f3ea44de6
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb
fdf5974389a7888219f4128e059af26e59f2cfe4244aaefd58f00aa4e0d7b58b
fe4088fc7c2233f28df86d3acc33ba5d447c9086bb39848bdf3fb4656077cf9e
ff992f86e73074f88c82d1efc285ec8d1c3189925541f23d94b6cb5420d63e5d